F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual (V3.0)

F-ENGINE
S2200ME-B Carrier Ethernet Switch Command Line Interface Manual V2.9
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual
Product Version
V2.9
FiberHome Networks Co., Ltd. provides customers with comprehensive technical support and service. Please contact with our local office, customer care center or company headquarters by any means. FiberHome Networks Co., Ltd.
Address : 3rd floor, Optical Communication Building 5 DongXin Rd , Hongshan District, Wuhan, Hubei Province, P. R. China 430074 +86 27 87693659 +86 27 87693257 http://www.fhn.com.cn sale@fhn.com.cn
Postal code Tel Fax Website Email
: : : : :
Content
Content
Figure......................................................................................................... XIV Table............................................................................................................. XV Preface ...................................................................................................... XVI Safety Recommendation ...................................................................... XIX Chapter 1 Introduction ................................................................................. 1
1.1 switch configuration foundation ............................................................................ 1 1.2 CLI interface .......................................................................................................... 1
Chapter 2 Hardware platform&Softwre environment .............................. 4

2.1 Hardware platform ................................................................................................. 4 2.2 Software environment ............................................................................................ 4
Chapter 3 Switch configuration command ................................................. 5

3.1 common configuration command .......................................................................... 5 3.1.1 cd 6 3.1.2 clear logging history .................................................................................... 7 3.1.3 clock set ...................................................................................................... 8 3.1.4 cls ................................................................................................................ 8 3.1.5 configure ..................................................................................................... 9 3.1.6 copy SRCFILE DESTFILE ......................................................................... 9 3.1.7 copy startup-config running-config ........................................................... 10 3.1.8 dir .............................................................................................................. 10 3.1.9 end............................................................................................................. 11 3.1.10 erase startup-config ................................................................................. 12 3.1.11 exit .......................................................................................................... 12 3.1.12 help.......................................................................................................... 13 3.1.13 hostname WORD .................................................................................... 14 3.1.14 line console ............................................................................................. 15 3.1.15 line vty .................................................................................................... 15 I
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.1.16 3.1.17 3.1.18 3.1.19 3.1.20 3.1.21 3.1.22 3.1.23 3.1.24 3.1.25 3.1.26 3.1.27 3.1.28 3.1.29 3.1.30 3.1.31 3.1.32 3.1.33 3.1.34 3.1.35 3.1.36 3.1.37 3.1.38 3.1.39 3.1.40 3.1.41 3.1.42 3.1.43 3.1.44 3.1.45 3.1.46 3.1.47 3.1.48 3.1.49 3.1.50
Content
list............................................................................................................ 16 logging history [<0-7>] ........................................................................... 17 logging on ............................................................................................... 18 logging syslog [<0-7>] ............................................................................ 18 logging terminal [<0-7>] ......................................................................... 19 ls .............................................................................................................. 20 no line vty <1-10> ................................................................................... 21 ping ......................................................................................................... 21 pwd.......................................................................................................... 22 quit .......................................................................................................... 23 reboot ...................................................................................................... 23 remove FILE ........................................................................................... 24 rename OLD NEW .................................................................................. 24 show clock .............................................................................................. 25 show cpu statistic .................................................................................... 25 show history ............................................................................................ 26 show lines................................................................................................ 27 show logging ........................................................................................... 27 show logging history ............................................................................... 28 show logging history SUBSTRING ........................................................ 29 show logo ................................................................................................ 29 show management acl ............................................................................. 30 show memory statistic ............................................................................. 31 show running-config ............................................................................... 31 show startup-config ................................................................................. 35 show syslog ............................................................................................. 40 show version ........................................................................................... 40 syslog server ............................................................................................ 41 telnet........................................................................................................ 41 terminal length ........................................................................................ 42 terminal monitor ...................................................................................... 42 timeout .................................................................................................... 43 traceroute................................................................................................. 44 type FILE ................................................................................................ 44 upgrade (os|config) .................................................................................. 45 II
Content
3.1.51 who.......................................................................................................... 46 3.1.52 write file .................................................................................................. 46 3.1.53 zero FILE ................................................................................................ 47 3.2 IP configuration command ................................................................................... 47 3.2.1 gateway ..................................................................................................... 48 3.2.2 ip address .................................................................................................. 48 3.2.6 ip arp ......................................................................................................... 49 3.2.4 out-band ip address ................................................................................... 50 3.2.8 show system .............................................................................................. 50 3.3 FTP configuration command ............................................................................... 51 3.3.1 ftp get ........................................................................................................ 51 3.3.2 ftp put config ............................................................................................. 52 3.3.3 ftp put logging ........................................................................................... 52 3.4 SNMP configuration command ........................................................................... 53 3.4.1 snmp community NAME (ro|rw) [view VIEW-NAME] ........................... 53 3.4.2 snmp trap-server ........................................................................................ 54 3.4.3 snmp view VIEW-NAME OID-TREE (included | excluded ................. 55 3.4.4 snmp group................................................................................................ 55 3.4.5 snmp user .................................................................................................. 56 3.4.6 show memory snmp .................................................................................. 57 3.4.7 show snmp community ............................................................................. 57 3.4.8 show snmp trap-server .............................................................................. 58 3.4.9 show snmp group ...................................................................................... 58 3.4.10 show snmp user ....................................................................................... 59 3.4.11 show snmp view ...................................................................................... 60 3.5 system configuration command ........................................................................... 60 3.5.1 anti-attack .................................................................................................. 61 3.5.2 arp-request timer ....................................................................................... 62 3.5.3 config-file auto-save.................................................................................. 62 3.5.4 config-file auto-upload .............................................................................. 63 3.5.5 dot1q ingress-filter .................................................................................... 64 3.5.6 loop-check action ...................................................................................... 64 3.5.7 loop-check expire-time .............................................................................. 65 3.5.8 loop-check trap .......................................................................................... 66 3.5.9 mac aging-time .......................................................................................... 66 III
Content
3.5.10 mac learn-mode ....................................................................................... 67 3.5.11 management acl ....................................................................................... 67 3.5.12 management vlan .................................................................................... 68 3.5.13 no ip arp .................................................................................................. 68 3.5.14 show auto-config ..................................................................................... 69 3.5.15 show dynamic-mac.................................................................................. 70 3.5.16 show ip arp .............................................................................................. 70 3.5.17 show loop-check...................................................................................... 71 3.5.18 show management acl ............................................................................. 71 3.5.19 show system ............................................................................................ 72 3.5.20 username ................................................................................................. 73 3.5.21 zmodem get ............................................................................................. 73 3.5.22 zmodem put ............................................................................................. 74 3.5.23 bpdu tunnel mac (AA:BB:CC:DD:EE:FF) uplink-port <0-64> .............. 75 3.6 STP configuration command ............................................................................... 75 3.6.1 stp (enable|disable) .................................................................................... 77 3.6.2 stp alt-without-delay (enable|disable) ........................................................ 77 3.6.3 stp bpdu-protection (enable|disable) .......................................................... 78 3.6.4 stp config-name STRING.......................................................................... 79 3.6.5 stp forward-delay ...................................................................................... 79 3.6.6 stp hello-time............................................................................................. 80 3.6.7 stp max-age ............................................................................................... 80 3.6.8 stp max-hop ............................................................................................... 81 3.6.9 stp mode (stp|rstp|mstp) ............................................................................. 82 3.6.10 stp priority <0-61440> ............................................................................ 82 3.6.11 stp revision-lever <0-65535> .................................................................. 83 3.6.12 stp transmit-limit <1-255>> .................................................................... 84 3.6.13 stp vlan VLANLIST ................................................................................ 84 3.6.14 stp instance <1-15> ................................................................................. 85 3.6.15 stp instance <1-15> priority <0-61440> .................................................. 85 3.6.16 stp instance <1-15> vlan VLANLIST ..................................................... 86 3.6.17 stp compliance (dot1s|dot1d) ................................................................... 87 3.6.18 stp edge-port............................................................................................ 87 3.6.19 stp fast-agree ........................................................................................... 88 3.6.20 stp loop-protection .................................................................................. 89 IV
Content
3.6.21 stp loopback-check .................................................................................. 89 3.6.22 stp mcheck .............................................................................................. 90 3.6.23 stp pathcost.............................................................................................. 91 3.6.24 stp point-to-point ..................................................................................... 91 3.6.25 stp priority <0-240> ................................................................................ 92 3.6.26 stp root-protection ................................................................................... 93 3.6.27 stp instance <1-15> loop-protection ........................................................ 93 3.6.28 stp instance <1-15> priority <0-240> ...................................................... 94 3.6.29 stp instance <1-15> root-protection ........................................................ 95 3.6.30 show stp ................................................................................................... 95 3.6.31 show stp config ........................................................................................ 96 3.6.32 show stp information ................................................................................ 97 3.6.33 show stp interface .................................................................................... 97 3.6.34 show stp instance interface ...................................................................... 98 3.7 COS configuration command .............................................................................. 99 3.7.1 cos (enable|disable) ................................................................................... 99 3.7.2 cos priority <0-7> queue <0-3> ................................................................ 99 3.7.3 cos queue <0-3> weight <1-31>.............................................................. 100 3.7.4 cos queue mode (strict|weighted-round-robin|sp+wrr3|sp2+wrr2) .......... 101 3.7.5 show cos .................................................................................................. 101 3.8 VLAN configuration command ......................................................................... 102 3.8.1 admin-status (up|down) ........................................................................... 103 3.8.2 apply-as-pvid PORTLIST ....................................................................... 103 3.8.3 interface vlan ........................................................................................... 104 3.8.4 no vlan..................................................................................................... 105 3.8.5 member PORTLIST ................................................................................ 105 3.8.6 no member PORTLIST ........................................................................... 106 3.8.7 vlan description STRING ........................................................................ 106 3.8.8 vlan type (dynamic|static) ....................................................................... 107 3.8.9 vlan priority <0-7> .................................................................................. 108 3.8.10 show vlan .............................................................................................. 108 3.9 private VLAN configuration command ............................................................. 109 3.9.1 pvlan <1-64> ........................................................................................... 109 3.9.2 no pvlan <1-64> ...................................................................................... 110 3.9.3 isolate-ports PORTLIST ......................................................................... 110 V
Content
3.9.4 no isolate-ports ........................................................................................ 111 3.9.5 show pvlan .............................................................................................. 111 3.10 SGM configuration command ......................................................................... 112 3.10.1 sgm ........................................................................................................ 113 3.10.2 sgm (enable|disable) .............................................................................. 113 3.10.3 sgm discovery time (<1-300>|default) .................................................. 114 3.10.4 sgm discovery ttl (<1-255>|default) ...................................................... 114 3.10.5 sgm inband enable <1-4094> ................................................................ 115 3.10.6 sgm vlan (add|remove) VLAN-LIST .................................................... 115 3.10.7 [no] sgm member (AA.BB.CC.DD.EE.FF) ip....................................... 116 3.10.8 sgm (collect-map|release-map) .............................................................. 117 3.10.9 sgm addr-opt (enable|disable)................................................................ 117 3.10.10 sgm cluster ip-pool .............................................................................. 118 3.10.11 sgm cluster name WORD .................................................................... 119 3.10.12 sgm cluster password PASSWORD .................................................... 119 3.10.13 sgm ip-allocation (auto|manual) .......................................................... 120 3.10.14 sgm join-policy (auto|manual) ............................................................. 121 3.10.15 sgm map-collect time (<1-100>|default) ............................................. 121 3.10.16 sgm map-collect ttl (<1-100>|default) ................................................. 122 3.10.17 sgm member (AA.BB.CC.DD.EE.FF) ................................................ 123 3.10.18 sgm member (add|remove) (AA.BB.CC.DD.EE.FF) .......................... 123 3.10.19 sgm member handtime (<1-300>|default) ........................................... 124 3.10.20 sgm member holdtime (<1-300>|default) ............................................ 124 3.10.21 sgm role (independence|candidate|commander) .................................. 125 3.10.22 sgm trap (enable|disable) ..................................................................... 126 3.10.23 show sgm interface [<1-64>] .............................................................. 126 3.10.24 show sgm local .................................................................................... 127 3.10.25 show sgm neighbor ............................................................................. 129 3.11 interface configuration command .................................................................... 129 3.11.1 address-learning .................................................................................... 131 3.11.2 description STRING.............................................................................. 131 3.11.3 dot1q accept .......................................................................................... 132 3.11.4 duplex (half|full) speed (10|100|1000) ................................................... 132 3.11.5 duplex auto ............................................................................................ 133 3.11.6 egress mirror <0-64> ............................................................................. 133 VI
Content
3.11.7 flow-ctrl (enable|disable) ....................................................................... 134 3.11.8 ingress mirror <0-64> ........................................................................... 135 3.11.9 interface (ethernet|trunk) ....................................................................... 135 3.11.10 join trunk ............................................................................................. 136 3.11.11 join vlan .............................................................................................. 136 3.11.12 link-trap (enable|disable) ..................................................................... 137 3.11.13 loop-check (enable|disable|re-check) ................................................... 137 3.11.14 loop-check vlan <1-4094> .................................................................. 138 3.11.15 member PORTLIST ............................................................................ 139 3.11.16 no member PORTLIST ....................................................................... 139 3.11.17 packet-limit ......................................................................................... 140 3.11.18 priority................................................................................................. 141 3.11.19 pvid ..................................................................................................... 141 3.11.20 quit trunk ............................................................................................. 142 3.11.21 quit vlan .............................................................................................. 142 3.11.22 rate-limit .............................................................................................. 143 3.11.23 security-mac (add|delete) (AA.BB.CC.DD.EE.FF) ............................. 143 3.11.24 security-mac (enable|disable) .............................................................. 144 3.11.25 shutdown ............................................................................................. 145 3.11.26 no shutdown ........................................................................................ 145 3.11.27 static-mac (add|delete) ......................................................................... 146 3.11.28 trunk-dis-policy ................................................................................... 146 3.11.29 user-limit number ................................................................................ 147 3.11.30 power (down|up) .................................................................................. 148 3.11.31 show interface ..................................................................................... 148 3.11.32 show interface distance ....................................................................... 150 3.11.33 show interface dynamic-mac ............................................................... 150 3.11.34 show interface loop-check ................................................................... 151 3.11.35 show interface security-mac ................................................................ 152 3.11.36 show interface static-mac .................................................................... 153 3.11.37 show interface statistics ....................................................................... 154 3.11.38 show interface user-limit ..................................................................... 155 3.11.39 show trunk ........................................................................................... 156 3.12 IGMP Snooping configuration command ........................................................ 156 3.12.1 igmp-snooping (enable|disable)............................................................. 157 VII
Content
3.12.2 igmp-snooping aging ............................................................................. 157 3.12.3 igmp-snooping drop-filtered.................................................................. 158 3.12.4 igmp-snooping fast-leave ...................................................................... 159 3.12.5 igmp-snooping proxy (enable|disable) .................................................. 159 3.12.6 igmp-snooping proxy igmpv3-support .................................................. 160 3.12.7 igmp-snooping proxy vlan .................................................................... 160 3.12.8 igmp-snooping query-send add ............................................................. 161 3.12.9 igmp-snooping query-send del .............................................................. 162 3.12.10 show igmp-snooping ........................................................................... 162 3.12.11 show igmp-snooping egressport-table ................................................. 163 3.13 ESR instance configuration command ............................................................ 164 3.13.1 esr (disable|enable) ................................................................................ 164 3.13.2 esr <0-5> (disable|enable) ..................................................................... 165 3.13.3 esr <0-5> ctrl-vlan ................................................................................. 166 3.13.4 esr <0-5> failed-time ............................................................................. 166 3.13.5 esr <0-5> hello-time .............................................................................. 167 3.13.6 esr <0-5> mode (master|transit) ............................................................ 167 3.13.7 esr <0-5> name...................................................................................... 168 3.13.8 esr <0-5> primary-port .......................................................................... 169 3.13.9 esr <0-5> primary-port trunk................................................................. 169 3.13.10 esr <0-5> secondary-port .................................................................... 170 3.13.11 esr <0-5> secondary-port trunk ........................................................... 170 3.13.12 show esr .............................................................................................. 171 3.13.13 show esr instance................................................................................. 171 3.14 RADIUS configuration command ................................................................... 172 3.14.1 radius (enable| disable) .......................................................................... 173 3.14.2 radius <1-10> name............................................................................... 173 3.14.3 radius <1-10> response-time ................................................................. 174 3.14.4 radius <1-10> retransmit ....................................................................... 174 3.14.5 radius <1-10> secret .............................................................................. 175 3.14.6 radius <1-10> server-acc-port ............................................................... 175 3.14.7 radius <1-10> server-address ................................................................ 176 3.14.8 radius <1-10> server-auth-port.............................................................. 177 3.14.9 radius <1-10> status .............................................................................. 177 3.14.10 radius <1-10> type .............................................................................. 178 VIII
Content
3.14.11 aaa login radius-server NAME ............................................................ 178 3.14.12 show radius server <1-10> .................................................................. 179 3.15 Double-tag protocol configuration command .................................................. 180 3.15.1 dtag (enable|disable) .............................................................................. 180 3.15.2 dtag protocol <0-65536> ...................................................................... 181 3.15.3 dtag dot1q (enable|disable) .................................................................... 181 3.15.4 dtag flexible (enable|disable)................................................................. 182 3.15.5 dtag flexible inner <1-4094> outer <1-4094> ...................................... 183 3.15.6 show dtag ............................................................................................. 183 3.15.7 show interface dtag ............................................................................... 184 3.15.8 show interface dtag flexible ................................................................. 184 3.16 IGMP-FILTER configuration command .......................................................... 185 3.16.1 apply-to-ports PORTLIST..................................................................... 185 3.16.2 apply-to-ports none ............................................................................... 186 3.16.3 igmp-filter <1-26>................................................................................. 187 3.16.4 no igmp-filter <1-26>............................................................................ 187 3.16.5 igmp-filter <1-26> (enable|disable) ....................................................... 188 3.16.6 rule <1-10> (permit|deny) (A.B.C.D) (A.B.C.D) .................................. 188 3.16.7 rule <1-10> (permit|deny) (AA:BB:CC:DD:EE:FF) .............................. 189 3.16.8 no rule <1-10>....................................................................................... 190 3.16.9 rule <1-10> preview ............................................................................... 190 3.16.10 show igmp-filter .................................................................................. 191 3.16.11 show igmp-filter <1-26> ..................................................................... 192 3.16.12 show igmp-filter preview user ............................................................. 192 3.17 DHCP configuration command ........................................................................ 193 3.17.1 dhcp relay (enable|disable) .................................................................... 193 3.17.2 dhcp relay server-ip (A.B.C.D) ............................................................. 194 3.17.3 show dhcp ............................................................................................. 194 3.18 SNTP configuration command.......................................................................... 195 3.18.1 sntp (client|none) ................................................................................... 195 3.18.2 sntp peer ip-address ............................................................................... 196 3.18.3 sntp time-offset (plus|minus) <0-86400> .............................................. 196 3.18.4 show sntp .............................................................................................. 197 3.19 SPNM configuration command ....................................................................... 197 3.19.1 spnm (enable|disable) ............................................................................ 198 IX
Content
3.19.2 spnm community ................................................................................... 198 3.19.3 spnm password ...................................................................................... 199 3.19.4 spnm send-access-mac .......................................................................... 199 3.19.5 spnm server-ip ....................................................................................... 200 3.19.6 spnm access-port ................................................................................... 200 3.19.7 show spnm access-ports ........................................................................ 201 3.19.8 show spnm information ......................................................................... 202 3.20 interface batch-disposal configuration command ............................................ 202 3.20.1 port <1-26> description ......................................................................... 203 3.20.2 port PORTLIST dot1q accept (all|tagged-only) .................................... 204 3.20.3 port PORTLIST dot1x (enable|disable) ................................................. 205 3.20.4 port PORTLIST dot1x authenticator max-user ..................................... 205 3.20.5 port PORTLIST dot1x authenticator quiet-timeout <1-120> ................ 206 3.20.6 port PORTLIST dot1x authenticator quiet-timeout default ................... 206 3.20.7 port PORTLIST dot1x authenticator radius-server NAME ................... 207 3.20.8 port PORTLIST dot1x authenticator radius-server default ................... 208 3.20.9 port PORTLIST dot1x authenticator reauthenticate-period .................. 208 3.21.10 port PORTLIST dot1x authenticator reauthenticate-period default..... 209 3.20.11 port PORTLIST dot1x reauthenticate disable ..................................... 209 3.20.12 port PORTLIST dot1x reauthenticate enable ...................................... 210 3.20.13 port PORTLIST dtag (enable|disable) ................................................. 210 3.20.14 port PORTLIST dtag dot1q (enable|disable) ....................................... 211 3.20.15 port PORTLIST duplex (half|full) speed (10|100|1000) ...................... 212 3.20.16 port PORTLIST duplex auto ............................................................... 212 3.20.17 port PORTLIST flow-ctrl (enable|disable) .......................................... 213 3.20.18 port PORTLIST igmp-filter <1-100> (enable|disable) ........................ 213 3.20.19 port PORTLIST join trunk .................................................................. 214 3.20.20 port PORTLIST link-trap (enable|disable) .......................................... 215 3.20.21 port PORTLIST loop-check (enable|disable|re-check) ........................ 215 3.20.22 port PORTLIST loop-check vlan ........................................................ 216 3.20.23 port PORTLIST no-shutdown ............................................................. 217 3.20.24 port PORTLIST packet-limit ............................................................... 217 3.20.25 port PORTLIST priority ...................................................................... 218 3.20.26 port PORTLIST pvid ........................................................................... 219 3.20.27 port PORTLIST quit trunk .................................................................. 219 X
Content
3.20.28 port PORTLIST rate-limit rx ............................................................... 220 3.20.29 port PORTLIST rate-limit tx ............................................................... 220 3.20.30 port PORTLIST rstp priority ............................................................... 221 3.20.31 port PORTLIST security-mac (enable|disable) ................................... 221 3.20.32 port PORTLIST spnm access-port (enable|disable) ............................ 222 3.20.33 port PORTLIST stp (enable|disable) ................................................... 223 3.20.34 port PORTLIST stp priority ................................................................ 223 3.20.35 port PORTLIST user-limit number ..................................................... 224 3.20.36 port PORTLIST sgm (enable|disable) ................................................. 225 3.20.37 port PORTLIST sgm discovery time (<1-300>|default) ...................... 225 3.20.38 port PORTLIST sgm discovery ttl (<1-255>|default) ......................... 226 3.20.39 port PORTLIST sgm inband enable <1-4094> ................................... 226 3.20.40 port PORTLIST sgm vlan (add|remove) VLAN-LIST ......................... 227 3.21 anti-arp attack configuration command ........................................................... 227 3.21.1 anti-arp (enable|disable) ........................................................................ 228 3.21.2 anti-arp trust ip (A.B.C.D) .................................................................... 228 3.21.3 anti-arp trust ip (A.B.C.D) mac (AA.BB.CC.DD.EE.FF) ..................... 229 3.21.4 no anti-arp trust ip ................................................................................. 229 3.21.5 no anti-arp trust ip (A.B.C.D)................................................................ 230 3.21.6 show anti-arp ......................................................................................... 230 3.22 VLAN transmission configuration command .................................................. 231 3.22.1 translation-vlan <1-4094> <1-4094> mapped <1-4094> ...................... 231 3.22.2 join translation-vlan VLANLIST uplink <1-64> .................................. 232 3.22.3 translation-vlan nto1 (enable|disable) .................................................... 232 .22.4 show translation-vlan mapped .................................................................. 233 3.22.5 show interface translation-vlan .............................................................. 233 3.23 ACL configuration command .......................................................................... 234 3.23.1 match access-list ACLLIST .................................................................. 234 3.23.2 description ............................................................................................. 235 3.23.3 rule <1-1024> mac ................................................................................ 235 3. 23.4 rule <1-1024> l2type ............................................................................ 236 3. 23.5 rule <1-1024> vlan ............................................................................... 237 3. 23.6 rule <1-1024> ttl .................................................................................. 237 3. 23.7 rule <1-1024> tos ................................................................................. 238 3. 23.8 rule <1-1024> ip................................................................................... 238 XI
Content
3. 23.9 rule <1-1024> icmp .............................................................................. 239 3. 23.10 rule <1-1024> tcp/udp ........................................................................ 240 3. 23.11 rule <1-1024> action (permit|deny) .................................................... 241 3. 23.12 rule <1-1024> action cos change ........................................................ 242 3. 23.13 rule <1-1024> action cos new <0-7>.................................................. 243 3. 23.14 rule <1-1024> action tos <0-7> .......................................................... 243 3. 23.15 rule <1-1024> action dscp DSCP ....................................................... 244 3. 23.16 rule <1-1024> action trapcpu (only|forward) ..................................... 244 3. 23.17 rule <1-1024> action ratelimit <64-1000000> ................................... 245 3. 23.18 rule <1-1024> action (mirror|redirect) <1-64> ................................... 246 3. 23.19 rule <1-1024> action sendqueue <0-7>.............................................. 246 3. 23.20 no rule <1-1024> ................................................................................ 247 3. 23.21 no rule <1-1024> action ..................................................................... 248 3. 23.22 match access-list <1-399> .................................................................. 248 3. 23.23 show access-list [<1-399>]................................................................. 249 3. 23.24 show access-list port [<1-64>] ........................................................... 249 3. 23.25 rule <1-1024> arp............................................................................... 250 3.24 802.1X configuration command ...................................................................... 251 3.24.1 dot1x (enable|disable) ........................................................................... 252 3.24.2 dot1x authenticator link-mode............................................................... 252 3.24.3 dot1x authenticator logical-port ............................................................ 253 3.24.4 dot1x authenticator max-request ........................................................... 253 3.24.5 dot1x authenticator supplicant-timeout ................................................. 254 3.24.6 dot1x authenticator txwhen-timeout ...................................................... 255 3.24.7 dot1x authenticator max-user ................................................................ 255 3.24.8 dot1x authenticator quiet-timeout.......................................................... 256 3.24.9 dot1x authenticator radius-server .......................................................... 256 3.24.10 dot1x authenticator reauthenticate-Period ........................................... 257 3.24.11 dot1x reauthenticate ............................................................................ 258 3.24.12 dot1x user <0-63> USERNAME password PASSWORD .................. 258 3.24.13 dot1x user <0-63> bind-to mac AA:BB:CC:DD:EE:FF...................... 259 3.24.14 dot1x user <0-63> bind-to port <1-64> ............................................... 259 3.24.15 dot1x user <0-63> max-time <1-100> ................................................. 260 3.24.16 dot1x user lock .................................................................................... 261 3.24.17 dot1x user lock fail-times .................................................................... 261 XII
Content
3.24.18 dot1x user lock trap ............................................................................. 262 3.24.19 no dot1x authenticator user all ............................................................. 262 3.24.20 no dot1x interface <1-64> user ........................................................... 263 3.24.21 show dot1x authenticator user .............................................................. 263 3.24.22 show dot1x interface ............................................................................ 264 3.24.23 show dot1x user.................................................................................... 264 3.25 DHCP-SNOOP configuration command ......................................................... 265 3.25.1 dhcp-snoop (enable|disable) .................................................................. 265 3.25.2 dhcp-snoop option82 (enable|disable) ................................................... 266 3.25.3 dhcp-snoop (trust|untrust)...................................................................... 266 3.25.4 show dhcp-snoop trust........................................................................... 267 3.25.5 show dhcp-snoop interface .................................................................... 267 3.25.6 show dhcp-snoop interface binding ....................................................... 268 3.26 RLINK configuration command ...................................................................... 269 3.26.1 rlink <1-16> protect-vlan ...................................................................... 269 3.26.2 join rlink <1-16> (master|slave|uplink|downlink) ................................. 269 3.26.3 show rlink config................................................................................... 270 3.26.4 show rlink interface ............................................................................... 270
Chapter 4 Command switch configure member switch ......................... 272
XIII
Figure
Figure
Figure 1-1 create local configuration environment via Console .................................. 1
XIV
Table
Table
Table 1-1 command mode and function feature ........................................................... 2
XV
Preface
Preface
Version
V2.9
Notice
The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document don't constitute the warranty of any kind, express or implied.
Content introduction
This manual introduces F-Engine S2200ME-B intellectual network management Ethernet switch functional configuration and Related Command, meanwhile, give verbose description for default configuration. Command Line Interface is a part of network product management platform by Wuhan Fiberhome Networks, also a part of ROS-Switch Operation System by Wuhan Fiberhome Networks. It has several obvious features as below: Provide Console configuration mode, make user configure device at local place; Powerful online help, user can get command help at any time; Flexible matchable capability, intelligently makeup command, and give user related command. This manual is constituted by the following part:
XVI
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Chapter Chapter 1 Title Introduction Hardware platform&software environment Switch configuration command Command switch configure member switch
Preface Description Introduce S2200ME-B series switchs configuration base and CLI interface Give S2200ME-B series switch hardware platform and software environment Introduce S2200ME-B series switch system configuration command Configure member switch by introducing CLI
Chapter 2 Chapter 3 Chapter 4
Symbols
Symbol Description This symbol means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents. Use the statement number provided at the end of each warning to locate its translation in the translated safety warnings that accompanied this device. This symbol means reader be extremely careful during the operation. This symbol means a complementary description.
Warning, Danger
Caution, Notice Note
Intended Audience
The manual is intended for the following readers: Network engineers Network administrators Customers who are familiar with network fundamentals
You must read this manual carefully in case of equipment impairment and bodily injury caused by any maloperations. Notice:
XVII
Preface
Environmental Protection
This product has been designed to comply with the requirements on environmental protection. For the proper storage, use and disposal of this product, national laws and regulations must be observed.
XVIII
Safety Recommendation
Safety Recommendation
Before install this product, please read this manual carefully to avoid error operation. S2200ME-B emits invisible laser radiation. During installation and maintenance of this product, it is strictly prohibited to direct the output facet of optical fiber or fiber connector that connects to optical fiber transceiver output port toward human body so as to avoid damaging human eye and skin. S2200ME-B contains presition optical devices. In order to prevent equipment from damage caused by heavy impact, acute viberation and collision must be avoided. Before connecting output port of fiber transeiver to optical connector, please switch off the equipment power first. S2200ME-B contains electrostatic-sensitive devices, users are requested not to dismantle or disassemble the equipment or do maintanance work by himself/themselves. In case necessary to do so, it must be proceeded under the guidance of technical personnel of FiberHome Networks Co., Ltd following antielectrostatic discharge procedure. Should you have any question or problem, please contact Wuhan FiberHome Networks Co., Ltd, and do not dismantle the equipment yourself, which would otherwise lead to unrecoverable damage to equipment. Unauthorized dismantling of equipment will deemed by Wuhan FiberHome Networks Co., Ltd as automatic renunciation of repairing right.
This product is strictly conforming to IEEE 802.3-1998 and Q/WRI 5012-2001.
XIX
Chapter 1 Introduction
1.1 switch configuration foundation Configuration environment:
Figure 1-1 create local configuration environment via Console Step one: As fig1.1 said, establish local configuration environment through the console port of computer connecting to the S2200ME-B console port. Step two: running emulator on computerTerminal device parameter is 9600bpseight data bitone stop bitno checksum and no flow control, terminal device type is VT100, binary transport protocol is CRC. Step three: when the S2200ME-B is first electrify, automatically execute setup command. It wills automatically startup in default style until the user can see F-Engine. Step four: typing commandconfigure the switch or show the running status of the switch. Typing when needing help.
CLI description: S2200ME-B series switch CLI is using user name and password for logging on. There are total three users groups: administrators, users and guests, different usrs name belong to different users group, which has different authority for different administration. The user belonging to administrator is the super user who has total authority for device management; The user belonging to users is common user with general authority for function inquiry and configuration administration; The users belonging to guests is common guest with the only authority for general function inquiry but they can not configure and manage the device. After the system is started, one user will be formed as default, that is admin, respectively belong to the group administrator, the default password is 12345, user can add other administrating user according to the requirement, the default password should be modified by yourself after logging on, then save new password. 1.2 CLI interface S2200ME series switch provides command line interface for user. This interface 1
includes a series of configuration command. User can use these commands to config and manage the switch .The command line interface has following characters: local configuration through Console port; Hierarchical protection for configuration command. In order to prevent the access of user who has no right. Only privilege user can configure the MC; The user can use ? to get online help. Providing network-testing tool such as Ping, which can help user test the ability of access of the network. Provide abundant and concrete debugging information to diagnose network fault.
In order to make the management convenient for user, we divide the commands into several groups. Each group is corresponding to a command mode. We can switch in different mode by using commands. Normally, one command can use in a special mode. But some commands (help, list, exit, end) can use in all modes. All command modes and function characteristics are shown in Table 1-1. Command mode Privileged user mode Table 1-1 command mode and function feature Enter Function Prompt command Check all operation status and statistic information to implement management of files and system. Config global parameter for switch Configure system parameter for switch Configure terminal Fengine# Establish connection with device then enter
Exit command Exit can exit, and need to input user name and password again. press exit to return privileged user mode Enter Exit/quit to return global configure mode Press exit to return global configure mode Press exitto return configure mode
Global configure mode System configure mode Terminal confighure mode Interface configure mode
Fengine (config)# Fengine(confi g-system)#
press config under privileged mode Press system under global mode press line vty under global mode press interface ethernet N1 or interface trunk
Fengine(confi g-line)# Fengine(confi g-eth-N1)#
Configure interface parameter (N1: interface
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual No.), including single Ethernet interface or aggregation interface Switch VLAN configuration (N1: vlan NO.) Configure of Switch Group management Configure of switch STP Configure of switch Cos Configure of Switch ESR Configure of switch IGMP Snooping Configure of switch Igmp filtering (N1 Igmp-filter No.) Configure of switch radius Configure of switch IGMP Snooping Configure of switch spnm Fengine(confi g-trunk-N1)# N1 under global mode
VLAN configurati on mode SGM configurati on mode STP configurati on mode COS configurati on mode ESR configurati on Igmpsnooping configurati on mode Igmp-filter configure mode RADIUS configure mode Igmpsnooping configurati on mode SPNM configurati on mode
Fengine(confi g-vlan- N1)# Fengine(confi g-sgm)# Fengine(confi g-stp)# Fengine(confi g-cos)# Fengine (config-esr)# Fengine(confi g-igmpsnooping)# Fengine(confi g-igmp-filter N1)# Fengine(confi g-radius)# Fengine(confi g-igmpsnooping)# Fengine(con fig-spnm)#
Press interface vlan N1 under global mode press sgm under global mode Press stp under global mode Enter cos under global mode Enter esr under global mode Enter igmpsnooping under global mode Enter igmpfilter N1 under global mode Enter radius under global mode Enter igmpsnooping under global mode Enter spnm under global mode
Press exit to return global mode press exit to return global configure mode Enter exit to return global configure mode Enter exit to return global configure mode Enter exitto return global configure mode Enter exitto return global configure mode Enter exit to return global configure mode Enter exitto return global configure mode Enter exitto return global configure mode Enter exitto return global configure mode
Chapter 2 Hardware platform &Software environment
Chapter 2 Hardware platform&Softwre environment

2.1 Hardware platform The hardware platform of CLI is common computer or server. The system memory should be more than 64M. The memory of 128M is recommended. For PC server platform, Ethernet card is needed (for remote management).
2.2 Software environment The OS of CLI is MS Windows. The application program is super terminal.
Chapter 3 configuration command
Chapter 3 Switch configuration command

3.1 common configuration command CLI common configuration command is including: cd clear logging clock set cls configure copy SRCFILE DESTFILE copy startup-config running-config dir end erase startup-config exit help hostname WORD line console line vty list logging history [<0-7>] logging on logging syslog [<0-7>] logging terminal [<0-7>] logout ls no line vty ping pwd quit reboot 5
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual remove FILE rename OLD NEW show clock show cpu statistic show history show lines show logging show logging history show logging history SUBSTRING show logo show management acl show memory statistic show running-config show startup-config show syslog show version syslog server telnet terminal length terminal monitor timeout traceroute type FILE upgrade (os|config) who write file zero FILE
3.1.1 cd Switch under different directory in the system. 6
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Command Form cd cd DIR Parameter DIRfile path Node Mode privileged user mode Default Return to file system root directory
Using Guide Use this command to switch among directory. If command cd has no parameter then return file system root directory. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#cd %Current Directory is "Ram:/flash/". Fengine# Relevant Command lsdir 3.1.2 clear logging history Clear system log history Command Form clear logging history Parameter None Node Mode global configuration mode Default None Using Guide In order to ensure the old system log file not to be deleted automatically, we should clear the log periodically. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# clear logging history The command above is to clear system log. 7
Relevant Command logging onshow logging historylogging terminal 3.1.3 clock set Command Form clock set HH:MM:SS <1-31> <1-12> <2000-2100> Parameter HHhour MMminute SSsecond <1-31>day <1-12>month <2000-2100>year Command Mode privileged user mode Default None Using Guide Use this command to set current time for the device. Example Fengine#clock set 14:28:30 28 4 2006 Fengine# Relevant Command show clock 3.1.4 cls Clear the screen. Command Form cls Parameter None Node Mode privileged user modeglobal configuration modesystem configuration mode Default None Using Guide Clear the screen. 8
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Applicable Device S2200ME-B SERIES SWITCH Example Fengine#cls Relevant Command None 3.1.5 configure
Enter global configuration mode from privileged user mode Command Form configure Parameter None Node Mode privileged user mode Default None Using Guide Enter global configuration mode from privileged user mode, implement all system configuration command. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#configure %Enter configuration commands.End with Ctrl+Z or command "quit" & "end" Fengine(config)# Relevant Command end 3.1.6 copy SRCFILE DESTFILE Copy one file to another file. Command Form copy SRCFILE DESTFILE Parameter SRCFILEsource file DESTFILEdestination file Node Mode 9
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual privileged user mode Default None Using Guide Copy file from source file to destination file Applicable Device S2200ME-B SERIES SWITCH Example Fengine#copy aaa bbb Fengine# Relevant Command None 3.1.7 copy startup-config running-config Copy config-file into current configuration Command Form copy startup-config running-config Parameter None Node Mode global configuration mode Default None
Using Guide This command is to copy config-file into current configuration after user configured the device. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#copy startup-config running-config This will update current device configuration. Are you sure?[y/n] It will take a few minutes,please waiting..... [OK] Fengine(config)# Relevant Command show running-config 3.1.8 dir 10
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Show file system Command Form dir dir DIR Parameter DIRdirection Node Mode privileged user mode Default None Using Guide Show file system Applicable Device S2200ME-B SERIES SWITCH Example Fengine#dir size date time name ------------- ------ -------11387 JAN-01-2000 00:01:16 startcfg 1 files, total space: 11387 bytes 0 directorys,available space: 2011136 bytes. Fengine# Relevant Command ls 3.1.9 end Exit to current node, return Privileged user mode node. Command Form end Parameter None
Node Mode global configuration modesystem configuration mode Default None Using Guide The different between End and Exit: no matter in what mode, End is to exit to Privileged user mode, but Exit is to exit to superior mode. 11
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-sgm)#end Fengine# Relevant Command exitquit 3.1.10 erase startup-config Erase switch config-file Command Form erase startup-config Parameter None Node Mode global configuration mode Default None
Using Guide This command is to erase config-file saved in flash, but former config is still valid in the system, if need to restore the system to the delivery default, you should erase config-file in the flash and reboot the device. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#erase startup-config This will erase the configuration in the flash memory. Are you sure?(y/n) [y] Erasing configuration....... [OK] Fengine(config)# Relevant Command write fileshow startup-config 3.1.11 exit User use command exit to exit from current mode to superior mode, for privileged user mode, exit the configuration. Command Form exit 12
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Parameter None
Node Mode All nodes (privileged user modeglobal configuration modesystem configuration mode, interface configuration modeVLANconfiguration mode, terminal configuration mode, ESRconfiguration mode, Igmpsnoopingconfiguration mode, SGMconfiguration mode, STPconfiguration modeCOSconfiguration mode). Default None Using Guide All Command Mode is classified into three grades from lower to higher:
Privileged user mode global configuration mode system configuration modeVLAN configuration mode terminal configuration mode, ESR configuration modeIgmp-snooping configuration modeSGM configuration modeSTP configuration modeinterface configuration modeCOS configuration mode. execute command exit to return from higher level Command Mode to lower command mode. same level mode can be mutual-switched. User can enter CTRL+Z or end from two higher command mode to Privileged user mode.
Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#exit Fengine # Relevant Command configure 3.1.12 help Use help to display system help information Command Form help Parameter None Node Mode All nodes: privileged user modeglobal configuration modesystem configuration modeSGMconfiguration modeSTPconfiguration mode 13
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Default None
Using Guide Provides online help at any point. And the help command shows the information about the whole help system, including full help and partial help. You can enter a question mark ? to obtain online help. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#help When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. Two styles of help are provided: 1. Full help is available when you are ready to enter a command argument (e.g. 'show ?') and describes each possible argument. 2. Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input (e.g. 'show me?'.) Fengine# Relevant Command ?list [KEYWORD] 3.1.13 hostname WORD Configure switch system name Command Form hostname WORD no hostname Parameter WORDdomain name Node Mode global configuration mode Default Fenginedepend on switch type Using Guide Use this command to set device system name which is easy for remember and recognize, NO form of this command is to restore it to be default domain name Fengine. Notes: no blank between system name, otherwise, only the character before the first blank is effective, if the name is rather complex (for example: wuhan test road number 1, it can be written as wuhan_test_road_number_1) 14
Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#hostname HostA HostA (config)# Relevant Command None 3.1.14 line console User can enter serial terminal configuration mode with line console. Command Form line console [<1-1>] Parameter [<1-1>]the console terminal number Node Mode global configuration mode Default None Using Guide User can configure console terminal under terminal configuration mode. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#line console 1 Fengine(config-line)# The above command is to configure concole port. Relevant Command line vty 3.1.15 line vty User can enter virtual terminal with line vty (that is telnet connection) configuration mode. Command Form line vty <1-10> line vty <1-10> <1-10> no line vty <1-10> Parameter First <1-10>: the beginning terminal No. which is to be configured 15
Second<1-10>: the ending terminal No. which is to be configured Node Mode global configuration mode Default None Using Guide User can configure virtual terminal under virtual terminal configuration mode. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# line vty 1 5 Fengine(config-line)# The above command is to configure line vty 1 to 5. Relevant Command line console 3.1.16 list Show all command under current node Command Form list [KEYWORD] Parameter [KEYWORD]command key word Node Mode all configuration mode Default None Using Guide This command has many virtues, it just like dir under MS-DOS and ls under UNIX. If user cannot remember, it become useful. It can lighten the burden; If user input keyword, this command can be used to search all command name with the keyword of the command. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#list interface show anti-proxy client interface [<1-28>] show dot1x interface show interface [<1-64>] show interface distance <1-64> 16
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual show interface dtag show interface dynamic-mac [<1-64>] show interface loop-check show interface security-mac [<1-64>] show interface static-mac [<1-64>] show interface statistics [<1-64>] show interface user-limit [<1-64>] show rstp interface show stp interface Fengine# Relevant Command endquitexithelp 3.1.17 logging history [<0-7>]
If user wants system to record information in different level, this command will help. Command Form logging history [<0-7>] no logging history Parameter 0unusable //system unstable 1immediately action // emergency action critical // emergency information error //error information warning //Warning information info //common information verbose //verbose information debug //debug information Node Mode global configuration mode Default error information Using Guide n order to trace system running state, alarm function is used. It records the system state automatically, so it can give corresponding operation. The log file can record 2000 records, when records are larger than 2000, it delete the oldest record automatically, so you must download the alarm file periodically in case of lose records. NO command recover system to default configuration Applicable Device S2200ME-B SERIES SWITCH 17
Example Fengine(config)# logging history 2 The above command is to open emergency information Relevant Command logging onclear logging historyshow logging history 3.1.18 logging on Use this command to record log; use no logging on to cancel logging. Command Form logging on no logging on Parameter None Node Mode global configuration mode Default None Using Guide In order to trace system running state, alarm function is used. It records the system state automatically, so it can give corresponding operation. The log file can record 2000 records, when records are larger than 2000, it delete the oldest record automatically, so you must download the alarm file periodically in case of lose records. NO command recover system to default configuration Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# logging on The above command is to open system log. Relevant Command clear logging historyshow logging historylogging terminal 3.1.19 logging syslog [<0-7>] If user want all system information to export to terminal, this command can be used, NO form of this command is to stop this export. Command Form logging syslog [<0-7>] no logging syslog Parameter 0unusable //system unstable 1immediately action //emergency action 18
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual critical //emergency information error //error information warning //Warning information info //common information verbose //verbose information debug //debug information Node Mode global configuration mode Default error information
Using Guide In order to track system operation status and current system status, open terminal export function, but it will slow system operation speed, this function can be used when tracking and debugging a certain protocol flow, when system is normally operating, this function is disabled, so as not to influence system operating speed. When export information grade is set, enable corresponding monitor under line configuration mode to finish export information. As default, this function of Console is enabled. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# logging syslog 6 The above command is enable system log. Relevant Command show logginglogging terminal 3.1.20 logging terminal [<0-7>] Use this command to output the information to the terminal, use no logging terminal to stop the output. Command Form logging terminal [<0-7>] no logging terminal Parameter 0unusable //system unstable 1immediately action //emergency action critical //emergency information error //error information warning //Warning information info //common information verbose //verbose information 19
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual debug //debug information Node Mode global configuration mode Default debug information
Using Guide In order to track system operation status and current system status, open terminal export function, but it will slow system operation speed, this function can be used when tracking and debugging a certain protocol flow, when system is normally operating, this function is disabled, so as not to influence system operating speed. When export information grade is set, enable corresponding monitor under line configuration mode to finish export information. As default, this function of Console is enabled. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# logging terminal 4 The above command is to open trap log. Relevant Command clear logging historyshow logging historylogging terminal 3.1.21 ls See the current directory and file Command Form ls ls DIR Parameter DIRfile path Node Mode privileged user mode Default See the current directory and file Using Guide Use this command to see the directory and file in current file system Applicable Device S2200ME-B SERIES SWITCH Example Fengine#ls size date
time
name 20
------------- ------ -------2391 JAN-02-1991 00:56:00 startcfg 1 files, total space: 2391 bytes 0 directorys,available space: 1024000 bytes. Fengine# The above is the information of file and directory in root directory. Relevant Command cdtypedir 3.1.22 no line vty <1-10> Clear a logged virtual terminal Command Form clear line <1-10> Parameter <1-10>index No. of virtual terminal Node Mode global configuration mode Default None Using Guide Use this command to clear a logged virtual terminal Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#no line vty 1 Are you sure?[y/n] [OK] Fengine(config)# Relevant Command show lines 3.1.23 ping Test the network connectivity Command Form ping (A.B.C.D) ping (A.B.C.D) (-n|-l) <1-1000> ping (A.B.C.D) -n <1-1000> -l <1-1000> Parameter (A.B.C.D)address of a testing host on the net 21
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual -nsent request number -lsentrequest packet length <1-1000>number and length Node Mode privileged user mode Default None
Using Guide When network has error, use this command to locate network error position, which is necessary tool for network test. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#ping 192.168.1.200 PING 192.168.1.200: 56 data bytes Reply from 192.168.1.200: time=16ms TTL=128 Reply from 192.168.1.200: time=0ms TTL=128 Reply from 192.168.1.200: time=0ms TTL=128 Reply from 192.168.1.200: time=0ms TTL=128 Reply from 192.168.1.200: time=0ms TTL=128 ----192.168.1.200 PING Statistics---5 packets transmitted, 5 packets received, 0% packet loss round-trip (ms) min/avg/max = 0/3/16 Fengine# Relevant Command None 3.1.24 pwd Show current file path Command Form pwd Parameter None Node Mode privileged user mode Default None Using Guide Show current file path Applicable Device 22
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual S2200ME-B SERIES SWITCH Example Fengine#pwd %Current Directory is "Ram:/flash/". Fengine# Relevant Command None 3.1.25 quit
Quit to the previous node, with the same function with exit. Command Form quit Parameter None Node Mode All mode Default None Using Guide Execute command quit from higher command to lower user mode, the function is the same as exit. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# quit Fengine# Relevant Command endexit 3.1.26 reboot Reboot device Command Form reboot Parameter None Node Mode privileged user mode Default None 23
Using Guide The function of command is same to electrify device, we can restart the device remotely. Usually, forbid use this command, make sure whether save the configuration file. This command just restart the net manage card. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#reboot WARNING:System will reboot! Continue?(y/n) [y] System now is rebooting,please wait. 3.1.27 remove FILE Remove a file Command Form remove FILE Parameter FILEfile name Node Mode privileged user mode Default None Using Guide Use this command to delete a file Applicable Device S2200ME-B SERIES SWITCH Example Fengine#remove TEMP Fengine# Relevant Command ls 3.1.28 rename OLD NEW Rename file Command Form rename OLD NEW Parameter OLDold file name NEWnew file name Node Mode 24
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual privileged user mode Default None Using Guide Use this command to rename file Applicable Device S2200ME-B SERIES SWITCH Example Fengine#rename STARTCFG aaa Fengine# Relevant Command ls 3.1.29 show clock Command Form show clock Parameter None Command Mode privileged user mode Default None
Using Guide This command is to show system current time and booting time Example Fengine#show clock clock : 2000-01-01 00:42:47 System running time : 0 hours,42 minutes,47 seconds Fengine# Relevant Command clock set 3.1.30 show cpu statistic Show CPU statistic Command Form show cpu statistic Parameter None Node Mode 25
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual privileged user mode Default None Using Guide Show CPU statistic Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show cpu statistic total task no:25 ready task no:2 0.35% cpu used! Fengine# Relevant Command None 3.1.31 show history Show history command Command Form show history Parameter None Node Mode privileged user mode Default None Using Guide Show history command Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show history list q con list Fengine# Relevant Command None 26
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.1.32 show lines Show current virtual terminal Command Form show lines Parameter None Node Mode privileged user mode Default None Using Guide Show information of current virtual terminal Applicable Device S2200ME-B SERIES SWITCH
Example Fengine#show lines Line Location Idle Host(s) User * 1 con 1 Console 00:00:00 Console admin 2 vty 1 192.168.1.200 00:00:05 192.168.1.108 admin 3 vty 2 4 vty 3 5 vty 4 6 vty 5 Fengine# * is for current user terminal, Location is host address that user logged on, Idle is terminal time for user log on, Host is the interface for user to access device, User is user name for user to log on Relevant Command line vty 3.1.33 show logging Show system log configuration with this command Command Form show logging Parameter None Node Mode privileged user mode Default 27
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None
Using Guide This command is used to show system log configuration Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show logging Logging:enable Logging terminal:enable Logging terminal level:7 Logging syslog:disable Logging syslog level:3 Logging history:enable Logging history level:3 Logging history size:3 Logging history pointer:3 Logging history allow size:2000 Logging history rotate numbers:0 Fengine# Relevant Command logging onshow logging history 3.1.34 show logging history Show system log with this command Command Form show logging history show logging history <1-2000> show logging history SUBSTRING Parameter <1-2000>index No. of system log SUBSTRINGkeyword for search log Node Mode privileged user mode Default None Using Guide Use this command to show system log and search corresponding log, if entry is designated, then show system log beginning content, also use keyword for query, then show keyword entry in log content. 28
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Applicable Device S2200ME-B SERIES SWITCH
Example Fengine#show logging history 2000/01/01 00:00:09 Log:0 10/100 Ethernet interface: 2,Link up. 2000/01/01 00:00:10 Log:0 10/100 Ethernet interface: 2,Link down. 2000/01/01 00:00:12 Log:0 10/100 Ethernet interface: 2,Link up. Fengine# Relevant Command logging on 3.1.35 show logging history SUBSTRING Show system log with keyword Command Form show logging history SUBSTRING Parameter SUBSTRINGkeyword for searching log Node Mode privileged user mode Default None Using Guide Show system log with keyword. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show logging history 15:18 2007/04/23 15:18:22 Log:5 Host(10.18.33.189) successfully log on 2007/04/23 15:18:24 Log:6 Console:end 2007/04/23 15:18:26 Log:6 Console:show logging 2007/04/23 15:18:28 Log:6 Console:show logging his 2007/04/23 15:18:38 Log:6 Console:show logging history 2 2007/04/23 15:18:45 Log:6 Console:show logging history 4 2007/04/23 15:22:08 Log:6 Console:show logging history 15:18Fengine# Relevant Command clear logging historylogging onshow logging historyshow logging historyshow logging history <1-2000> 3.1.36 show logo Show system logo 29
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Command Form show logo Parameter None Node Mode privileged user mode Default None Using Guide Use this command to show system logo Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show logo
************************************************ * Switch OS (Version 1.08 ) * * * * For Fengine S2016MFB * * * * Copyright 2000-2005 FiberHome Networks * ************************************************ Fengine# Relevant Command clear logging historylogging on 3.1.37 show management acl Show access control list used to filter snmp, web, telnet. Command Form show management acl Parameter None Node Mode privileged user mode Default None Using Guide Show access control list used to filter snmp, web, telnet. Applicable Device 30
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual S2200ME-B SERIES SWITCH
Example Fengine#show management acl %Allow any ip address to access from snmp,web,telnet. Fengine# Relevant Command None 3.1.38 show memory statistic Show memory distribution statistic Command Form show memory statistic Parameter None Node Mode privileged user mode Default None Using Guide Show memory distribution statistic Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show memory statistic Status Bytes Blocks Avg block Max block ------ ---------- -------- ---------- ---------current free 690032 3 230010 675440 alloc 4756432 8759 543 cumulative alloc 6026076 13840 435 total memory 5446496 bytes. 87.00 percent used. Fengine# Relevant Command None 3.1.39 show running-config Show current system configuration Command Form 31
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual show running-config Parameter None Node Mode privileged user mode Default None
Using Guide Use this command to show current efficient system configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show running-config Currrent Configuration: !Hardware Version : 1.20 !Software Version : 1.08 hostname Fengine config-file check-timer 5 config-file auto-save disable config-file auto-upload disable ! !logging configuration. logging on logging history 3 logging terminal 7 no logging syslog ! ! ! User configuration. username admin group administrators password 827ccb0eea8a706c4c34a16891f84e7b username guest group guests password 827ccb0eea8a706c4c34a16891f84e7b ! !Management (snmp,web,telnet) ACL configuration management acl disable ! !SNMP Configuration snmp community public ro view internet snmp community NETMAN rw view internet !syslog server configuration ! 32
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual line console 1 length 25 monitor exec-timeout 10 0 login local line vty 1 5 length 25 no monitor exec-timeout 10 0 login local ! !Cos Configuration cos cos disable cos queue mode weighted-round-robin cos queue 0 weight 1 cos queue 1 weight 2 cos queue 2 weight 4 cos queue 3 weight 8 cos priority 0 queue 0 cos priority 1 queue 0 cos priority 2 queue 1 cos priority 3 queue 1 cos priority 4 queue 2 cos priority 5 queue 2 cos priority 6 queue 3 cos priority 7 queue 3 ! !SGM Configuration sgm sgm role candidate ! !ESR Configuration esr esr disable ! !Vlan Configuration interface vlan 1 member 1-18 untagged ! !MAC Aging Configuration mac aging-time 300 mac learn-mode independence ! !System Configuration 33
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual system management vlan 1 ip address 192.168.1.108/24 out-band ip change disable arp-request timer 0 anti-attack enable ! !Igmp Snooping Configuration igmp-snooping igmp-snooping disable igmp-snooping fast-leave disable igmp-snooping drop-filtered enable igmp-snooping proxy disable igmp-snooping proxy igmpv3-support disable igmp-snooping proxy vlan 1 ! !Radius Configuration radius radius disable ! !Stp Configuration stp stp disable ! !Rstp Configuration rstp rstp disable ! !Dot1x configuration dot1x disable ! !User limit configuration user-limit disable ! !Loop Check configuration loop-check trap disable loop-check action auto-recover loop-check time 300 ! !Dtag Configuration dtag protocol 33024 dtag forward-tag first ! !Dhcp Configuration ! 34
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual !Anti-Proxy configuration ! !Spnm Configuration spnm spnm disable spnm server-ip 0.0.0.0 spnm password www.fhn.com.cn spnm send-access-mac disable spnm community NETMAN ! !Rmon configuration ! !Ethernet Configuration interface ethernet 1 join vlan 1 untagged duplex auto flow-ctrl enable packet-limit broadcast 64 packet-limit dlf 64 stp disable stp priority 0 sgm discovery ttl 90 sgm discovery time 30 sgm enable vlan 1 no shutdown loop-check enable loop-check vlan 1 dtag disable dtag protocol disable security-mac disable user-limit number 0 ! !end Fengine# Relevant Command show startup-config 3.1.40 show startup-config Show startup configuration saved on flash Command Form show startup-config Parameter 35
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None Node Mode privileged user mode Default None
Using Guide Use this command to show startup configuration file saved on FLASH, startup configruatin file is configuration command file executed after switch powered or reboot. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show startup-config !System startup configuration !2000/01/01 00:01:16 ! !Hardware Version : 1.20 !Software Version : 1.08 hostname Fengine config-file check-timer 5 config-file auto-save disable config-file auto-upload disable ! !logging configuration. logging on logging history 3 logging terminal 7 no logging syslog ! ! ! User configuration. username admin group administrators password 827ccb0eea8a706c4c34a16891f84e7b username guest group guests password 827ccb0eea8a706c4c34a16891f84e7b ! !Management (snmp,web,telnet) ACL configuration management acl disable ! !SNMP Configuration snmp community public ro view internet snmp community NETMAN rw view internet !syslog server configuration 36
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual ! line console 1 length 25 monitor exec-timeout 10 0 login local line vty 1 5 length 25 no monitor exec-timeout 10 0 login local ! !Cos Configuration cos cos disable cos queue mode weighted-round-robin cos queue 0 weight 1 cos queue 1 weight 2 cos queue 2 weight 4 cos queue 3 weight 8 cos priority 0 queue 0 cos priority 1 queue 0 cos priority 2 queue 1 cos priority 3 queue 1 cos priority 4 queue 2 cos priority 5 queue 2 cos priority 6 queue 3 cos priority 7 queue 3 ! !SGM Configuration sgm sgm role candidate ! !ESR Configuration esr esr disable ! !Vlan Configuration interface vlan 1 member 1-18 untagged ! !MAC Aging Configuration mac aging-time 300 mac learn-mode independence ! 37
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual !System Configuration system management vlan 1 ip address 192.168.1.108/24 out-band ip change disable arp-request timer 0 anti-attack enable ! !Igmp Snooping Configuration igmp-snooping igmp-snooping disable igmp-snooping fast-leave disable igmp-snooping drop-filtered enable igmp-snooping proxy disable igmp-snooping proxy igmpv3-support disable igmp-snooping proxy vlan 1 ! !Radius Configuration radius radius disable ! !Stp Configuration stp stp disable ! !Rstp Configuration rstp rstp disable ! !Dot1x configuration dot1x disable ! !User limit configuration user-limit disable ! !Loop Check configuration loop-check trap disable loop-check action auto-recover loop-check time 300 ! !Dtag Configuration dtag protocol 33024 dtag forward-tag first ! !Dhcp Configuration 38
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual ! !Anti-Proxy configuration ! !Spnm Configuration spnm spnm disable spnm server-ip 0.0.0.0 spnm password www.fhn.com.cn spnm send-access-mac disable spnm community NETMAN ! !Rmon configuration ! !Ethernet Configuration interface ethernet 1 join vlan 1 untagged duplex auto flow-ctrl enable packet-limit broadcast 0 packet-limit multicast 0 packet-limit dlf 0 packet-limit b-m-dlf 0 packet-limit b-m 0 packet-limit broadcast 64 packet-limit dlf 64 stp disable stp priority 0 sgm discovery ttl 90 sgm discovery time 30 sgm enable vlan 1 no shutdown loop-check enable loop-check vlan 1 dtag disable dtag protocol disable security-mac disable user-limit number 0 ! ! !end ! Fengine# Relevant Command show running-config 39
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.1.41 show syslog Show server configuration that system log file upload Command Form show syslog Parameter None Node Mode privileged user mode Default None
Using Guide This command is show server configuration that system log file upload Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show syslog Syslog server list: Index SrvAddr 1 192.168.1.200 Fengine# Relevant Command syslog server 3.1.42 show version Show current device version Command Form show version Parameter None Node Mode privileged user mode Default None Using Guide Use this command to show current device version Example Fengine#show version Fengine Fengine with 24514K of memory System uptime is 0 days 0 hours 41 minutes 46 seconds 40
Port 100
Hardware Version 0.30 Software Version 3.00 System Mac Address 00:04:67:02:03:25 Compiled Apr 15 2008, 08:43:16 Copyright (c) 2000-2007 by FiberHome Networks Co.,Ltd. Fengine# Relevant Command None 3.1.43 syslog server The server configuration of switch system log file upload. Command Form syslog server (A.B.C.D) [<1-65535>] Parameter (A.B.C.D)server IP address [<1-65535>]: port No. Node Mode global configuration mode Default disable Using Guide This command is to configure server IP address and port for log file to upload Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# syslog server 192.168.1.200 Fengine(config)# Relevant Command show syslog 3.1.44 telnet Use this command to telnet Command Form telnet (A.B.C.D) [<1-65535>] Parameter (A.B.C.D)logging device address [<1-65535>]port No. Command Mode 41
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual privileged user mode Default None
Using Guide Use this command to telnet, performing management for remote device. Example Fengine#telnet 192.168.1.1 Fengine# Relevant Command None 3.1.45 terminal length User can use terminal length <0-512> to configure lines number shown at the terminal, no terminal length is to restore the default configuration, the default configuration is 25 lines. Command Form terminal length <0-512> no terminal length Parameter <0-512>line scope Node Mode privileged user mode Default Show 25 lines, that is the length of the vision box Using Guide When user use terminal to display command lines number, user can configure terminal lines under own demand. NO form is restore default configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#terminal length 30 Fengine# Relevant Command None 3.1.46 terminal monitor Set if DEBUG is print on the screen. Command Form 42
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual terminal monitor no terminal monitor Parameter None Node Mode privileged user mode Default None
Using Guide terminal monitor is to set DEBUG information to be export to the screen, NO command is to delete. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#terminal monitor Fengine# Relevant Command None 3.1.47 timeout Set timeout if no input on virtual terminal Command Form timeout <0-35791> no timeout Parameter <0-35791>timeout (unit: minute) <0-59>timeoutunit:second Node Mode virtual terminal configuration mode Default 10 minutes Using Guide This command is the same with screen save program of pc, the serial port will exit to authentication node if timeout, the terminal in telnet mode will shutdown connection. NO form of this command is to comeback default configuration. Applicable Device S2200ME-B SERIES SWITCH Example 43
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine(config-line)# timeout 5 Fengine(config-line)# Relevant Command None 3.1.48 traceroute Test network connectivity Command Form traceroute (A.B.C.D) [<1-255>] Parameter (A.B.C.D)destination IP address Node Mode privileged user mode Default None
Using Guide If there is the problem of network connectivity, use this command to show the route of arrived destination IP address and record the result. Applicable Device S2200ME-B SERIES SWITCH Example Fengine# traceroute 192.168.1.200 Tracing route to 192.168.1.200 over a maximum of 30 hops. 1 <10ms <10ms <10ms host (192.168.1.200) Trace route complete(192.168.1.200). Fengine# Relevant Command None 3.1.49 type FILE Print file content Command Form type FILE Parameter FILEfile name Node Mode privileged user mode Default 44
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None Using Guide Use this command to print file Applicable Device S2200ME-B SERIES SWITCH Example Fengine# type test %No such file name. Fengine# Relevant Command lsdir 3.1.50 upgrade (os|config) Update operation system or configuration file Command Form upgrade (os|config) Parameter osoperation system configconfiguration file Node Mode system configuration mode Default None Using Guide Upgrade os or config Applicable Device S2200ME-B SERIES SWITCH
Example Fengine(config-system)#upgrade config This will upgrade device start configuration file. Are you sure?(y/n) [y] It will take a few minutes,please wait..... Start-config file updated. If you want to load new configuration,use "copy start-config runningconfig". Fengine(config-system)# Relevant Command ftp getzmodem get 45
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.1.51 who Show the users who configure the device. Command Form who Parameter None Node Mode privileged user modeglobal configuration mode Default None
Using Guide In system, use command who to show the users who configure the device. The user before * is for yourself. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#who Line Location * 1 con 1 Console Fengine# Relevant Command clear lineshowlines 3.1.52 write file Write current configuration into startup configuration file Command Form write file Parameter None Node Mode privileged user mode Default None Using Guide The route of configuration file is written in system, user cannot indicate route for configuration file, the route is default route to save configuration file. Applicable Device S2200ME-B SERIES SWITCH 46
Idle Host(s) 00:00:00 Console
User admin
Example Fengine#write file This will recover the configuration in the flash memory. Are you sure?(y/n) [y] Building configuration..... [OK] Fengine# Relevant Command show startup-configerase startup-config 3.1.53 zero FILE Clearup file Command Form zero FILE Parameter FILEfile name Node Mode privileged user mode Default None Using Guide Use this command to clearup the file. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#zero temp Fengine# Relevant Command lsdirremove 3.2 IP configuration command IPINTERNET protocolis based on protocol of information packet, exchanging data with computer network, IP transact address search, segment division, grouping and signal protocol decomposition. It is the base of all other IP protocol, as a network layer protocol, IP is including address search and controlling information that permits data packet route. IP configuration command is including:
gateway ip address 47

3.2.1 gateway
out-band ip change out-band ip address
Configure in-band network default gateway Command Form gateway (A.B.C.D) Parameter (A.B.C.D)in-band default gateway IP address Node Mode system configuration mode Default None Using Guide Use this command to configure in-band network gateway, NO form of this command is to delete default gateway. Applicable Device S2200ME-B SERIES SWITCH Example Configure default gateway of switch main management module. Fengine(config-system)#gateway 192.168.1.10 Fengine(config-system)# Relevant Command ip addressshow system 3.2.2 ip address Configure switch in-band IP address (only valid for switch management, management vlan is 1 as default). Command Form ip address (A.B.C.D/M) ip address (A.B.C.D) (A.B.C.D) Parameter A.B.C.D is for IP address, subnet mask M is for subnet mask bit Node Mode system configuration mode Default 48
S2200ME-B SERIES SWITCH IPthe default is 192.168.1.1 Using Guide Use this command to configure switch management vlan IP address. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)#ip address 192.168.1.1/24 Fengine(config-system)# Relevant Command gatewayshow systemmanagement vlan 3.2.6 ip arp Designate a static arp for certain port of S2200ME-B, NO form of this command is to delete configured static arp. Command Form ip arp (A.B.C.D) (A:B:C:D:E:F) interface <1-64> no ip arp [A.B.C.D] Parameter A.B.C.D: IP address of static arp list A:B:C:D:E:Fphysical address of static arp list Interface:interface need to configure arp list Node Mode global configuration mode Default None Using Guide The port configured static arp list should be member port in the vlan of IP address in arp list, IP address in arp list is not local IP address. When delete, if the address is not designated, delete all arp. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#ip arp 192.168.1.11 00:00:01:00:01:01 interface 1 Fengine(config)# Configure interface1 static arp is 192.168.1.11 00:00:01:00:01:01. if IP address of vlan100 is 192.168.1.1, the vlan of this arp list is 100, interface1 should be member port of vlan100, otherwise, cannot configure member. Relevant Command show ip arp 49
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.2.4 out-band ip address
set out-band ip address to the major manage modules NM interface on switch Command Form out-band ip address (A.B.C.D/M) out-band ip address (A.B.C.D) (A.B.C.D) Parameter (A.B.C.D): IP address; M: subnet mask bit length Node Mode system configuration mode Default S2200ME-B SERIES SWITCH out-band default IP is: 192.168.2.1 Using Guide set out-band ip address to the major manage modules NM interface on switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)#ip address 192.168.1.1/24 Fengine(config-system)# Relevant Command show system 3.2.8 show system Show switch system configuration Command Form show system Parameter None Node Mode privileged user mode Default None Using Guide Show switch system network configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show system 50
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual system anti-attack enable system mac address 00.04.67.02.03.25 system mac aging time 300 system address learn mode : share vlan tunnel disable ip address 10.18.33.112/24 management vlan 1 gateway 0.0.0.0 out-band ip address 192.168.2.1/24 arp-request timer 0 Fengine# Relevant Command None 3.3 FTP configuration command FTP protocol configuration command is including: 3.3.1 ftp get Download file from host PC to the device. ftp get ftp put config ftp put logging
Command Form ftp get (A.B.C.D) USER PASSWORD FILENAME [LOCALFILE] Parameter (A.B.C.D): IP address of host USER: for user name of logging ftp server PASSWORD: password for log on ftp service FILENAME: file name that download for the host [LOCALFILE]: file name saved on device (optional) Node Mode global configuration mode Default None Using Guide In device practical operation and maintenance, download configuration file or operation system file from host to device, which is to reconfigure or upgrade operation system. This command is download file to device. Applicable Device S2200ME-B SERIES SWITCH 51
Example Fengine(config)#ftp get 192.168.1.200 123 123 s2016mfb.bin v1.1.bin Getting File "s2016mfb.bin" from 192.168.1.200... 1528618 bytes downloaded. If you want to upgrade system,use "upgrade" command! Fengine(config)# Relevant Command dir 3.3.2 ftp put config Upload configuration file to host Command Form ftp put (A.B.C.D) USER PASSWORD FILENAME config Parameter (A.B.C.D)IP address of host PC USERuser name for logging on ftp server PASSWORDpassword for logging on ftp server FILENAMEfile name saved on PC of uploaded config-file. Node Mode global configuration mode Default None Using Guide During the practical operation maintenance, need to save the config-file to host PC, this command is to upload file to the host PC. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#ftp put 192.168.1.200 123 123 aaa config Putting data... 2391 bytes uploaded. Fengine(config)# Relevant Command ftp get (A.B.C.D) USER PASSWORD FILENAME [LOCALFILE] 3.3.3 ftp put logging Upload log file to the host Command Form ftp put (A.B.C.D) USER PASSWORD FILENAME logging 52
Parameter (A.B.C.D)IP address of host PC USERuser name for logging on ftp server PASSWORDpassword for logging on ftp server FILENAMEfile name saved on PC of uploaded config-file. Node Mode global configuration mode Default None Using Guide During the practical operation maintenance, need to save the config-file to host PC, this command is to upload file to the host PC. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#ftp put 192.168.1.200 123 123 aaa logging Putting data... 2391 bytes uploaded. Fengine(config)# Relevant Command None 3.4 SNMP configuration command SNMP protocol configuration command are: snmp community NAME (ro|rw) [view VIEW-NAME] snmp trap-server (A.B.C.D) <1-65535> (v1|v2|v3) snmp view VIEW-NAME OID-TREE (included|excluded) snmp group GROUP-NAME read-view VIEW write-view VIEW notifyview VIEW snmp user USER-NAME group GROUP-NAME show 3.4.1 snmp community NAME (ro|rw) [view VIEW-NAME] Configure snmp community Command Form snmp community NAME (ro|rw) no snmp community NAME Parameter NAMEcommunity name (ro|rw)weight. Ro is for only read, rw is for read-and-write view VIEW-NAME: view name, optional 53
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Default None Node Mode global configuration mode
Using Guide In order to manage remote device with snmp network management, should set a community. Then the administrator can use this community to read information of the device, and make configuration and adjustment with the information. NO form of this command is to delete a community. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#snmp community network rw This instance means create a community which can read and write MIB variable and the logging password is network. Relevant Command None 3.4.2 snmp trap-server Configure IP address, server IP address, version or port for snmp trap server. Command Form no snmp trap-server (A.B.C.D) no snmp trap-server (A.B.C.D) SECURITYNAME snmp trap-server (A.B.C.D) <1-65535> SECURITYNAME (v1|v2|v3) snmp trap-server (A.B.C.D) <1-65535> SECURITYNAME v3 (auth|priv) snmp trap-server (A.B.C.D) SECURITYNAME (v1|v2|v3) snmp trap-server (A.B.C.D) SECURITYNAME v3 (auth|priv) Parameter (A.B.C.D): snmp trap server address (v1|v2|v3): snmp trap version, v1 is for snmpv1, v2 is for snmpv2, v3 is for snmpv3 <1-65535>: trap server port, default is 162. SECURITYNAME: community name (auth|priv): authentication or encryption Default None Node Mode global configuration mode Using Guide In order to manage device trap at the remote, use this command to configure IP address and version of snmp trap server by setting IP address of device 54
trap information receiver. NO form of this command is to delete a snmp trap server. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# snmp trap-server 10.18.33.124 public v3 auth Fengine(config)# Relevant Command None 3.4.3 snmp view VIEW-NAME OID-TREE (included | excluded Configure snmp view information Command Form snmp view VIEW-NAME OID-TREE included no snmp view VIEW-NAME OID-TREE Parameter VIEW-NAME: configured snmp view name OID-TREE: oid information shown in this view Default None Node Mode global configuration mode Using Guide For snmpv3 Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# snmp view v3 1.3.6 included Fengine(config)# Configure nodes under 1.3.6 shown in view 3. Relevant Command None 3.4.4 snmp group Configure snmp user group associated with certain snmp view. Command Form snmp group GROUP-NAME read-view VIEW write-view VIEW notify-view VIEW 55
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual no snmp group GROUP-NAME Parameter GROUP-NAME: user group name VIEW: view name Default None Node Mode global configuration mode Using Guide
SNMPv3 version supports this command, use this command to configure accessing authority of OID for different user group, improving security. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#snmp group aaa read-view v3 write-view v3 notify-view v3 Fengine(config)# Relevant Command snmp view 3.4.5 snmp user Configure snmp user, this user belong to an existing user group. Command Form snmp user USER-NAME group GROUP-NAME no snmp user USER-NAME Parameter USER-NAMEuser name GROUP-NAMEuser group name Default None Node Mode global configuration mode Using Guide In SNMPv3, only authorized user can access OID in associated view of this user group. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# snmp user admin group aaa Fengine(config)# 56
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Relevant Command snmp group 3.4.6 show memory snmp Show snmp memory distribution Command Form show memory snmp Parameter None Default None Node Mode privileged user mode Using Guide Show snmp memory distribution. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show memory snmp Status Bytes Blocks Avg block Max block ------ ---------- -------- ---------- ---------current free 99240 445 223 89832 alloc 228424 5120 44 cumulative alloc 6201392 42045 147 total memory 327680 bytes. 69.00 percent used. Fengine# Relevant Command None 3.4.7 show snmp community Show current community user information Command Form show snmp community Parameter None Command Mode Privileged mode 57
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Default None Using Guide None Example Fengine# show snmp community Community Privilege Status View public ro VALID internet NETMAN rw VALID internet Fengine# Relevant Command snmp community 3.4.8 show snmp trap-server Show snmp trap server Command Form show snmp trap-server Parameter None Default None Node Mode privileged user mode
Using Guide Use this command to show snmp trap server IP address, version and status Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show snmp trap-server IP-Address Port Ver Status Level Name 10.18.33.124 162 V3 active Auth public Fengine# Relevant Command None 3.4.9 show snmp group Show snmp group information Command Form show snmp group 58
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Parameter None Default None Node Mode privileged user mode
Using Guide Use this command to show snmp group, including group view. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show snmp group Group readView WriteView NodifyView initial sysview sysview sysview initial internet internet internet Fengine# Relevant Command None 3.4.10 show snmp user Show snmp user information Command Form show snmp user Parameter None Default None Node Mode privileged user mode Using Guide Use this command to show snmp user information, including user authentication. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show snmp user User Group initmd5 initial initsha initial 59
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual initnone Fengine# initial
Relevant Command None 3.4.11 show snmp view Show snmp view Command Form show snmp view Parameter None Default None Node Mode privileged user mode Using Guide Use this command to show snmp view. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show snmp view View Type OidTree sysview included 1.3.6.1.2.1.1 internet included 1.3.6 Fengine# Relevant Command None 3.5 system configuration command System configuration command are including: anti-attack arp-request timer config-file auto-save config-file auto-upload config-file check-timer loop-check action loop-check time 60
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.5.1 anti-attack Enable or disable switch anti-attack Command Form anti-attack (enable|disable) Parameter (enable|disable)enable, disable Node Mode system configuration mode Default enable Using Guide This command is to enable switch anti-attack Applicable Device S2200ME-B SERIES SWITCH Example 61 loop-check trap mac aging-time mac learn-mode management acl management vlan no ip arp show auto-config show dynamic-mac show ip arp show loop-check show management acl show system show upgrade-info user-limit (disable|enable) username zmodem get zmodem put
bpdu tunnel mac (AA:BB:CC:DD:EE:FF) uplink-port <0-64>
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine(config-system)# anti-attack enable Fengine(config-system)# Relevant Command show system 3.5.2 arp-request timer Configure arp request timer Command Form arp-request timer <0-3600> Parameter <0-3600>time Node Mode system configuration mode Default 0
Using Guide Configure arp request timer, when the timer is not 0, the switch will periodically send arp request to switch gateway (if the switch has not configured network management, the switch will send destination IP to be its own arp request of in-band network management IP). The significance of this function: when certain device in the network has error or need to be replaced, the new device IP address should be the same with the previous device, but new device mac address is different with the old device, maybe the other device reserved the old log, after this function is enabled, the device will send arp request to make other device update mac mapping to IP. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)# arp-request timer 100 Fengine(config-system)# Relevant Command show system 3.5.3 config-file auto-save Enable or disable switch auto-save configuration file. Command Form config-file auto-save (enable|disable) Parameter (enable|disable) Node Mode 62
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual global configuration mode Default disable
Using Guide This command is to enable or disable switch auto-save config-file, after this function is enabled, switch configuration will be auto-saved into startup config-file if the configuration is changed. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# config-file auto-save enable Fengine(config)# Relevant Command None 3.5.4 config-file auto-upload Configure switch configuration file to auto-upload Command Form config-file auto-upload ( enable|disable) config-file auto-upload (A.B.C.D) USER PASSWORD FILENAME Parameter enableenable auto-upload disabledisable auto-upload A.B.C.D IP address of uploading server USERthe user name for logging on ftp server PASSWORDpassword for logging on ftp server FILENAMEsaved config-file name Node Mode global configuration mode Default disable Using Guide This command is to configure switch config-file auto-upload mode and server configuration: when user select the mode of period auto-upload, the config-file of the device will be periodically uploaded to the server; when user select the mode of variational upload, the config-file of the device will be uploaded to the server only when the configuration is changed in each uploading period, if there is no configuration change, it will not upload in the period; when configuration is disabled, auto-upload config-file is disabled; 63
user can configure saved config-file name, if not configured, a file name will be auto-formed. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# config-file auto-upload 192.168.1.200 123 123 config.txt Fengine(config)# Relevant Command None 3.5.5 dot1q ingress-filter Show whether each interface of switch is enabled IEEE802.1Q ingress filter. Command Form dot1q ingress-filter (enable|disable) Parameter (enable|disable) Node Mode global configuration mode Default disable Using Guide This command is to show whether each interface of switch is enabled 802.1Q ingress filter. When an interface doesnot belong to the VLAN of received data message, ingress-filter is to show whether discard this data message, if ingress-filter is enable, this data message will be discard; if disable, then not discard this data message, and transmit this data message to corresponding vlan. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#dot1q ingress-filter enable Fengine(config)# Relevant Command dot1q accept (all|tagged-only) 3.5.6 loop-check action shutdown or isolate port if check out loop-check Command Form loop-check action (shutdown|isolution) 64
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Parameter shutdownshut loop-back check isolationisolation Node Mode global configuration mode Default isolution
Using Guide This command is to set whether shutdown the port or auto-discover loop is disappeared or not when port is detecrting the loop (if the loop is disappeared, recover data forwarding for interface) Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# loop-check action isolution Fengine(config)# Relevant Command None 3.5.7 loop-check expire-time Set system loop-check timeout Command Form loop-check time <0-65535> Parameter <0-65535>loop-check timeoutunit: second Node Mode global configuration mode Default 0 Using Guide This command is to set system loop-check timeout, only when loop-check operation mode is shutdown, the time is valid. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# loop-check expire-time 500 Fengine(config)# Relevant Command None 65
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.5.8 loop-check trap Enable or disable system loop-check trap Command Form loop-check trap (enable|disable) Parameter enable:enable system loop-check trap disable:disable system loop-check trap Node Mode global configuration mode Default disable
Using Guide This command is to enable or disable system loop-check trap, when this parameter is enabled, if a certain interface find loop, then send SNMP trap to network management platform. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# loop-check trap enable Fengine(config)# Relevant Command None 3.5.9 mac aging-time Set switch MAC table aging time. Command Form mac aging-time <13-65535> Parameter <13-65535>aging timeunit: second Node Mode global configuration mode Default 300 seconds Using Guide This command is to set switch MAC list aging time Applicable Device S2200ME-B SERIES SWITCH Example 66
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine(config)# mac aging-time 100 Fengine(config)# Relevant Command None 3.5.10 mac learn-mode Configure switch MAC address learning mode Command Form mac learn-mode (share|independence)
Parameter (share|independence): share learning mode, independence learning mode Node Mode global configuration mode Default independence Using Guide This command is to set switch mac learning mode Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# mac learn-mode share Fengine(config)# Relevant Command show system 3.5.11 management acl Configure acl of telnet, snmp, web service. Command Form management acl (enable|disable) management acl (A.B.C.D) (A.B.C.D)(telnet|web|snmp|all) management acl (A.B.C.D/M) (telnet|web|snmp|all) no management acl (A.B.C.D) Parameter (enable|disable): enable or disable ACL (A.B.C.D): remote host ip address (A.B.C.D): subnet mask Node Mode global configuration mode Default 67
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Permit any pc to log on
Using Guide In order to assure device security, configure the device to be remote logged on and snmp, web network management for reliable IP, which can efficiently reduce the rate of being attacked and guarantee normal operating; NO form of this command is to delete a network manageable IP address; when disabled, permit any host to log on. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#management acl 10.5.6.4/24 all Fengine(config)# The above command is to configure host 10.5.6.4 into a reliable user for telnet, snmp, web management. Relevant Command None 3.5.12 management vlan Configure switch management vlan Command Form management vlan <1-4094> Parameter <1-4094>vlan id Node Mode system configuration mode Default 1 Using Guide Use this command to configure switch management vlan Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)#management vlan 2 Fengine(config-system)# Relevant Command None 3.5.13 no ip arp Clear switch ARP list information 68
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Command Form no ip arp [(A.B.C.D)] Parameter [(A.B.C.D)]ip address in arp (optional) Node Mode global configuration mode Default None
Using Guide This command is to clearup ARP information learned by switch, it also can clear one or all. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#no ip arp Fengine(config)# Relevant Command show ip arp 3.5.14 show auto-config Show associated configuration information of switch configuration file. Command Form show auto-config Parameter None Node Mode privileged user mode Default None Using Guide This command is to show associated configuration of switch configuration file, including auto-save configuration and auto-upload configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show auto-config Auto-Save : Disable Auto-Upload : Disable Fengine# 69
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Relevant Command config-file auto-saveconfig-file auto-upload 3.5.15 show dynamic-mac Show switch dynamic mac information. Command Form show dynamic-mac (AA:BB:CC:DD:EE:FF) Parameter (AA:BB:CC:DD:EE:FF)dynamic mac address Node Mode privileged user mode Default None
Using Guide This command is to show switch a certain dynamic mac vlan and interface information. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show dynamic-mac 00:11:11:17:A6:70 If Vlan MAC-Address 2 1 00:11:11:17:A6:70 Fengine# Relevant Command show interface dynamic-mac [<1-64>] 3.5.16 show ip arp Show information of switch ARP list. Command Form show ip arp Parameter None Node Mode privileged user mode Default None Using Guide This command is to show switch ARP list. Applicable Device 70
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual S2200ME-B SERIES SWITCH
Example Fengine#show ip arp Interface IP-Address MAC-Address type Vlan 1 192.168.1.200 00:0B:0D:7B:45:6E dynamic Fengine# Relevant Command show ip arp 3.5.17 show loop-check Show switch loop-check configuration Command Form show loop-check Parameter None Node Mode privileged user mode Default None Using Guide This command is to show switch loop-check configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show loop-check LoopCheck Action : isolation LoopCheck ExpireTime : 0, for shutdown action only. LoopCheck Trap : disable Fengine# Relevant Command None 3.5.18 show management acl Show management ACL to filter snmp, web, telnet access. Command Form show management acl Parameter None Node Mode 71
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual privileged user mode Default None Using Guide This command is to show acl of snmp, web, telnet. Applicable Device S2200ME-B SERIES SWITCH
Example Fengine#show management acl %Allow any ip address to access from snmp,web,telnet. Fengine# Relevant Command management acl 3.5.19 show system Show switch system configuration Command Form show system Parameter None Node Mode privileged user mode Default None Using Guide This command is to show switch system configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show system system anti-attack enable system mac address 00.04.67.30.40.27 system mac Aging time 300 system address learn mode : independence ip address 192.168.1.1/24 gateway 0.0.0.0 management vlan 1 out-band ip address 192.168.2.1/24 out-band ip change disable arp-request timer 0 72
Fengine# Relevant Command None 3.5.20 username Configure switch network management user Command Form username WORD group (administrators|operators|users|guests) password PASSWORD no username USERNAME Parameter USERNAME: user name Administrators: super user group (possess all controlling weight for switch) Opera tors: operators group (all control except adding/deleting user) Users: common user group (can configure switch, cannot add or delete user) Guests: guest group (only show switch configuration) PASSWORD: password Node Mode global configuration mode Default None Using Guide Add or delete network management user: only super user group can configure switch network management user, the detail authority of each user group can refer to Parameter. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# username test group administrators password test Add a super user with name test, password test. Relevant Command addusershow running-config 3.5.21 zmodem get Switch serial port receiving file Command Form zmodem get Parameter None 73
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Node Mode global configuration mode Default None Using Guide This command is to receive file with serial port. Applicable Device S2200ME-B SERIES SWITCH
Example Fengine(config)#zmodem get ZMODEM Receive: Waiting for Sender ... ** B0000000039a32 ** B0000000039a32 Zmodem-Receive "STARTCFG", 11276 bytes, 0 minutes If you want to update system,use "upgrade" command! Fengine(config)# Relevant Command zmodem put 3.5.22 zmodem put Switch serial port uploading file Command Form zmodem put FILENAME zmodem put config Parameter FILENAMEuploaded file name Node Mode global configuration mode Default None Using Guide This command is to upload file through serial port, zmondem put config isto upload config-file. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#zmodem put config ZMODEM send: Waiting for Receiver ... Zmodem-Send "Ram:/flash/startcfg", 0 bytes 0 minnutes **000000000000 74
0 bytes uploaded Fengine(config)# Fengine(config)#zmodem put download ZMODEM send: Waiting for Receiver ... Zmodem-Send "Ram:/flash/download", 11276 bytes 0 minnutes **000000000000 11276 bytes uploaded Fengine(config)# Relevant Command zmodem get 3.5.23 bpdu tunnel mac (AA:BB:CC:DD:EE:FF) uplink-port <0-64> Contorl forwarding port of stp802.1X and SGM protocol packet. Command Form bpdu tunnel mac (AA:BB:CC:DD:EE:FF) uplink-port <0-64> Parameter AA:BB:CC:DD:EE:FF: mac address <0-64>: interface No. Node Mode global configuration mode Default None Using Guide This command is to control forwarding port of stp802.1X and SGM protocol packet, 0 is for sending all ports except cpu, 1 is for sending cpu port, other value is for sending to a certain port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#bpdu tunnel mac 11:4C:B0:23:56:46 Fengine(config)# Relevant Command show sytem 3.6 STP configuration command STP configuration command are including: stp (enable|disable) 75
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual stp alt-without-delay (enable|disable) stp bpdu-protection (enable|disable) stp config-name STRING stp forward-delay stp hello-time stp max-age stp max-hop stp mode (stp|rstp|mstp) stp priority <0-61440> stp revision-level <0-65535> stp transmit-limit <1-255> stp vlan VLANLIST stp instance <1-15> stp instance <1-15> priority <0-61440> stp instance <1-15> vlan VLANLIST stp compliance (dot1s|dot1d) stp edge-port (enable|disable) stp fast-agree (enable|disable) stp loop-protection (enable|disable) stp loopback-check (enable|disable) stp mcheck (enable|disable) stp path-cost <0-200000> stp point-to-point (true|false) stp priority <0-240> stp root-protection (enable|disable)
stp instance <1-15> loop-protection (enable|disable) stp instance <1-15> priority <0-240> stp instance <1-15> root-protection (enable|disable) show stp show stp config show stp information 76
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual show stp interface show stp intstance interface
3.6.1 stp (enable|disable) Enable or disable STP protocol Command Form stp (enable|disable) Parameter enableenable STP disabledisable STP Default disable Node Mode STP configuration mode, interface configuration mode Using Guide Stp protocol can detect and forbid network loop. It set up a copy link between switch, bridge and switch. So the switch can communicate with other bridged device, and there is only one route between any two workstations. When the main link is down, it will start the copy link. Applicable Device S2200ME-B series switch Example Fengine(config-stp)#stp enable Fengine(config-stp)# Related Command show stp 3.6.2 stp alt-without-delay (enable|disable) Enable or disable switch STP fast switching function. Command Form stp alt-without-delay (enable|disable) Parameter enableenable switch fast switching function disabledisable switch fast switching function Default disable Node Mode STP configuration mode 77
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Using Guide
This command is to configure switch fast switching function. As default, switch fast switching function is disabled. If switch port link is disconnected, network topology will be shaking and stp will be re-account. Generally, port status change should be after Forward Delay then enter forward status. Fast switching function can help port implement switching without delay. After switch is enabled fast switching function, if root port or designated port is disabled, the substitute port or backup port will enter forward status without delay. Applicable Device S2200ME-B series switch Example Fengine(config-stp)#stp alt-without-delay enable Fengine(config-stp)# Related Command show stp 3.6.3 stp bpdu-protection (enable|disable) Configure rstp BPDU protection. Command Form stp bpdu-protection (enable|disable) Parameter enable: enable switch BPDU protection ; disbale: disable switch BPDU protection; Default disable Node Mode STP configuration mode Using Guide Configure switch BPDU protection. Command disable is to restore default operation of switch BPDU protection. As default, BPDU protection will not be enabled. For accessing layer device, accessing port is generally connected with PC or file server, at this time, accessing port is set to be edge port to realize fast remove for these ports; when these ports received configuration information, system will auto set these ports to be non-edge port and reaccount stp, which will cause network topology shaking. Normally, edge port will not receive stp configuration information. If someone fabricate configuration and attack switch, network shaking will be caused. BPDU protection will prevent this kind of network attack. After switch is enabled BPDU protection, if edge port received configuration information, system will 78
disable these ports, and notify administrator to disable these ports by MSTP. The disabled edge ports can be only restored by network administrator. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)#stp bpdu-protection enable Fengine(config-stp)# Related Command show stp 3.6.4 stp config-name STRING Configure switch MST domain name Command Form stp config-name STRING Parameter STRINGdomain name Default F-Engine Node Mode STP configuration mode Using Guide Set switch MST domain name. as default, switch MST domain ame is FEngine. Switch domain name is used to identify MST domain that switch belong to together with MST domain VLAN mapping list, MSTP edition level. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)# stp config-name wuhan Fengine(config-stp)# Related Command show stp 3.6.5 stp forward-delay Configure switch stp forward delay Command Form stp forward-delay <4-30> Parameter 79
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual <4-30>time range 4-30 second Node Mode STP configuration mode Default 15 second
Using Guide Forward-delay is the waiting time when listen-learn-forward status change Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)#stp forward-delay 25 Fengine(config-stp)# Related Command show stp 3.6.6 stp hello-time Configure switch stp bridge hello time. Command Form stp hello-time <1-10> Parameter <1-10>time range 1-10 second Node Mode STP configuration mode Default 2 second Using Guide Use this command to set time interval for root node device to send configuration information. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)#stp hello-time 8 Fengine(config-stp)# Related Command show stp 3.6.7 stp max-age Configure max age for BPDU configuration received by switch stp. 80
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Command Form stp max-age <6-40> Parameter <6-40>time range 6-40 second Node Mode STP configuration mode Default 20 second
Using Guide This command is to set max age for BPDU configuration received by switch, if no BPDU is received from root within timeout, then switch will restart root bridge selection. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)#stp max-age 20 Fengine(config-stp)# Related Command show stp 3.6.8 stp max-hop Configure max hop of MST domain. Command Form stp max-hop <1-40> Parameter <1-40>time range 1-40 second Node Mode STP configuration mode Default 20 second Using Guide This command is to set max hop of MST domain on switch. As default, max hop of MST domain is 20. On CIST and MSTIs, configure max hop of domain root to be max hop of MST domain, it limit scale of MST domain. Begin with stp root bridge in MST domain, hop will reduce 1 after the configuration in domain passing each switch; switch will discard the configuration with hop 0, the switch without max hop cannot join stp accounting, then scale of MST domain is limited. If the current switch become CIST root bridge or MSTI root bridge of MST domain, the max hop configured by this switch will become network 81
dismeter of this stp, then scale of this stp in current MST domain is limited. The switch not be stp root bridge in MST domain will adopt max hop parameter set by root bridge. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)#stp max-hop 20 Fengine(config-stp)# Related Command show stp 3.6.9 stp mode (stp|rstp|mstp) Configure switch MSTP working mode Command Form stp mode (stp|rstp|mstp) Parameter stpswitch send out STP BPDU rstpswitch send out RSTP BPDU mstpswitch send out MSTP BPDU Node Mode STP configuration mode Default mstp Using Guide This command is to set switch MSTP working mode. As default, switch working mode is MSTP mode. MSTP have three working modes for compatibility of STP/RSTP: STP mode: switch send out STP BPDU; RSTP mode: switch send out RSTP BPDU MSTP mode: switch send out MSTP BPDU Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)#stp mode stp Fengine(config-stp)# Related Command show stp 3.6.10 stp priority <0-61440> 82
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Configure switch stp priority Command Form stp priority <0-61440> Parameter <0-61440>stp priority range 0-61440 Node Mode STP configuration mode Default 32768
Using Guide Use this command to choose root device, root interface and appointed interface. The highest priority device will be the STA root device, but if all devices have the same priority, the device, which MAC is the smallest, will be the root device. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)#stp priority 32768 Fengine(config-stp)# Related Command show stp 3.6.11 stp revision-lever <0-65535> Configure switch MSTP edition level Command Form stp revision-lever <0-65535> Parameter <0-65535>MSTP edition level Node Mode STP configuration mode Default 0 Using Guide This command is to configure switch MSTP edition level. As default, MSTP edition level is 0. MSTP edition level and domain name, VLAN mapping list are identified MST domain that switch belong to. Applicable Device S2200ME-B SERIES SWITCH 83
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Example Fengine(config-stp)#stp revision-lever 2 Fengine(config-stp)# Related Command show stp 3.6.12 stp transmit-limit <1-255>>
Configure max transmit limit of sending stp within each hello time. Command Form stp transmit-limit <0-255> Parameter <0-255>message number Node Mode STP configuration mode Default 10 Using Guide This command is to set max transmit limit of sending stp within each hello time. As default, the max number is 10. if number is larger, the transmit within hello time is more, but more resource will be occupied. The appropriately number will limit BPDU number sent within each Hello Time, prevent MSTP occupying much bandwidth resource during network topology shaking. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)#stp transmit-limit 100 Fengine(config-stp)# Related Command show stp 3.6.13 stp vlan VLANLIST Configure stp vlan mapping Command Form stp vlan VLANLIST Parameter VLANLISTvlan list Node Mode 84
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual STP configuration mode
Using Guide This command is to map designated VLAN list to instance cist, that is instance 0. no stp vlan is to restore corresponding relationship of cist and vlan to be default. As default, all created VLAN will be mapped to CIST. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)# stp vlan 1 Fengine(config-stp)# Related Command show stp 3.6.14 stp instance <1-15> Create or delete an instance Command Form stp instance <1-15> no stp instance Parameter <1-15>instance No. Node Mode STP configuration mode Using Guide stp instance is to create an instance, no stp instance is to delete an existed instance, as default, stp instance 0 is cist Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)# stp instance 1 Fengine(config-stp)# Related Command show stp instance 3.6.15 stp instance <1-15> priority <0-61440> Configure instance priority Command Form stp instance <1-15> priority <0-61440> Parameter <1-15>instance No. 85
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual <0-61440>: prirority Node Mode STP configuration mode Default 32768 Using Guide Modify designated instance priority Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-stp)# stp instance 1 priority 2999 Fengine(config-stp)# Related Command show stp instance 3.6.16 stp instance <1-15> vlan VLANLIST Map designated VLAN list to designated stp instance Command Form stp instance <1-15> vlan VLANLIST no stp instance <1-15> vlan Parameter <1-15>instance No. VLANLIST: vlan Node Mode STP configuration mode Using Guide
This command is to map designated VLAN list to designated stp instance, then the vlan is deleted from cist. As default, all VLAN are according to CIST, that is instance 0.before configure instance vlan, the vlan should be created, otherwise, the configuration command will return error. no stp instance instance-vlan vlan is to delete vlan list of designated instance, the vlan will map to instance cist again. Before configure instance priority and vlan list, create the instance first. MSTP is adopting VLAN list to describe mapping relationship between VLAN and stp instance. User can configure this VLAN mapping list with this command: each VLAN is divided to different stp instance according to user configuration. user cannot map one VLAN to multi different instance, when user remap a mapped VLAN to a different instance, the original mapping relationship will be auto delete. Applicable Device 86
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual S2200ME-B SERIES SWITCH Example Fengine(config-stp)# stp instance 1 vlan 1 Fengine(config-stp)# Related Command show stp instance 3.6.17 stp compliance (dot1s|dot1d) Configure port MSTP format. Command Form stp compliance (dot1s|dot1d) Parameter dot1s: port MSTP format is mstp protocol format dot1d: port MSTP format is stp protocol format Node Mode Interface configuration mode Default dot1s
Using Guide This command is to set port MSTP format, as default, port MSTP format is dot1s. user can realize intercommunication with the peer end device. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp compliance dot1s Fengine(config-eth-1)# Related Command show stp interface 3.6.18 stp edge-port Configure stp protocol port edge port status feature. Command Form stp edge-port <enable|disable> Parameter enable: configure port to be edge port diable: configure port to be unedge port Node Mode Interface configuration mode 87
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Default Default is disable
Using Guide This command is to configure switch stp port edge port attribute. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp edge-port enable Fengine(config-eth-1)# Related Command show stp interface 3.6.19 stp fast-agree Enable or disable port fast agree Command Form stp fast-agree <enable|disable> Parameter Enable: enable port fast agree Diable: disable port fast agree Node Mode Interface configuration mode Default Default is disable Using Guide This command is enable or disable port fast agree, as default, port fast agree is disabled. In network, since switch of some manufacturer is configured private protocol with stp, then upriver designated port cannot realize status fast agree when those switch are used as upriver switch which is intercommunicating with Engine switch operating MSTP. In order to avoid this situation, switch provide fast agree, user can enable fast agree on Engine switch as downriver switch, if the port is root port, it will auto send agreement after it received proposal from upriver designated port, but not send agreement while waiting agreement from upriver. The designated port of upriver switch can operate status fast agree, and this function is valid when root port or Alternate port is configured fast agree. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp fast-agree enable Fengine(config-eth-1)# 88
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Related Command show stp interface 3.6.20 stp loop-protection Enable or disable loop protection. Command Form stp loop-protection <enable|disable> Parameter enable: enable port loop protection diable: disable port loop protection Node Mode Interface configuration mode Default Default is disable
Using Guide This command is to enable or disable loop protection. As default, port loop protection is disabled. With BPDU received from upriver switch, switch can keep root poer and other blocked port status. But since link block or single direction link fault, these port will not receive BPDU from upriver switch. Then the switch will reselect root port, root port will change into designated port, and blocked port will change to forward status, then exchange network will form loop. Loop protection will limit this loop forming. After loop protection is enabled, if link is blocked or single direction link is fault, the root port will change to designated port,the port status will be Discarding status; the blocked port will also change to designated port, the port status is Discarding status and not forward message, no loop will be formed in network. This function is valid is valid for root port, Alternate port and Backup port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp loop-protection enable Fengine(config-eth-1)# Related Command show stp interface
3.6.21 stp loopback-check Enable or disable port loop check. Command Form 89
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual stp loopback-check <enable|disable> Parameter enable: enable port loop check diable: disable port loop check Node Mode Interface configuration mode Default Default is disable
Using Guide This command is to enable or disable loop check. As default, port loop protection is disabled. For accessing layer device, once accessing port connection network have loop, then message will keep cycling and increasing in the loop, even form broadcast storm. In this situation, the network will not available. In order to prevent this situation, accessing port is enabled Loopback protection, if BPDU sent out by its own is received, then block the port, and notify the administrator. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp loopback-check enable Fengine(config-eth-1)# Related Command show rstp interface 3.6.22 stp mcheck Enable or disable port mcheck function Command Form stp mcheck <enable|disable> Parameter enable: enable port mcheck function disable: disable port mcheck function Node Mode Interface configuration mode Default Default is disable Using Guide This command is to execute mcheck to port, as default, port mcheck function is disabled. If MSTP switch port is connecting STP/RSTP switch, the port will be change to STP/RSTP working mode. If STP/RSTP switch is 90
shutdown or removed, the port can not auto change to MSTP mode for operation. Execute mcheck on the port, the port will return MSTP mode for operation. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp mcheck enable Fengine(config-eth-1)# Related Command show rstp interface 3.6.23 stp pathcost Configure rstp port path cost. Command Form stp pathcost <0-200000> Parameter <1-200000>switch port path cost Node Mode Interface configuration mode Using Guide This command is to set port path cost, as default, switch will auto set cost according to port rate. This command is to make user set path cost of cist and all instance. The port path cost can influence port role selection, when port path cost change, MSTP will re-account port role and execute status agree. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp pathcost 2000 Fengine(config-eth-1)# Related Command show rstp interface 3.6.24 stp point-to-point Configure stp port P2P link status. Command Form stp point-to-point <true|false > Parameter true: configure port working under P2P link status false: configure port working under non-P2P link status 91
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Node Mode Interface configuration mode Default Default is true
Using Guide This command is to set whether the link connecting with designated port is P2P link. As default, P2P parameter is set to be ture. When port is connecting with non-P2P link, port status can not fast remove. This configuration is valid for CIST and MSTI. When the port is set to be P2P link connection or nonP2P link connection, tbe port is set to be connecting with P2P link or nonP2P link on all stp instance. If practical physical link connecting with port is not P2P link, but user wrongly configure port connecting with P2P link, which will cause temporary loop. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp point-to-point false Fengine(config-eth-1)# Related Command show rstp interface 3.6.25 stp priority <0-240> Configure port stp priority Command Form stp priority <0-240> Parameter <0-255>port stp priority range is 0-255, priority is smaller, the port priority is higher. Node Mode Interface configuration mode Default 128 Using Guide This command is to set stp port priority, the port that connecting designated switch and the same subnet with smallest priority is the designated port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp priority 128 92
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine(config-eth-1)# Related Command show stp interface 3.6.26 stp root-protection Enable or disable port root protection Command Form stp root-protection <enable|disable> Parameter enable: enable port root protection diable: disable port root protection Node Mode Interface configuration mode Default Default is disable
Using Guide This command is to enable or disable port root protection, as default, port root protection is disabled. Because of error configuration or vicious attack, legal root bridge may receive higher priority configuration. then current root bridge will lose location and cause network topology structure error change. Since this change is illegal, the flow which should pass through high speed link is lead to low speed link, then network is blocked. Root protection can prevent this situation. For the port which set Root protection, the port role of all instance only keep to be destgnated port. Once this kind of port received configuration of high priority, it will be selected to be non-designated port, these port status will be set Discarding status, not forward message. If no better configuration is received within enough time, the port will restore original normal status. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp root-protection enable Fengine(config-eth-1)# Related Command show rstp interface 3.6.27 stp instance <1-15> loop-protection Configure loop protection for port in instance. Command Form stp instance <1-15> loop-protection <enable|disable> 93
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Parameter <1-15>instance No. enable: enable port loop protection diable: disable port loop protection Node Mode Interface configuration mode Default Default is disable
Using Guide This command is to configure loop protection for port in instance Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp instance 1 loop-protection enable Fengine(config-eth-1)# Related Command show rstp interface
3.6.28 stp instance <1-15> priority <0-240> Configure stp priority for port in instance. Command Form stp instance <1-15> priority <0-240> Parameter <1-15>instance No. <0-240>port stp priority range 0-240smaller priority value with high priority Node Mode Interface configuration mode Default 128 Using Guide This command is to set priority for port in instance, smaller priority value with high priority. Applicable Device S2200ME-B SERIES SWITCH Example 94
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine(config-eth-1)#stp instance 1 priority 128 Fengine(config-eth-1)# Related Command show stp interface
3.6.29 stp instance <1-15> root-protection Configure root protection status for port in instance Command Form stp instance <1-15> root-protection (enable|disable) Parameter <1-15>instance No. enable: enable port root protection diable: disable port root protection Node Mode Interface configuration mode Default Default is disable Using Guide This command is to configure root protection status for port in instance Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#stp instance 1 root-protection enable Fengine(config-eth-1)# Related Command show rstp interface 3.6.30 show stp Show configuration of switch stp. Command Form show stp Parameter None Node Mode Privileged user mode Default 95
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None Using Guide Show switch stp configuration Applicable Device S2200ME-B SERIES SWITCH
Example Fengine#show stp Oper Configuration: stp mode:STP BPDU-Protection:disabled Bridge Times:Hello 2s MaxAge 20s FwDly 15s MaxHop 20s Format selector:0 stp config name: F-Engine Revision level:0 Instance priority Vlans Mapped 0 32768 1-2 Fengine# Related Command None 3.6.31 show stp config Show whether switch stp is enabled or not Command Form show stp config Parameter None Node Mode Privileged user mode Default None Using Guide Show whether switch stp is enable or not Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show stp config ! !stp configuration stp stp enable 96
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual stp vlan 1-2 stp mode stp Fengine# Related Command None 3.6.32 show stp information Show switch stp operation status Command Form show stp information Parameter None Node Mode Privileged user mode Default None Using Guide Show switch stp operation status Applicable Device S2200ME-B SERIES SWITCH
Example Fengine# show stp information CIST Bridge:32768.0004-6732-3335 Bridge Times:Hello 2s MaxAge 20s FwDly 15s RemainHop 20 CIST Root/ERPC:32768.0004-6732-3335 / 0 CIST RegRoot/IRPC:32768.0004-6732-3335 / 0 CIST RootPortId:0.0 Fengine# Related Command None 3.6.33 show stp interface Show stp configuration of each switch port Command Form show stp interface show stp interface <1-64> show stp interface trunk <1-64> Parameter 97
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None Node Mode Privileged user mode Default None Using Guide Show stp configuration of each switch port Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show stp interface MSTID Port Role Fengine# Related Command None 3.6.34 show stp instance interface Show stp configuration of switch each instance port Command Form show stp instance <1-15> interface show stp instance <1-15> interface <1-64> show stp instance <1-15> interface trunk <1-64> Parameter None Node Mode Privileged user mode Default None Using Guide Show stp configuration of switch each instance port Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show stp instance 1 interface MSTID Port Role STP State Fengine# Related Command None 98
STP State
Protection 1 enable disable
Protection 1 enable disable
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.7 COS configuration command
COSClass of services configuration command is including: cos (enable|disable) cos priority <0-7> queue <0-3> cos queue <0-3> weight <1-31> cos queue mode (strict|weighted-round-robin|sp+wrr3|sp2+wrr2) show cos
3.7.1 cos (enable|disable) Enable and disable service type configuration Command Form cos (enable|disable) Parameter (enable|disable) Node Mode COS configuration mode Default disable Using Guide This command is to enable or disable service type configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-cos)#cos enable Fengine(config-cos)# Relevant Command show cos 3.7.2 cos priority <0-7> queue <0-3> Set mapping relationship for data frame priority mapping to priority queue. Command Form cos priority <0-7> queue <0-3> Parameter <0-7>:priority of data frame is ranged from 0the lowestto 7the highest <0-3>:priority of data frame is ranged from 0the lowestto 3the highest 99
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Node Mode COS configuration mode
Default Export frame of priority 0 is mapped to priority queue 0; Export frame of priority 1 is mapped to priority queue 0; Export frame of priority 2 is mapped to priority queue 1; Export frame of priority 3 is mapped to priority queue 1; Export frame of priority 4 is mapped to priority queue 2; Export frame of priority 5 is mapped to priority queue 2; Export frame of priority 6 is mapped to priority queue 3; Export frame of priority 7 is mapped to priority queue 3; Using Guide This command is to configure mapping relationship for data frame to priority queue according to the data frame priority. Each switch port supports 4 priority queue, use this command to export data frame in different priority queue. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-cos)#cos priority 1 queue 1 Fengine(config-cos)# Relevant Command show cos 3.7.3 cos queue <0-3> weight <1-31> Configure switch priority queue weight Command Form cos queue <0-3> weight <1-31> Parameter <0-3> :the priority of priority queue is ranged from 0the lowestto 3the highest <1-31>:weight Node Mode COS configuration mode Default None Using Guide This command is to show switch service typeClass of services. Applicable Device S2200ME-B SERIES SWITCH 100
Example Fengine(config-cos)# cos queue <0-3> weight <1-31> Fengine(config-cos)# Relevant Command show cos 3.7.4 cos queue mode (strict|weighted-round-robin|sp+wrr3|sp2+wrr2) Set switch priority queue mode Command Form cos queue mode (strict|weighted-round-robin|sp+wrr3|sp2+wrr2) Parameter strict:strict priority mode (any frame in higher priority queue will be transferred in prior, only when the higher priority queue is vacant, the frame of the lower priority queue will be transferred. ) weighted-round-robin:weighted-round-robinprovide a rule that the frame of the lower priority queue will never be transferred, it provides a min baniwdth for each queue to be max frame of each queue. sp+wrr3queue 3 is sp, the other three queue 210 are wrr sp2+wrr2queue 32 is sp, pass with priority. Node Mode COS configuration mode Default Weighted-round-robin Using Guide This command is to set the mode for switch priority queue. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-cos)#cos queue mode strict Fengine(config-cos)# Relevant Command show cos 3.7.5 show cos Show configuration of Class of services (CoS) Command Form show cos Parameter 101
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None Node Mode privileged user mode Default None Using Guide This command is show switch Class of Service. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show cos cos status : disable cos queue mode : weighted-round-robin cos queue num : 4 cos priority num : 8 cos priority 0 queue 0 cos priority 1 queue 0 cos priority 2 queue 1 cos priority 3 queue 1 cos priority 4 queue 2 cos priority 5 queue 2 cos priority 6 queue 3 cos priority 7 queue 3 cos queue 0 weight 1 cos queue 1 weight 2 cos queue 2 weight 4 cos queue 3 weight 8 Fengine# Relevant Command None 3.8 VLAN configuration command VLAN configuration command is including: admin-status (up|down) apply-as-pvid PORTLIST interface vlan no vlan member PORTLIST no member PORTLIST 102
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual vlan description vlan type vlan priority <0-7> show vlan
3.8.1 admin-status (up|down) Set switch vlan status Command Form admin-status (up|down) Parameter Up: start VLAN Down: shutdown VLAN Node Mode VLAN configuration mode Default up Using Guide This command is to control certain VLAN. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-vlan-2)#admin-status down Fengine(config-vlan-2)# Relevant Command None 3.8.2 apply-as-pvid PORTLIST Set this VLAN to be switch port PVID Command Form apply-as-pvid PORTLIST Parameter PORTLISTport list (e.g.:1,2,5-15,20) Node Mode VLAN configuration mode Default None Using Guide 103
This command is to set PVID of switch physical port to be the VLAN corresponding to the vlan configuration node under vlan configuration node, when an interface received none-vlan tagged data or priority tagged data, we consider the data belong to the vlan indicated by this interface pvid, the data is forwarding in the vlan. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-vlan-2)# apply-as-pvid 2-8,10 Fengine(config-vlan-2)# The above command is to set PVID of physical port 1~8,10 to be 2. Relevant Command pvid <1-4094> 3.8.3 interface vlan Create one or multi vlan. Command Form interface vlan <1-4094> [<1-4094>] Parameter <1-4094>:the beginning VLAN ID [<1-4094>]:the ending VLAN ID Node Mode VLAN configuration mode Default None Using Guide VLAN is a protocol to solve Ethernet broadcast and security, it has added VLAN on base of Ethernet frame, using VLAN ID to divide users into smaller work group so as to limit the users access between different work group, each work group is a virtual local area network. Virtual loca area network can limit broadcast scope and form virtual work group and dynamic management network. This command is to create one or multi vlan. If there is only one parameter, it means only one vlan is created, then enter vlan configuration of this vlan; If there is two parameters, it means create multi vlan between two vlan id. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#interface vlan 5 7 %Creating Vlan 5,6,7 Fengine(config)#interface vlan 5 104
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine(config-vlan-5)
Relevant Command member PORTLISTshow vlan [<1-4094>]no vlan <1-4094> [<1-4094>] 3.8.4 no vlan Delete one or multi vlan Command Form no vlan <1-4094> [<1-4094>] Parameter <1-4094>:beginning Vlan ID [<1-4094>]:ending Vlan ID Node Mode global configuration mode Default None Using Guide This command is to delete one or multi VLAN. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#no vlan 5 7 %Deleting Vlan 5,6,7 Fengine(config)# Relevant Command interface vlan <1-4094> [<1-4094>] 3.8.5 member PORTLIST Add multi physical interface of the switch into vlan, and designate the port to be vlan tagged port or untagged port. Command Form member PORTLIST (tagged|untagged) Parameter PORTLIST:VLAN member port list, e.g.: "1,2,3,6-8" tagged: vlan tagged port untagged:untagged vlan port Node Mode VLAN configuration mode Default tagged 105
Using Guide This command is to add multi physical interface into this vlan under vlan configuration mode, and designate port to be vlan tagged port or untagged port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-vlan-2)#member 1,2,5-7 untagged Fengine(config-vlan-2)# After this command is executed, the switch physical port 1257 will be added into vlan 2 as untagged port. Relevant Command show vlan [<1-4094>] 3.8.6 no member PORTLIST Delete switch port from vlan member Command Form no member PORTLIST Parameter PORTLIST:VLAN member port list, e.g.: "1,2,3,6-8" Node Mode VLAN configuration mode Default None Using Guide This command is to delete switch port from VLAN member. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-vlan-2)#no member 1-5 Fengine(config-vlan-2)# Relevant Command member PORTLISTshow vlan [<1-4094>] 3.8.7 vlan description STRING Configure vlan description Command Form vlan description STRING no vlan description 106
Parameter STRING:VLAN description, character string length is less than 32 Node Mode VLAN configuration mode Default None Using Guide This command is to configure VLAN description, the default description is vlan and vlan ID,e.g.: the description of vlan 1 is vlan 1, NO form of this command is to delete vlan description. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-vlan-5)vlan description test Fengine(config-vlan-5) Relevant Command show vlan [<1-4094>] 3.8.8 vlan type (dynamic|static) Configure vlan type Command Form vlan type (dynamic|static) Parameter dynamic:VLAN type is dynamic type static: VLAN type is static type Node Mode VLAN configuration mode Default static Using Guide This command is to configure VLAN type, configure dynamic vlan learned by switch into static type; but it can not change static vlan into dynamic vlan Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-vlan-1)#vlan type static Fengine(config-vlan-1)# Relevant Command show vlan [<1-4094>] 107
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.8.9 vlan priority <0-7> Set vlan priority Command Form vlan priority <0-7> Parameter <0-7>vlan priority Node Mode VlanNode Mode Default 0
Using Guide When interface enabled vlan priority received a packet with vlan tag, write vlan priority into the packet vlan tag priority field. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-vlan-1)#vlan priority 6 Fengine (config-vlan-1)# Relevant Command None 3.8.10 show vlan Show switch vlan configuration Command Form show vlan [<1-4094>] Parameter [<1-4094>] VLAN IDoptional Node Mode privileged user mode Default None Using Guide This command is show switch all or a certain VLAN configuration Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show vlan 108
There are 1 vlan in the system. ************************************************** (D=Dynamic,T=Tagged,U=Untagged,-=None) ************************************************** Vlan 1------8 9-----16 17----24 1 UUUUUUUU UUUUUUUU UU Fengine# The above command is to show switch all VLAN configuration. Fengine#show vlan 1 Vlan Type : static Vlan Desc : vlan1 Dynamic Member : none Tagged Member : none Untagged Member : 1-9,17-18 Trunk:1 Fengine# Above command is to show single VLAN1 configuration. Relevant Command vlan <1-4094>member PORTLIST (tagged|untagged)member PORTLIST 3.9 private VLAN configuration command Private VLAN configuration command is including: pvlan <1-64> no pvlan <1-64> isolate-ports PORTLIST no isolate-ports show pvlan
3.9.1 pvlan <1-64> Create a private vlan Command Form pvlan <1-64> Parameter <1-64>pvlan id Node Mode global configuration mode Default None Using Guide 109
This command is to create a pvlan, the port isolated in pvlan can not access each other. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#pvlan 1 Fengine(config-pvlan-1)# Relevant Command no pvlan <1-64>show pvlan 3.9.2 no pvlan <1-64> Delete a private vlan Command Form no pvlan <1-64> Parameter <1-64>pvlan id Node Mode global configuration mode Default None Using Guide This command is to delete a private vlan Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# no pvlan 1 Fengine(config)# Relevant Command pvlan <1-64> 3.9.3 isolate-ports PORTLIST Isolate certain port in pvlan. Command Form isolate-ports PORTLIST Parameter PORTLISTport list Node Mode PVLAN configuration mode 110
Using Guide This command is to prohibit data communication between some ports in certain pvlan. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-pvlan-1)#isolate-ports 1-3,9 Fengine(config-pvlan-1)# Relevant Command no isolate-portsshow pvlan 3.9.4 no isolate-ports Restore the isolated port in pvlan Command Form no isolate-ports Parameter None Node Mode PVLAN configuration mode Default None Using Guide This command is to restore the isolated port in pvlan, the restored port can communicate with each other. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# no isolate-ports Fengine(config)# Relevant Command isolate-ports PORTLIST 3.9.5 show pvlan Show switch private vlan. Command Form show pvlan Parameter 111
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None Node Mode privileged user mode Default None
Using Guide This command is to show switch all private vlan configuration Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show pvlan PVlan 1 isolate-ports 10-16 Fengine# Relevant Command None 3.10 SGM configuration command Configuration command are: sgm sgm (enable|disable) sgm discovery time (<1-300>|default) sgm discovery ttl (<1-255>|default) sgm vlan (add|remove) VLAN-LIST [no] sgm member (AA.BB.CC.DD.EE.FF) ip sgm (collect-map|release-map) sgm addr-opt (enable|disable) sgm cluster ip-pool sgm cluster name WORD sgm cluster password PASSWORD sgm ip-allocation (auto|manual) sgm join-policy (auto|manual) sgm map-collect time (<1-100>|default) sgm map-collect ttl (<1-100>|default) sgm member (add|remove) (AA.BB.CC.DD.EE.FF) sgm member handtime (<1-300>|default) sgm member holdtime (<1-300>|default) sgm role (independence|candidate|commander) sgm trap (enable|disable) show sgm interface [<1-64>] show sgm local show sgm neighbor 112
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.10.1 sgm Enter SGM configuration node Command Form sgm Parameter None Node Mode global configuration mode Default None
Using Guide This command is to enter SGM configuration node. Configuration of command switch is executed under SGM configuration node. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#sgm Fengine (config-sgm)# Relevant Command 3.10.2 sgm (enable|disable) enable/disable SGM for an interface Command Form sgm (enable|disable) Parameter (enable|disable) Node Mode interface configuration mode Default Disable is default Using Guide This command is to enable/disable SGM function of a certain interface. The interface not enabled SGM function will not transact any SGM message. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-eth-1)#sgm enable 113
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine (config-eth-1)# Relevant Command show sgm interface 3.10.3 sgm discovery time (<1-300>|default)
Set time interval for port sending topology discovery message. Command Form sgm discovery time (<1-300>|default) Parameter <1-300>:period of sending discovery, unit: second default:30 second Node Mode interface configuration mode Default Default is 30 second Using Guide This command is to set time interval for port sending topology discovery message. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-eth-1)#sgm discovery time 100 Fengine (config-eth-1)# Relevant Command show sgm interface 3.10.4 sgm discovery ttl (<1-255>|default) Set time interval for aging port connecting neighbour. Command Form sgm discovery ttl (<1-255>|default) Parameter <1-255>:time interval is ranged in 1~255 second default:90 Node Mode interface configuration mode Default Default is 90 114
Using Guide This command is to set time interval for aging port connecting neighbour, we suggest the time is 3 times of topology discovery time. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-eth-1)#sgm discovery ttl 100 Fengine (config-eth-1)# Relevant Command show sgm interface 3.10.5 sgm inband enable <1-4094> Enable SGM configuration interface on designated vlan. Command Form sgm inband disable sgm inband enable <1-4094> Parameter <1-4094>vlan ID Node Mode interface configuration mode Default None Using Guide This command is to enable/disable SGM interface vlan. When received message is not in vlan of the port, then not transact. Command switch and member switch need configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-eth-1)#sgm inband enable 1 Fengine (config-eth-1)# Relevant Command None 3.10.6 sgm vlan (add|remove) VLAN-LIST Set vlan list for interface to add or remove. Command Form sgm vlan (add|remove) VLAN-LIST Parameter 115
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual (add|remove):add/remove VLAN-LIST:vlan list need to operate Node Mode interface configuration mode Default None
Using Guide This command is to set vlan list for interface to add/rmove. When the received message is not in the vlan list, it need no transaction. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-eth-1)#sgm vlan add 1,3 Fengine (config-eth-1)# Relevant Command show sgm interface 3.10.7 [no] sgm member (AA.BB.CC.DD.EE.FF) ip Distribute/delete IP address for designated SGM device. Command Form sgm member (AA.BB.CC.DD.EE.FF) ip (A.B.C.D/M) no sgm member (AA.BB.CC.DD.EE.FF) ip Parameter (AA.BB.CC.DD.EE.FF):device MAC address (A.B.C.D/M):IP address and mask Node Mode SGM configuration mode Default None Using Guide This command is to distribute /delete IP address for SGM device. The designated IP should be in ip-pool, this device can be member switch or candidate switch. This command only can be executed by command switch. Notes: IP address and member switch/candidate switch in-band and out-ofband address are not in identical network field, otherwise,SGM will be failed. Applicable Device S2200ME-B SERIES SWITCH Example 116
Fengine (config-sgm) # sgm member 00:04:67:11:11:11 ip 10.1.1.2/24 Fengine (config-sgm) # Relevant Command sgm cluster ip-pool 3.10.8 sgm (collect-map|release-map) Collect/release current topology. Command Form sgm (collect-map|release-map) Parameter (collect-map|release-map):collect-mapis to collect topology, release-map is to release current topology Node Mode SGM configuration mode Default The default is disabled Using Guide This command is to recollect network SGM topology or clearup all collected information. This command only can be executed by command switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm collect-map Fengine (config-sgm) # Relevant Command 3.10.9 sgm addr-opt (enable|disable) Set whether current device support address Command Form sgm addr-opt (enable|disable) Parameter (enable|disable)enable supports address, disable does not support address Node Mode SGM configuration mode Default Default is disabled 117
Using Guide This command is to set whether this device support address. The old SGM does not support discovery with address, when communicating with old SGM device, it has no address, or the discovery message will be discard. This command has no role limit. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) #sgm addr-opt enable Fengine (config-sgm) # Relevant Command show sgm local 3.10.10 sgm cluster ip-pool Set address pool of SGM Command Form sgm cluster ip-pool (A.B.C.D/M) sgm cluster ip-pool (A.B.C.D) (A.B.C.D) Parameter (A.B.C.D/M)address and mask Node Mode SGM configuration mode Default None Using Guide This command is to set address pool of current SGM. When address distribution strategy is set to be automatic, when a new member join in, system will auto distribute a vacant IP address to the member. If a switch has joined in the SGM and be a member switch before command switch configure address pool, the switch will not be distributed with address, then you can designate IP address in manual. For the switch with configured address pool but need to reconfigure, configure the switch to be candidate switch, then become command switch, so as to clearup address pool. The configured IP address pool should conform to the requirement {address=address&mask}. The first address in address pool will auto distribute to command switch. Only command switch can execute this command. Suggest: address mask can not be overlarge, generally, 24bits mask is enough (support 253 members). If mask is overlarge, initialization of IP address is too slow, so we never use it for application. 118
Notes: IP address and member switch/candidate switch in-band and outof-band address are not in identical network field, otherwise,SGM will be failed. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm cluster ip-pool 10.1.1.0/24 Fengine (config-sgm) # Relevant Command show sgm local 3.10.11 sgm cluster name WORD Set cluster name Command Form sgm cluster name WORD Parameter WORDcluster name Node Mode SGM configuration mode Default Vacant Using Guide This command is to set cluster name. the cluster name is mainly used for authentication when device join in SGM. Currently, Fiberhome SGM does not support authentication, only open configuration interface, configuration can not influence operation. This command can execute for command switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm cluster name fhn-sgm Fengine (config-sgm) # Relevant Command show sgm local 3.10.12 sgm cluster password PASSWORD Set cluster password Command Form 119
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual sgm cluster password PASSWORD Parameter PASSWORDset cluster password Node Mode SGM configuration mode Default Vacant
Using Guide This command is to set cluster password. the cluster name is mainly used for authentication when device join in SGM. Currently, Fiberhome SGM does not support authentication, only open configuration interface, configuration can not influence operation. This command can execute for command switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) #sgm cluster password 123 Fengine (config-sgm) # Relevant Command show sgm local 3.10.13 sgm ip-allocation (auto|manual) Set IP allocation strategy for SGM Command Form sgm ip-allocation (auto|manual) Parameter (auto|manual)auto is to auto allocate IP address, manual is to manual designate IP address Node Mode SGM configuration mode Default The default is manual Using Guide This command is to set IP allocation strategy for current SGM. For auto allocation, the address pool should be configured, when a new member join in, system will auto distribute a vacant IP address to the member. for manual allocation, should use 3.10.7 command to designate address in manual. This command only can be executed by command switch. Applicable Device 120
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm ip-allocation auto Fengine (config-sgm) # Relevant Command show sgm local 3.10.14 sgm join-policy (auto|manual) Set join-policy for SGM Command Form sgm join-policy (auto|manual)
Parameter (auto|manual):auto is to auto-join, manual is to join manually Node Mode SGM configuration mode Default The default is join manually Using Guide This command is to set join policy for SGM, when auto join, command switch will send join message when detecting other device, and ask other device to join SGM. For manual join, not send join message, need to use command 3.10.16 to add manually. This command only can be executed by command switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm join-policy auto Fengine (config-sgm) # Relevant Command show sgm local 3.10.15 sgm map-collect time (<1-100>|default) Set SGM topology collection time Command Form sgm map-collect time (<1-100>|default) Parameter <1-100>:topology collection period. unit: second 121
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual default:default is 60 second Node Mode SGM configuration mode Default 60 seconds
Using Guide This command is to set SGM topology collection time. SGM will periodically send topology collect packet to update current topology information. This command only can be executed by command switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm map-collect time 25 Fengine (config-sgm) # Relevant Command show sgm local 3.10.16 sgm map-collect ttl (<1-100>|default) Set hops of SGM topology collect packet. Command Form sgm map-collect ttl (<1-100>|default) Parameter <1-100>:hops of topology collect packet default:the default is 10 hops Node Mode SGM configuration mode Default 10 Using Guide This command is to set hops of current SGM topology collect packet. The hop will reduce 1 when passing one device, when the hop is 0, the topology collect message will be discard. This command only can be executed by command switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm map-collect ttl 3 Fengine (config-sgm) # 122
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Relevant Command show sgm local 3.10.17 sgm member (AA.BB.CC.DD.EE.FF)
This command is for command switch to access a member, and configure it. Command Form sgm member (AA.BB.CC.DD.EE.FF) Parameter (AA.BB.CC.DD.EE.FF)device MAC address Node Mode SGM configuration mode Default None Using Guide This command is to access a certain member. when switch join SGM, command switch will use this command to access it and configure it. This command only can be executed by command switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm member 00:04:67:11:25:31 Fengine (config-sgm) # Relevant Command sgm (enable|disable), sgm vlan (add|remove) VLAN-LIST, sgm inband enable <1-4094> 3.10.18 sgm member (add|remove) (AA.BB.CC.DD.EE.FF) This command is to manually add/remove a certain member. Command Form sgm member (add|remove) (AA.BB.CC.DD.EE.FF) Parameter (add|remove):add is to add a certain device as a member, remove is to remove a certain member (AA.BB.CC.DD.EE.FF):device MAC address Node Mode SGM configuration mode Default None Using Guide 123
This command is to manually add/delete a certain member. When join-policy is manual, use add mode of this command to add a certain device to be member. also use remove mode to remove an existing member. this command only can be executed by command switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm member add 00:04:67:11:25:31 Fengine (config-sgm) # Relevant Command show sgm neighbor 3.10.19 sgm member handtime (<1-300>|default) Set SMG member handtime Command Form sgm member handtime (<1-300>|default) Parameter <1-300>:handtime (unit: second) default:8 second Node Mode SGM configuration mode Default 8 second Using Guide This command is to set SGM handtime, SGM can know member connectivity with periodic hand message and update topology in time. The time is smaller, the topology convergence is faster, but more frequent hand message will increase device load. This command only can be executed by command switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm member handtime 120 Fengine (config-sgm) # Relevant Command show sgm local 3.10.20 sgm member holdtime (<1-300>|default) 124
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Set holdtime for SGM device Command Form sgm member holdtime (<1-300>|default) Parameter <1-300>holdtime, unit: second default80 second Node Mode SGM configuration mode Default 80 second
Using Guide This command is to set holdtime for SGM device. When command switch havenot received hand message of connected device within desginagted holdtime, the device will be labeled as disconnected. This command only can be executed by command switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm member holdtime 200 Fengine (config-sgm) # Relevant Command show sgm local 3.10.21 sgm role (independence|candidate|commander) Set role for the device in SGM Command Form sgm role (independence|candidate|commander) Parameter (independence|candidate|commander):independence-independent switch candidate-candidate switchcommander-command switch Node Mode SGM configuration mode Default Candidate switch Using Guide This command is to set role for the device in SGM. In identical SGM, there is only one commander. If there are several commander, the MAC address will 125
auto switch to candidate, only reserve the device with smallest MAC address to be commander. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) #sgm role commander Fengine (config-sgm) # Relevant Command show sgm local 3.10.22 sgm trap (enable|disable) Enable/disable SGM trap Command Form sgm trap (enable|disable) Parameter (enable|disable) Node Mode SGM configuration mode Default Enable Using Guide This command is to enable/disable SGM trap. If trap is enabled, when add/delete member or status change, the system will report trap to designated trap server. This command only can be executed by commander. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-sgm) # sgm trap disable Fengine (config-sgm) # Relevant Command show sgm local 3.10.23 show sgm interface [<1-64>] Show SGM interface configuration Command Form show sgm interface [<1-64>] 126
Parameter [<1-64>]:interface No. optional parameter, not select to query all interface Node Mode privileged mode Default None Using Guide This command is to query SGM interface configuration, can query with designated port No., or not designate but query all port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show sgm interface Interface State TTL/Time NB-Num VLAN 1 enable 90/30 0 1 3 enable 90/30 0 2 Fengine#show sgm interface 1 Interface 1 State:enable Discovery TTL:90 Discovery Time:30 Connect Neignbor:0 VLAN list: 1 Connected Neighbors:--Fengine# Relevant Command 3.10.24 show sgm local Show current device SGM Command Form show sgm local Parameter None Node Mode privileged mode Default None Using Guide 127
This command is to query device SGM. The attribute only configured by commander can be query on commander. Applicable Device S2200ME-B SERIES SWITCH Example Fengine # show sgm local local mac:0004:6711:1111/1118481 name:up role:commander Commander mac:0004:6711:1111 Commander ip:1.1.1.1 Managment ip:1.1.1.1/24 Description: Fengine FSM:active Trap:disable Trap-trans:enable Address-option:disable Protocol version:1 Cluster name: Cluster password: Cluster IP-pool:0.0.0.0/0 IP allocation policy:manual Join policy:manual Map-collect TTL:10 Map-collect time:60 Neighbor Hand-time:8 Neighbor Hold-time:80 Support neighbor number:64 Current neighbor number:0 Connected Neighbors:--Fengine# Fengine# #show sgm local local mac:0004:6711:1111/1118481 name:up role:candidate Commander mac:0000:0000:0000 Commander ip:0.0.0.0 Managment ip:1.1.1.1/24 Description: Fengine FSM:connectible Trap:disable Trap-trans:enable Address-option:disable Protocol version:1 128
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Current neighbor number:0 Connected Neighbors:--Relevant Command 3.10.25 show sgm neighbor Show SGM member Command Form show sgm neighbor (AA.BB.CC.DD.EE.FF)
Parameter (AA.BB.CC.DD.EE.FF)MAC address of query member Node Mode privileged mode Default None Using Guide This command is to query SGM member. can designate MAC and query verbose information, also query all member information. Applicable Device S2200ME-B SERIES SWITCH Example Fengine# show sgm neighbor MAC-Address/ID Role NB-Num Version Name 0004:6711:1111/1118481 candidate 0 1 up Fengine# Relevant Command 3.11 interface configuration command Switch interface is including Trunk interface and single Ethernet interface Switch interface configuration command is including: address-learning description STRING dot1q accept duplex (half|full) speed (10|100) duplex auto egress mirror <0-64> 129
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual flow-ctrl (enable|disable) ingress mirror <0-64> interface (ethernet|trunk) join trunk join vlan link-trap (enable|disable) loop-check (enable|disable|re-check) loop-check vlan member PORTLIST no member PORTLIST packet-limit priority pvid quit trunk quit vlan rate-limit security-mac (add|delete) security-mac (enable|disable) shutdown no shutdown static-mac (add|delete) trunk-dis-policy user-limit number power (down|up) show interface show interface distance show interface dynamic-mac show interface loop-check show interface security-mac show interface static-mac show interface statistics 130
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual show interface user-limit show trunk
3.11.1 address-learning Enable or disable address learning for switch port, currently, switch port is enabled address learning. Command Form address-learning (disable|enable) Parameter disable:disable port address learning enable:enable port address learning Node Mode interface configuration mode Default enable Using Guide This commandis to enable or disable address learning for switch each port, currently, switch port is enabled address learning. Applicable Device S2200ME-B SERIES SWITCH Example None Relevant Command None 3.11.2 description STRING Set port description for each switch port Command Form description STRING no description Parameter STRINGport description string, character string should not longer than 31. Node Mode interface configuration mode Default None Using Guide This command is to set description for switch port, no description is to delete port description. 131
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-6)#description port6 Fengine(config-eth-6)# Relevant Command show interface [<1-64>] 3.11.3 dot1q accept Configure data packet type accepted by switch port Command Form dot1q accept (all|tagged-only)
Parameter all:all type data packet tagged-only:only accept data packet with VLAN tag . Node Mode interface configuration mode Default all Using Guide This command is to set whethern switch port accept all type data packet or only accept data packet with VLAN tag. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#dot1q accept all Fengine(config-eth-1)# Relevant Command dot1q ingress-filter (enable|disable) 3.11.4 duplex (half|full) speed (10|100|1000) Set work mode for switch port. Command Form duplex (half|full) speed (10|100|1000) Parameter half:work mode is half-duplex full:work mode is full-duplex (10|100): rate is 10M or 100M or 1000M Node Mode 132
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual interface configuration mode Default Auto-negotiation
Using Guide This command is to configure work mode for switch port Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-6)#duplex half speed 10 Fengine(config-eth-6)# Relevant Command duplex auto 3.11.5 duplex auto Set switch port work mode to be auto-negotiation mode. Command Form duplex auto Parameter None Node Mode interface configuration mode Default None Using Guide This command is to set switch port work mode to be auto-negotiation mode. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-6)#duplex auto Fengine(config-eth-6)# Relevant Command duplex (half|full) speed (10|100) 3.11.6 egress mirror <0-64> Set egress mirroring port for certain port. Command Form egress mirror <0-64> Parameter 133
<0-64>mirroring port No., 0 is to disable egress mirroring on this port. Node Mode interface configuration mode Default Not enable egress mirroring Using Guide This command is to configure mirroring port B for egress flow on port A, when egress mirroring port B is configured, the data sent from Port A will be copied and sent by Port B. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#egress mirror 3 Fengine(config-eth-1)# Relevant Command ingress mirror <0-64> 3.11.7 flow-ctrl (enable|disable) Enable or disable port flow control Command Form flow-ctrl (enable|disable) Parameter (enable|disable) Node Mode interface configuration mode Default disable Using Guide Flow control can reduce data lose caused by saturated buffer when terminal and switch are directly connected. Warning: the uplink interface of switch can not enable flowctrl in case not to affect online speed for users! Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)# flow-ctrl enable Fengine(config-eth-1)# Relevant Command None 134
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.11.8 ingress mirror <0-64> Set ingress mirroring port for certain port Command Form ingress mirror <0-64>
Parameter <0-64>mirrored port No., 0 means mirroring function is not enabled. Node Mode interface configuration mode Default Not enable ingress mirroring function. Using Guide This command is to configure ingress data mirroring Port B on Port A, when ingress mirroring Port B is configured, the data received at Port A will be copied and sent out from Port B. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#ingress mirror 3 Fengine(config-eth-1)# Relevant Command egress mirror <0-64> 3.11.9 interface (ethernet|trunk) Enter selected Ethernet interface or Trunk interface configuration mode Command Form interface (ethernet|trunk) <1-64> Parameter ethernet:single Ethernet interface trunk:trunk interface <1-64>:interface No. Node Mode global configuration modeinterface configuration mode Default None Using Guide Use this command to enter corresponding interface for configuration. If no definite Trunk interface No., then create a new Trunk interface. Applicable Device 135
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual S2200ME-B SERIES SWITCH Example Fengine(config)#interface ethernet 1 Fengine(config-eth-1)# Relevant Command None 3.11.10 join trunk Configure port Trunk ID. Command Form join trunk <1-64> Parameter <1-64>trunk ID Node Mode interface configuration mode Default Port doesnot belong to any Trunk
Using Guide This command is to configure a physical port to enter Trunk. This command is invalid under Trunk interface configuration mode. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-ethernet-1)#join trunk 1 Fengine(config-eth-1)# Relevant Command quit trunkshow trunk 3.11.11 join vlan Add switch port into certain VLAN, then set VLAN type for the port in these vlan. Command Form join vlan VLANLIST join vlan VLANLIST (tagged|untagged) Parameter VLANLIST:Vlan ID list tagged:vlan tagged port untagged:untagged vlan port Node Mode interface configuration mode 136
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Default tagged
Using Guide This command is to add certain port into certain VLAN and to be member of these VLAN, then indicate VLAN type, if the indicated port is val tagged port, then the VLAN tagged port will send data packet from this port, which will take vlan tag issued by IEEE802.1Q. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-4)#join vlan 2 Fengine(config-eth-4)# Relevant Command quit vlan VLANLISTjoin vlan VLANLIST (tagged|untagged) 3.11.12 link-trap (enable|disable) Enable or disable port link trap Command Form link-trap (enable|disable) Parameter enableenable trap disabledisable trap Node Mode interface configuration mode Default disable Using Guide This command is to configure whether inform snmp when interface link status is changed. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-2)#link en Fengine(config-eth-2)# Relevant Command None 3.11.13 loop-check (enable|disable|re-check) Enable, disable, repeat port loop check 137
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Command Form loop-check (enable|disable|re-check) Parameter enable:enable loop check disable:disable loop check re-check:loop check on the interface immediately Node Mode interface configuration mode Default enable
Using Guide This command is to enable or disable loop check of switch port, and execute loop-check on the interface immediately. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-2)#loop-check enable Fengine(config-eth-2)# Relevant Command loop-check vlan <1-4094> 3.11.14 loop-check vlan <1-4094> Configure the VLAN on which loop check is executed. Command Form loop-check vlan <1-4094> Parameter <1-4094>VLAN id Node Mode interface configuration mode Default As default configuration, the chck vlan is 1. Using Guide This command is to configure the VLAN on which loop check is executed. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-2)#loop-check vlan 1 Fengine(config-eth-2)# 138
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Relevant Command None 3.11.15 member PORTLIST
Indicate switch port to be certain Trunk member, the command is valid only under Trunk interface. Command Form member PORTLIST Parameter PORTLISTport list Node Mode interface configuration mode Default None Using Guide This command is to indicate single or a series switch port to be Trunk member, only valid under Trunk interface. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-trunk-1)#member 1,2,3 Fengine(config-trunk-1)# Relevant Command None 3.11.16 no member PORTLIST Delete certain physical port from certain switch Trunk port, the command is valid only under Trunk interface. Command Form no member PORTLIST Parameter PORTLISTport list Node Mode interface configuration mode Default None Using Guide This command is to indicate single or a series switch physical port not to be a member of certain Trunk, only valid under Trunk interface. 139
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-trunk-1)#no member 1,2,3 Fengine(config-trunk-1)# Relevant Command None 3.11.17 packet-limit Set rate limit for data packet on each switch port. Command Form packet-limit broadcast 0-100000 > packet-limit dlf <0-100000 > packet-limit multicast <0-100000 > packet-limit b-m <0-100000> packet-limit b-m-dlf <0-100000> Parameter <0-100000 >scope of rate limit, unit is kbps Node Mode interface configuration mode
Default Broadcast and dlf is 64K for default, multicast has no limit. Using Guide This command is to limit each data packet received at each switch port, broadcast is to limit broadcast packet received by interface, dlf is to limit unknown data packet of destination received by interface, multicast is to limit multicast packet received at interface, b-m is to limit broadcast+multicast packet received by interface, b-m-dlf is to limit data packet of broadcast+multicast+DLF received by interface. If configuration is less than 1792, it should be integral times of 64, if more than 2000, it should be integral times of 1000. the whole switch only has one limited value. Applicable Device S2200ME-B series switch supports limit for interface broadcast, multicast, dlf data packet. Example Fengine(config-eth-1)# packet-limit broadcast 512 Fengine(config-eth-1)# Configure broadcast packet rate limit of switch Port 1 to be 512kbps. Relevant Command 140
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None 3.11.18 priority Set default priority of interface. Command Form priority <0-7> Parameter <0-7>:priority range is 0-7 Node Mode interface configuration mode Default 0 Using Guide
This command is to set default priority of interface, if the data received at this interface is untagged data, then execute scheduling according to the port default priority when forwarding the data packet. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#priority 3 Fengine(config-eth-1)# Relevant Command show running-config 3.11.19 pvid Set PVID of switch port. Command Form pvid <1-4094> Parameter <1-4094>:switch VLAN is ranged in 1-4094 Node Mode interface configuration mode Default 1 Using Guide This command is to set PVID of switch port, when an interface received untagged vlan data or priority tagged data, we consider the data belong to the vlan indicated by this interface pvid, then forwarding data in the vlan. Applicable Device 141
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual S2200ME-B SERIES SWITCH Example Fengine(config-eth-7)#pvid 2 Fengine(config-eth-7)# Relevant Command show running-config 3.11.20 quit trunk Configure Ethernet interface to quit Trunk. Command Form quit trunk Parameter None Node Mode interface configuration mode Default The port does not belong to any Trunk.
Using Guide This command is to configure a physical port to quit Trunk. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-ethernet-1)#quit trunk Fengine(config-ethernet-1)# Relevant Command None 3.11.21 quit vlan Quit switch port from certain VLAN. Command Form quit vlan VLANLIST Parameter VLANLISTVLAN list to quit from Node Mode interface configuration mode Default None Using Guide 142
This command is to quit certain port from certain VLAN, then the port is not the member of these VLAN. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#quit vlan 2,3 Fengine(config-eth-1)# The above command is to quit Port 1 from VLAN 2VLAN 3. Relevant Command join vlan VLANLIST, show vlan, join vlan VLANLIST (tagged|untagged) 3.11.22 rate-limit Set transmission rate limit for switch port Command Form rate-limit rx <0-100000> rate-limit tx <0-100000> Parameter <0-100000>:rate scope (unit: kbps), 0 is for no limit Node Mode interface configuration mode Default For default, each port is not configured rate limit Using Guide This command is to control transmission rate limit for switch port, rx is for control of receiving data, tx is for control of sending data. For some occasion, the port rate need to be controlled so as to provide different bandwidth for different user, different switch can configure different rate; When S2200ME-B series switch is setting rate limit, if the setting value is less than 1792, the value should be integral times of 64, if the setting value is more than 2000, the value should be integral times of 1000, if the setting value is other, the system will prompt unsuccessful configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-4)# rate-limit rx 0 Fengine(config-eth-4)# Relevant Command None 3.11.23 security-mac (add|delete) (AA.BB.CC.DD.EE.FF) 143
Add or delete member MAC which permits accessing for certain switch port. Command Form security-mac (add|delete) (AA.BB.CC.DD.EE.FF) Parameter add:add delete:delete AA.BB.CC.DD.EE.FF:user MAC address of accessing switch port Node Mode interface configuration mode Default None Using Guide This command is to control unauthorized access to switch, only the user host corresponding to added security MAC list can access the port, add is to add a authoried user MAC, delete is to delete. Before adding security mac address, enable security mac function on the port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-4)#security-mac add 00.B0.D0.8F.DE.A6 Fengine(config-eth-4)# Relevant Command security-mac (enable|disable)show interface security-mac [<1-64>] 3.11.24 security-mac (enable|disable) Enable or disable switch port MAC security access control. Command Form security-mac (enable|disable) Parameter (enable|disable) Node Mode interface configuration mode Default disable Using Guide This command is to enable and disable MAC security control of switch port Applicable Device S2200ME-B SERIES SWITCH 144
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Example Fengine(config-eth-4)#security-mac enable Fengine(config-eth-4)# Relevant Command security-mac (add|delete) (AA.BB.CC.DD.EE.FF) show interface security-mac [<1-64>] 3.11.25 shutdown Shutdown switch port Command Form shutdown Parameter None Node Mode interface configuration mode Default
The default port is under the status that data forwarding is enabled. Using Guide Shutdown is to disable data receiving and transferring at the port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-4)#shutdown Fengine(config-eth-4)# Relevant Command no shutdown 3.11.26 no shutdown Startup the switch port Command Form no shutdown Parameter None Node Mode interface configuration mode Default For default, each port is enabled data receiving and transferring. Using Guide 145
This command is to enable data receiving and transferring for a port Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-4)#no shutdown Fengine(config-eth-4)# Relevant Command shutdown 3.11.27 static-mac (add|delete) Add or delete static MAC address for switch certain port. Command Form static-mac (add|delete) <1-4094> (AA.BB.CC.DD.EE.FF) static-mac (add|delete) <1-4094> AA:BB:CC:DD:EE:FF priority <0-7> Parameter add:add delete:delete 1-4094:Vlan ID AA.BB.CC.DD.EE.FF:MAC address added or deleted on certain VLAN for switch port <0-7>:priority Node Mode interface configuration mode Default None Using Guide This command is to configure MAC address for switch port on certain VLAN in static state, add is to add a MAC address, delete is to delete. When add MAC, use priority to set MAC priority; when delete MAC, priority is not valid. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-4)# static-mac add 1 00.04.00.2F.AE.B6 Fengine(config-eth-4)# Relevant Command None 3.11.28 trunk-dis-policy 146
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Configure Trunk distribution policy
Command Form trunk-dis-policy ( |dst-mac|srcdst-mac|src-ip|dst-ip|srcdst-ip|port) Parameter src-mac:based on source MAC address dst-mac:based on destination MAC address srcdst -mac:based on source and destination MAC address src-ip:based on source IP address dst-ip:based on destination IP address srcdst -ip:based on source and destination IP address port:based on physical port Node Mode interface configuration mode (Trunkinterface) Default srcdst-mac Using Guide This command is to configure Trunk data distribution policy, S2200ME-B series switch supports three data distribution policy: src-mac,dst-mac and srcdst-mac. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-trunk-1)#trunk-dis-policy dst-mac Fengine(config-trunk-1)# Relevant Command show trunk 3.11.29 user-limit number Command Form user-limit number <0-100> Parameter <0-100>user limit number Node Mode interface configuration mode Default 0 Using Guide This command is to set user number permited for access, 0 is for no limit; 147
After this command, the port only learn indicated mac address, only the data flow of users with indicated number can be transferred by switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#user-limit number 10 Fengine(config-eth-1)# Relevant Command None 3.11.30 power (down|up) Enable or disable switch port MAC security access control. Command Form power (down|up) Parameter (down|up)down is to shutdown power, up is to startup power Node Mode interface configuration mode Default up Using Guide This command is to shutdown and startup switch port power supply. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-4)#power down Fengine(config-eth-4)# Relevant Command 3.11.31 show interface Show interface information Command Form show interface [<1-64>] Parameter [<1-64>]interface No.optional Node Mode privileged user mode 148
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Default None Using Guide Show switch interface Applicable Device S2200ME-B SERIES SWITCH
Example Fengine#show interface If Admin Link CurrDpx/Spd CfgDpx/Spd Descr 1 UP Down ----/---Auto/-----2 UP UP Full/100M Auto/-----3 UP Down ----/---Auto/-----4 UP Down ----/---Auto/-----5 UP Down ----/---Auto/-----6 UP Down ----/---Auto/-----7 UP Down ----/---Auto/-----8 UP Down ----/---Auto/----- Fengine# The above command is to show switch all port basic information Fengine#show interface 1 Interface Ethernet 1 IfName : phy1 IfDescr : AdminStatus : UP Link Status : Down Mtu : 1500 Config Duplex : Auto Config Speed : ---Current Duplex : ---Current Speed : ---FlowCtrl : Enable BcastPkt Limit : 64 McastPkt Limit : 0 DlfPkt Limit : 64 Rx Rate Limit : 0 Tx Rate Limit : 0 Ingress Mirror : 0 Egress Mirror : 0 Priority : 0 Dot1q Ingress Filter : Disable Dot1q Accept Frames : all Stp Flag : Disable Stp Status : forward 149
Addr Learning : Enable Igmp Snooping : Enable Pvid : 1 Tagged Vlan List : Untagged Vlan List : 1 Fengine# The above command is to show basic information of switch Port (1). Relevant Command None 3.11.32 show interface distance Show length of interface curcuitunit: meter Command Form show interface distance <1-64> Parameter <1-64>port No. Node Mode privileged user mode Default None Using Guide This command is to show length of net wire on the port (electrical interface), pull ooff the net wire of peer end device when execute this command, then the result is correct; if port is under link status, the result is 0. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show interface distance 1 Distance : Tx 1 , Rx 1 Fengine# Relevant Command None 3.11.33 show interface dynamic-mac Show dynamic MAC address learned on certain interface Command Form show interface dynamic-mac [<1-64>] Parameter <1-64>port No. optional 150
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Node Mode privileged user mode Default None Using Guide
This command is to show dynamic MAC address of certain interface. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show interface dynamic-mac If Vlan MAC-Address 2 1 00:0B:DB:2D:95:3E 2 1 00:80:AD:77:C9:F3 2 1 00:E0:4D:20:15:82 2 1 00:11:11:08:18:CE 2 1 00:05:5D:02:CC:78 Total 5 dynamic mac on this switch! Fengine# The above command is to show dynamic MAC of all interface. Fengine#show interface dynamic-mac 2 Total 5 dynamic mac on this interface Vlan MAC-Address 1 00:11:11:17:A6:70 1 00:06:5B:4D:02:F9 1 00:0B:DB:2D:95:3E 1 00:80:AD:77:C9:F3 1 00:E0:4D:20:15:82 Fengine# The above command is to show dynamic MAC of certain port (2). Relevant Command show dynamic-mac (AA:BB:CC:DD:EE:FF) 3.11.34 show interface loop-check Show loop-check information of switch interface Command Form show interface loop-check Parameter None Node Mode privileged user mode 151
Using Guide This command is to show loop-check information of switch interface, which is to check if there is loop existing in the network. If the port show topoloop, it means the port has loop. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show interface loop-check If Loop-check Vlan Status 1 enable 1 linkdown 2 enable 1 topo-loop 3 enable 1 ok 4 enable 1 linkdown 5 enable 1 linkdown 6 enable 1 linkdown 7 enable 1 linkdown 8 enable 1 linkdown Fengine# Relevant Command None 3.11.35 show interface security-mac Show security access control MAC list of certain port Command Form show interface security-mac [<1-64>] Parameter [<1-64>]port No. optional Node Mode privileged user mode Default None Using Guide This command is to show switch port security MAC list. Applicable Device S2200ME-B SERIES SWITCH Example 152
Fengine#show interface security-mac If MaxMacNum CurrMacNum Status 1 24 0 disable 2 24 0 disable 3 24 0 disable 4 24 0 disable 5 24 0 disable 6 24 0 disable 7 24 0 disable 8 24 0 disable Fengine# The above command is to show security mac information of all port Fengine#show interface security-mac 1 Interface Ethernet 1 CurrMacNum : 0 MaxMacNum : 24 MacStatus : Disable Fengine# The above command is to show security access control information of port (1). Relevant Command security-mac (enable|disable) security-mac (add|delete) (AA.BB.CC.DD.EE.FF) 3.11.36 show interface static-mac Show static MAC address of all interface or indicated interface Command Form show interface static-mac [<1-64>] Parameter [<1-64>]port No. optional Node Mode privileged user mode Default None Using Guide This command is to show static MAC address of all interface or indicated interface Applicable Device S2200ME-B SERIES SWITCH 153
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Example Fengine#show interface static-mac 1 Fengine# Relevant Command None 3.11.37 show interface statistics
Show statistics of egress data and ingress data at switch port Command Form show interface statistics [<1-64>] Parameter [<1-64>]port No. optional Node Mode privileged user mode Default None Using Guide This command is to show statistics of egress data and ingress data at switch port Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show interface statistics If BytesRx BytesTx PacketsRx PacketsTx 1 41813 59760 564 813 2 1451982 293634 15978 3659 3 0 0 0 0 4 0 0 0 0 5 0 0 0 0 6 0 0 0 0 7 0 0 0 0 8 0 0 0 0 Fengine# The above command is to show statistics of egress data and ingress data at all switch port Fengine#show interface statistics 1 Interface Ethernet 1 InOctets : 41813 InUcastPkts : 407 InMulticastPkts : 0 InBroadcastPkts : 157 154
OutOctets : 59760 OutUcastPkts : 397 OutMulticastPkts : 96 OutBroadcastPkts : 320 CRCAlignErrors : 0 UndersizePkts : 0 OversizePkts : 0 Fragments : 0 Jabbers : 0 Collisions : 0 InPkts64Octets : 469 InPkts65to127Octets : 74 InPkts256to511Octets : 0 InPkts1024to1518Octets : 0 RealTime Rate : In Bytes Rate(bps) : 0 In Packet Rate(pps) Ucast : 0, Mcast : 0, Bcast :0 Out Bytes Rate(bps) : 0 Out Packet Rate(pps) Ucast : 0, Mcast : 0, Bcast :0 Fengine# The above command is to show statistics of egress data and ingress data at switch port (1). Relevant Command None 3.11.38 show interface user-limit show user limit of switch interface Command Form show interface user-limit [<1-64>] Parameter [<1-64>]port No. optional Node Mode privileged user mode Default None Using Guide This command is to show user-limit of switch interface, including user-limit of interface and users number of current interface. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show interface user-limit 1 LimitNum: 0 AgingTime: 300 CurrNum :0 Fengine# 155
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Relevant Command None 3.11.39 show trunk Show Trunk port information Command Form show trunk Parameter None Node Mode privileged user mode Default None Using Guide This command is to show trunk information Applicable Device S2200ME-B SERIES SWITCH
Example Fengine#show trunk ************************************************** (M=Member,-=None) ************************************************** Trunk Dis-Policy 1------8 9-----16 17----24 1 dst-mac -------- -MMMMMMM -Fengine# Relevant Command None
3.12 IGMP Snooping configuration command Igmp Snooping configuration command is including: igmp-snooping (enable|disable) igmp-snooping aging igmp-snooping drop-filtered igmp-snooping fast-leave igmp-snooping proxy (enable|disable) igmp-snooping proxy igmpv3-support 156
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual igmp-snooping proxy vlan igmp-snooping query-send add igmp-snooping query-send del show igmp-snooping show igmp-snooping egressport-table
3.12.1 igmp-snooping (enable|disable) Start IGMP SNOOP in global mode Command Form igmp-snooping (enable|disable) Parameter enable:enable switch IGMP SNOOP protocol disable:disable switch IGMP SNOOP protocol Node Mode Igmp-snooping configuration mode Default disable Using Guide This command is to enable/disable switch IGMP SNOOP Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-snoop)#igmp-snooping enable Fengine(config-igmp-snoop)# Relevant Command show igmp-snooping 3.12.2 igmp-snooping aging Configure aging time for IGMP SNOOP multicast forwarding list Command Form igmp-snooping aging <30-3600> Parameter <30-3600>time range is in 30-3600 second Node Mode Igmp-snooping configuration mode 157
Default As default, IGMP SNOOP is not enabled, the default multicast forwarding list aging time is 300 seconds. Using Guide This command is to configure aging time for IGMP SNOOP protocol forwarding list. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-snoop)#igmp-snooping aging 300 Fengine(config-igmp-snoop)# Relevant Command show igmp-snooping 3.12.3 igmp-snooping drop-filtered Configure wheter permit igmp report to be forwarded by switch when received igmp report is filtered by igmp filter. Command Form igmp-snooping drop-filtered (enable|disable) Parameter Enable: if igmp report is filtered by igmp filter, the report will not be forward Disable: if igmp report is filtered by igmp filter, the report will not be forward Node Mode Igmp-snooping configuration mode Default enable Using Guide This command is to configure whether permit the igmp report is forwarded by the switch when the received igmp report is filtered by igmp filter. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-snoop)#igmp-snooping drop-filtered disable Fengine(config-igmp-snoop)# Relevant Command show igmp-snooping
158
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.12.4 igmp-snooping fast-leave Configure whether enable igmp-snooping fast-leave. Command Form igmp-snooping fast-leave (enable|disable) Parameter enableenable fast leave disabledisable fast leave Node Mode Igmp-snooping configuration mode Default disable Using Guide
This command is to configure whether enable or disable fast leave. If the switch is directly connected with terminal user, we suggest to set enable fast leave; if the switch is not directly connected with terminal user, we suggest to disable fast leave. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-snoop)#igmp-snooping fast-leave enable Fengine(config-igmp-snoop)# Relevant Command show igmp-snooping 3.12.5 igmp-snooping proxy (enable|disable) Enable or disable IGMP SNOOP proxy. Command Form igmp-snooping proxy (enable|disable) Parameter enableenable disabledisable Node Mode Igmp-snooping configuration mode Default disable Using Guide 159
This command will take effect after IgmpSnooping is enabled. After enabled, the switch proxy will send Igmp Report to Layer 3 device, all Igmp Report will be sent from proxy VLAN, and source IP is IP address of proxy VLAN. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-snoop)# igmp-snooping proxy enable Fengine(config-igmp-snoop)# Relevant Command show igmp-snooping 3.12.6 igmp-snooping proxy igmpv3-support Set whether IgmpSnooping proxy forward IGMPV3 Report sent by the host without condition. Command Form igmp-snooping proxy igmpv3-support (enable|disable) Parameter enable:support forwarding Igmpv3 Report disable:not support forwarding Igmpv3 Report Node Mode Igmp-snooping configuration mode Default disable Using Guide After this command is enabled, if received IGMPV3 Report sent by the host,it will be forward in proxy VLAN; If not enabled, estimate whether forward the Report according to the multicast list. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-snoop)# igmp-snooping proxy igmpv3-support enable Fengine(config-igmp-snoop)# Relevant Command show igmp-snooping 3.12.7 igmp-snooping proxy vlan Configure IgmpSnooping proxy VLAN ID Command Form 160
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual igmp-snooping proxy vlan <1-4094> Parameter <1-4094>vlan id Node Mode Igmp-snooping configuration mode Default 1
Using Guide This command is to configure proxy VLAN ID, the configured VLAN should have IP address, for Layer 2 switch, the VLAN is management VLAN. When management VLAN of Layer 2 switch is changed, the proxy VLAN should be changed as well. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-snoop)# igmp-snooping proxy vlan 2 Fengine(config-igmp-snoop)# Relevant Command show igmp-snooping 3.12.8 igmp-snooping query-send add Configure vlan and source IP address for IgmpSnooping sending query. Command Form igmp-snooping query-send add <1-4094> (A.B.C.D) Parameter <1-4094>:vlan ID (A.B.C.D):IP address used by query message Node Mode Igmp-snooping configuration mode Default None Using Guide Since IGMP REPORT of users PC need to be triggered by IGMP QUERY, if there is no router in network, the user PC will not periodically send IGMP REPORT, then the switch in network will delete these multicast group, then the multicast data in the network will be forward in broadcast mode and occupy much bandwidth. When network is simple, for example, for one vlan, there is a multicast service server, its too expensive to use a router to 161
periodically send query. This command can make switch periodically send igmp query, so the router can send query. Notice: IP address in the command may not in-band or out-of-band network management IP address. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-snoop)# igmp-snooping query-send add 1 192.168.1.254 Fengine(config-igmp-snoop)# After above command is executed, switch will periodically send igmp query in vlan 1, IP address of this information is 192.168.1.254 Relevant Command show igmp-snoopingigmp-snooping query-send del 3.12.9 igmp-snooping query-send del Delete configured proxy query configuration Command Form igmp-snooping query-send del <1-4094> Parameter <1-4094> vlan id Node Mode Igmp-snooping configuration mode Default None Using Guide This command is to delete proxy sending query in certain VLAN Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-snoop)# igmp-snooping query-send del 1 Fengine(config-igmp-snoop)# Relevant Command show igmp-snoopingigmp-snooping query-send add 3.12.10 show igmp-snooping Show configuration of IGMP SNOOP 162
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Command Form show igmp-snooping Parameter None Node Mode privileged user mode Default None Using Guide
This command is to show switch IGMP protocol configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show igmp-snooping igmpSnoop Status : enable igmpSnoop Aging(seconds) : 300 igmpSnoop QueryMaxResponseTime(seconds) : 10 igmpSnoop FastLeave : disable igmpSnoop Drop-filtered : enable igmpSnoop Proxy Status : disable igmpSnoop Proxy Support Igmpv3 : disable igmpSnoop Proxy Used Vlan Id : 1 igmpSnoop Query-send : vlan 1 IP 192.168.1.100 Fengine# Relevant Command show running-config 3.12.11 show igmp-snooping egressport-table Show multicast group and group member port information learned by IGMP SNOOP Command Form show igmp-snooping egressport-table Parameter None Node Mode privileged user mode Default None 163
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Using Guide
This command is to show multicast group and group member port information learned by IGMP SNOOP. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show igmp-snooping egressport-table Vlan MacAddr EgressPorts 1 01:00:5E:01:01:01 6 1 01:00:5E:02:03:22 6 Fengine# Relevant Command None
3.13 ESR instance configuration command ESR configuration command is including: esr (disable|enable) esr <0-5> (disable|enable) esr <0-5> ctrl-vlan esr <0-5> failed-time esr <0-5> hello-time esr <0-5> mode (master|transit) esr <0-5> name esr <0-5> primary-port esr <0-5> primary-port trunk esr <0-5> secondary-port esr <0-5> secondary-port trunk show esr show esr Example
3.13.1 esr (disable|enable) Enable or disable Etherne ring Command Form 164
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual esr (disable|enable) Parameter disabledisable Ethernet ring enableenable Ethernet ring Node Mode Esr configuration node Default disable
Using Guide This command is to enable or disable Ethernet ring, configure esr instance after esr is enabled. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)#esr enable Fengine(config-system)# Relevant Command None 3.13.2 esr <0-5> (disable|enable) Set disable, enable, delete certain ESR instance. Command Form esr <0-5> (disable|enable) Parameter <0-5>esr instance id disabledisable certain esr instance enableenable cartain esr instance Node Mode ESR configuration mode Default None Using Guide This command is to disable, enable, delete certain ESR instance. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)# esr 1 enable 165
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine(config-system)# Relevant Command None 3.13.3 esr <0-5> ctrl-vlan Set control VLAN of certain instance Command Form esr <0-5> ctrl-vlan <1-4094> Parameter <0-5>esr instance id <1-4094>VLAN id Node Mode ESR configuration mode Default None
Using Guide This command is to set control VLAN for certain instance Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)# esr 1 ctrl-vlan 1 Fengine(config-system)# Relevant Command None 3.13.4 esr <0-5> failed-time Set failed-time of certain instance Command Form esr <0-5> failed-time <340-10000000> Parameter <0-5>:esr instance No. <340-10000000>:failed time, the time unit is ms Node Mode ESR configuration mode Default 3000 Using Guide 166
This command is to set failed time of certain instance, if the node of the ring is over 4, we suggest add 100ms for every node. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)# esr 1 failed-time 500 Fengine(config-system)# Relevant Command None 3.13.5 esr <0-5> hello-time Set Hello time of an instance Command Form esr <0-5> hello-time <170-10000000> Parameter <0-5>:esr instance No. <170-10000000>:Hello time, time unit is ms Node Mode ESR configuration mode Default 170 Using Guide This command is to set hello-time of certain instance Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)# esr 1 hello-time 200 Fengine(config-system)# Relevant Command None 3.13.6 esr <0-5> mode (master|transit) Set mode of an instance Command Form esr <0-5> mode (master|transit) Parameter <0-5>:esr instance No. 167
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual master:master control mode transit:transit mode Node Mode ESR configuration mode Default None
Using Guide This command is to set mode of certain instance, one esr instance only permit one master, and multi transit Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)# esr 1 mode master Fengine(config-system)# Relevant Command None 3.13.7 esr <0-5> name Set name of certain instance Command Form esr <0-5> name STRING Parameter <0-5>:esr instance No. STRING:name character string Node Mode ESR configuration mode Default None Using Guide This command is to set the name of a certain instance Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)# esr 1 name Example1 Fengine(config-system)# Relevant Command None 168
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.13.8 esr <0-5> primary-port Set primary port of a certain instance Command Form esr <0-5> primary-port <1-65535> Parameter <0-5>esr instance id <1-65535>port No. Node Mode ESR configuration mode Default None Using Guide
This command is to set primary port of a certain instance Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)# esr 1 primary-port 1 Fengine(config-system)# Relevant Command None 3.13.9 esr <0-5> primary-port trunk Set primary port of a certain instance Trunk Command Form esr <0-5> primary-port trunk <1-4> Parameter <0-5>esr instance id <1-4>Trunk id Node Mode ESR configuration mode Default None Using Guide This command is to set primary Trunk port of certain instance Applicable Device S2200ME-B SERIES SWITCH 169
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Example Fengine(config-system)# esr 1 primary-port trunk 1 Fengine(config-system)# Relevant Command None 3.13.10 esr <0-5> secondary-port Set secondary port of certain instance Command Form esr <0-5> secondary-port <1-65535> Parameter <0-5>:esr instance No. <1-65535>:secondary-port No. Node Mode ESR configuration mode Default None
Using Guide This command is to set secondary port of certain instance Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)# esr 1 secondary-port 2 Fengine(config-system)# Relevant Command None 3.13.11 esr <0-5> secondary-port trunk Set secondary port Trunk of certain instance Command Form esr <0-5> secondary-port trunk <1-4> Parameter <0-5>esr instance id <1-4>Trunk id Node Mode ESR configuration mode Default 170
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None
Using Guide This command is to set secondary Trunk of certain instance Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-system)# esr 1 secondary-port trunk 2 Fengine(config-system)# Relevant Command None 3.13.12 show esr Show ESR global configuration information Command Form show esr Parameter None Node Mode privileged user mode Default None Using Guide This command is to show switch ESR global configuration information Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show esr esrEnable : disable Fengine# Relevant Command None 3.13.13 show esr instance Show ESR instance configuration information Command Form show esr Example [<0-5>] Parameter 171
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual <0-5>esr instance id Node Mode privileged user mode Default None
Using Guide This command is to show switch ESR instance configuration information Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show esr Example Id Name Mode Status 0 --master disable 1 --master disable 2 --master disable 3 --master disable 4 --master disable 5 --master disable Fengine# Relevant Command None 3.14 RADIUS configuration command The switch realize Radius client-end function. Radius configuration commandis including: radius (enable| disable) radius <1-10> name radius <1-10> response-time radius <1-10> retransmit radius <1-10> secret radius <1-10> server-acc-port radius <1-10> server-address radius <1-10> server-auth-port radius <1-10> status radius <1-10> type aaa login radius-server NAME 172
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual show radius server
3.14.1 radius (enable| disable) enable disable switch RADIUS Client function Command Form radius (enable| disable) Parameter enableenable RADIUS function disable disable RADIUS function Node Mode RADIUS configuration mode Default disable Using Guide This command is to configure whether switch enable RADIUS function, this device can permit 10 radius client-end Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-radius)# radius enable Fengine(config-radius)# Relevant Command None 3.14.2 radius <1-10> name Configure name of radius client. Notice: the switch can configure 10 client communicating with 10 radius server. Command Form radius <1-10> name NAME Parameter <1-10>:configure radius No. NAME:the name of radius Node Mode RADIUS configuration mode Default None Using Guide 173
This command is to create a radius client, and set name of radius Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-radius)#radius 1 name test Fengine(config-radius)# Relevant Command show radius server 1 3.14.3 radius <1-10> response-time Configure response-timeout of radius client server. Command Form radius <1-10> response-time <2-15> Parameter <1-10>:radius server No. <2-15>:response timeout unit is second Node Mode RADIUS configuration mode Default 5 Using Guide This commandis to configure response-timeout of radius server Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-radius)#radius 1 response-time 8 Fengine(config-radius)# Relevant Command None 3.14.4 radius <1-10> retransmit Configure retransmit for radius client to send request to radius server. Command Form radius <1-10> retransmit <1-255> Parameter <1-10>:radius client serial No. <1-255>:retransmit times 174
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Node Mode RADIUS configuration mode Default 3
Using Guide This command is to set retransmit times for switch radius request. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-radius)#radius 1 retransmit 2 Fengine(config-radius)# Relevant Command None 3.14.5 radius <1-10> secret Configure secret between radius client and server. Command Form radius <1-10> secret SECRET Parameter <1-10>:radius client serial No. SECRET:secret Node Mode RADIUS configuration mode Default None Using Guide This command is to configure secret between radius client and radius server. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-radius)#radius 1 secret 123 Fengine(config-radius)# Relevant Command None 3.14.6 radius <1-10> server-acc-port Configure port No.of radius server corresponding to radius client. 175
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Command Form radius <1-10> server-acc-port (1813|1646) Parameter <1-10>:radius server No. 1813:use 1813 Port 1646:use 1646 port Node Mode RADIUS configuration mode
Default For radius-end, use Port 1813 to be accounting port client Using Guide This command is to configure port No. with accounting function corresponding to radius server. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-radius)#radius 1 server-auth-port 1645 Fengine(config-radius)# Relevant Command None 3.14.7 radius <1-10> server-address Configure IP address of radius server corresponding to radius client. Command Form radius <1-10> server-address (A.B.C.D) Parameter <1-10>:radius client No. (A.B.C.D):radius server IP address Node Mode RADIUS configuration mode Default None Using Guide This command is to configure IP address of radius server corresponding to radius client. Applicable Device S2200ME-B SERIES SWITCH Example 176
Fengine(config-radius)#radius 1 server-address 1.1.1.1 Fengine(config-radius)# Relevant Command show radius server <1-10> 3.14.8 radius <1-10> server-auth-port Configure port No.of radius server authentication. Command Form radius <1-10> server-auth-port (1812|1645) Parameter <1-10>:radius client No. 1812:user Port 1812 1645:use Port 1645 Node Mode RADIUS configuration mode Default For Radius client, use Port 1812 to be authority port. Using Guide This command is to configure port No. with authentication function of radius server corresponding to radius client. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-radius)#radius 1 server-auth-port 1812 Fengine(config-radius)# Relevant Command None 3.14.9 radius <1-10> status Enable or disable or destory radius client Command Form radius <1-10> status (enable|disable|destroy) Parameter <1-10>:radius client No. enable:enable corresponding radius client disable:disable corresponding radius client destroy:destroy corresponding radius client 177
Node Mode RADIUS configuration mode, RADIUS configuration mode Default disable Using Guide This command is to enable or disable radius client Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-radius)#radius 1 status enable Fengine(config-radius)# Relevant Command None 3.14.10 radius <1-10> type Configure service type of radius client Command Form radius <1-10> type (acc|auth|both) Parameter <1-10>:radius client No. acc:client provide accounting service auth:client provide authentication service both:client provide accounting and authentication service Node Mode RADIUS configuration mode Default Radius client provide accounting and authentication service as default Using Guide This command is to configure service type provided by radius client. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-radius)#radius 1 type auth Fengine(config-radius)# Relevant Command None 3.14.11 aaa login radius-server NAME 178
Configfure radius-server name for AAA logging authentication Command Form aaa login radius-server NAME Parameter NAME radius-server name Node Mode global configuration mode Default None Using Guide This command is to configfure radius-server name for AAA logging authentication Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# aaa login radius-server test Fengine(config)# Relevant Command None 3.14.12 show radius server <1-10> Show switch radius client configuration. Command Form show radius server <1-10> Parameter <1-10>server No. Node Mode privileged user mode Default None Using Guide This command is to show switch radius client configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show radius server 1 Server 1 179
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual ServerName : test ServerType : both ServerIP : 192.168.1.10 ServerAuthPort : 1812 ServerAccPort : 1813 ServerKey : FHN_RADIUS ServerRetransmit : 3 ServerTimeout time : 5 ServerStatus : notInService Fengine# Relevant Command None 3.15 Double-tag protocol configuration command
Double-tag: when enabled double-tag on the interface, the data sent out from this port will take two vlan tag. Double-tag configuration command is including: dtag (enable|disable) dtag protocol <0-65536> dtag dot1q (enable|disable) dtag flexible (enable|disable) dtag flexible inner <1-4094> outer <1-4094> show dtag show interface dtag show interface dtag flexible
3.15.1 dtag (enable|disable) Enable double-tag protocol on the port. Command Form dtag (enable|disable) Parameter enableenable double-tag disable disable double-tag Node Mode global configuration mode interface configuration mode Default disable 180
Using Guide This command is invalid, if not enable dtag on interface under global configuration mode. Command dtag enable under interface configuration, the data packet is forward according to ingress pvid, quit from uplink port with 2 tags, outer is ingress pvid, inner is the orginal tag of packet; Under flexible mode, inner tag of packet is the orginal tag, outer tag is the tag designated by flexible command. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#dtag enable Fengine(config)# Fengine(config-eth-1)#dtag enable Fengine(config-eth-1)# Relevant Command show dtag show interface dtag 3.15.2 dtag protocol <0-65536> Configure double-tag tpid Command Form dtag protocol <0-65536> Parameter <0-65536> tpid Node Mode global configuration mode Default None Using Guide Configure double-tag tpid is using 0x8100 or 0x9100. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#dtag protocol 37120 Fengine(config)# 3.15.3 dtag dot1q (enable|disable) enable double-tag dot1q 181
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Command Form dtag (enable|disable) Parameter enableenable dtag dot1q disable disable dtag dot1q Node Mode interface configuration mode Default disable
Using Guide set whether port enable 802.1q, if enabled, when received vlan-tagged data, forward vlan id based on vlan tag. Otherwise, forward port-based pvid. In order to make vid of double-tagged port external tag to be pvid of message source port, we suggest to disable source port dot1q mode. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#dtag dot1q enable Fengine(config-eth-1)# 3.15.4 dtag flexible (enable|disable) enable flexible dtag Command Form dtag flexible (enable|disable) Parameter enableenable flexible disable disable flexible Node Mode interface configuration mode Default disable Using Guide enable or disable dtag flexible, enable flexible.first configure dtag dot11q enabled and configure inner tag and outer tag under interface. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)#dtag flexible enable Fengine(config-eth-1)# 182
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.15.5 dtag flexible inner <1-4094> outer <1-4094> In flexible mode, configure inner tag and outer tag. Command Form dtag flexible inner <1-4094> outer <1-4094> Parameter <1-4094>inner tag <1-4094>outer tag Node Mode interface configuration mode Default None Using Guide
Under flexible mode, configure inner tag and outer tag. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth1-1)#dtag flexible inner 1 outer 2 Fengine(config-eth1-1)# 3.15.6 show dtag Show switch global dtag configuration. Command Form show dtag Parameter None Node Mode privileged user mode Default None Using Guide Show switch global dtag configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show dtag protocol : 37120 dtag protocol : disabled 183
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine# Relevant Command None 3.15.7 show interface dtag Show switch all port dtag configuration. Command Form show interface dtag Parameter None Node Mode privileged user mode Default None Using Guide Show switch all port dtag configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show interface dtag If DtagStatus Dot1qStatus Flexible 1 disable enable ---2 disable enable ---3 disable enable ---4 disable enable ---5 disable enable ---6 disable enable ---7 disable enable ---8 disable enable ---9 disable enable ---Fengine# Relevant Command None 3.15.8 show interface dtag flexible Show switch all port dtag flexible configuration. Command Form show dtag flexible Parameter None 184
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Node Mode privileged user mode Default None Using Guide Show switch all port dtag flexible configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show interface dtag flexible If Inner Outer 1 1 2 Fengine# Relevant Command None 3.16 IGMP-FILTER configuration command IGMP Filter is to filter IGMP report Igmp Filter configuration command is including: apply-to-ports PORTLIST apply-to-ports none igmp-filter <1-26> no igmp-filter <1-26> igmp-filter <1-26> (enable|disable) rule <1-10> (permit|deny) (A.B.C.D) (A.B.C.D)
rule <1-10> (permit|deny) (AA:BB:CC:DD:EE:FF) no rule <1-10> rule <1-10> preview show igmp-filter show igmp-filter <1-26> show igmp-filter preview user
3.16.1 apply-to-ports PORTLIST Apply certain igmp filter to switch port 185
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Command Form apply-to-ports PORTLIST Parameter PORTLISTport list1,2,4-8,10 Node Mode Igmp-filter configuration mode Default None Using Guide Apply certain igmp filter to switch port Applicable Device S2200ME-B SERIES SWITCH
Example Fengine(config-igmp-filter 1)#apply-to-ports 1,2,4-8 Fengine(config-igmp-filter 1)# Relevant Command show igmp-filter <1-10>igmp-filter <1-10> (enable|disable) 3.16.2 apply-to-ports none Not apply igmp filter to any port Command Form apply-to-ports none Parameter None Node Mode Igmp-filter configuration mode Default disable Using Guide This command is not to apply igmp filter to any port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-filter 1)#apply-to-ports none Fengine(config-igmp-filter 1)# Relevant Command 186
show igmp-filter <1-10>igmp-filter <1-10> (enable|disable)
3.16.3 igmp-filter <1-26> Create an igmp filter Command Form igmp-filter <1-26> Parameter <1-26>igmp-filter id Node Mode global configuration mode Default None Using Guide This command is to form an igmp filter for switch Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)#igmp-filter 1 Fengine(config-igmp-filter 1)# Relevant Command show igmp-filter, no igmp-filter <1-26> 3.16.4 no igmp-filter <1-26> Delete a igmp filter Command Form no igmp-filter <1-26> Parameter <1-26>igmp-filter No. to be deleted Node Mode global configuration mode Default None Using Guide This command is to form a igmp filter Applicable Device S2200ME-B SERIES SWITCH 187
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Example Fengine(config)#no igmp-filter 1 Fengine(config)# Relevant Command show radius server 1 3.16.5 igmp-filter <1-26> (enable|disable)
Enable or disable certain igmp filter to be applied to switch port. Command Form igmp-filter <1-26> (enable|disable) Parameter <1-26>igmp filter No. (enable|disable)enable is to enable, disable is to disable Node Mode interface configuration mode Default disable Using Guide This command is to apply certain igmp filter to switch port under interface configuration mode or delete certain igmp to be applied at the port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-2)#igmp-filter 1 enable Fengine(config-eth-2)# Relevant Command apply-to-ports PORTLISTshow igmp-filter <1-26> 3.16.6 rule <1-10> (permit|deny) (A.B.C.D) (A.B.C.D) Configure rule for igmp filter Command Form rule <1-10> (permit|deny) (A.B.C.D) (A.B.C.D) Parameter <1-100>rule No. permitpermit rule denydeny rule (A.B.C.D)filter beginning address of multicast 188
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual (A.B.C.D)filter ending address of multicast Node Mode Igmp-filter configuration mode Default None
Using Guide This command is to configure filter rule for igmp filter, one igmp filter has multi rules, the matched order is from lower No. to higher No. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-filter 1)#rule 1 permit 239.1.1.1 239.1.1.10 Fengine(config-igmp-filter 1)# Relevant Command show igmp-filter <1-10> 3.16.7 rule <1-10> (permit|deny) (AA:BB:CC:DD:EE:FF) Configure rule for igmp filter Command Form rule <1-10> (permit|deny) (AA:BB:CC:DD:EE:FF) Parameter <1-10>rule No. permitpermit rule denydeny rule (AA:BB:CC:DD:EE:FF)filter multicast MAC address Node Mode Igmp-filter configuration mode Default None Using Guide This command is to configure filter rule for igmp filter, one igmp filter has multi rules, the matched order is from lower No. to higher No. The mac address should begin with 01.00.5e. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-filter 1)#rule 1 permit 01.00.5e.00.00.01 Fengine(config-igmp-filter 1)# 189
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Relevant Command show igmp-filter <1-10> 3.16.8 no rule <1-10> Delete certain rule of igmp filter. Command Form no rule <1-10> Parameter <1-10>rule No. Node Mode Igmp-filter configuration mode Default disable Using Guide This command is to delete certain rule of igmp filter Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-filter 1)#no rule 1 Fengine(config-igmp-filter 1)# Relevant Command rule <1-10> (permit|deny) (A.B.C.D) (A.B.C.D) 3.16.9 rule <1-10> preview Configure igmp preview Command Form
rule <1-10> preview (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D) time <1-65535> interval <1-255> rule <1-10> preview (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D) time <1-65535> rule <1-10> preview (A.B.C.D) (A.B.C.D) any time <1-65535> interval <1-255> rule <1-10> preview (A.B.C.D) (A.B.C.D) any time <1-65535> Parameter <1-10>rule No. (A.B.C.D)multicast beginning address (A.B.C.D)multicast ending address (A.B.C.D)user beginning address (A.B.C.D)user ending address 190
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual <1-65535>preview time, unit: minute <1-255>times of preview time Node Mode Igmp-filter configuration mode Default None
Using Guide This command expand the orginal multicast controllable technology, adding multicast preview control rule, adding time period and user IP control condition, make multicast control more flexible. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-igmp-filter 1)#rule 1 preview Fengine(config-igmp-filter 1)# Relevant Command show igmp-filter <1-10> 3.16.10 show igmp-filter Show configured igmp filter list. Command Form show igmp-filter Parameter None Node Mode privileged user mode Default None Using Guide This command is to show igmp filter configured by the switch Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show igmp-filter switch igmp-filter configuration igmp-filter 1 igmp-filter 2 Fengine# Relevant Command None 191
3.16.11 show igmp-filter <1-26> Show rule configuration of certain igmp filter and port application. Command Form show igmp-filter <1-26> Parameter <1-26>igmp filter list No. Node Mode privileged user mode Default None Using Guide This command is to show rule configuration of certain igmp filter and port application. Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show igmp-filter 1 igmp filter 1's detail information: state :Active The rule list : rule 1 permit 239.1.1.1 239.1.1.10 ,State:Active The port(s) using this filter: Interface 1 ,Interface 2 ,Interface 3 ,Interface 4 , Interface 5 , Fengine# Relevant Command None 3.16.12 show igmp-filter preview user Show multicast preview user Command Form show igmp-filter preview user Parameter None Node Mode privileged user mode Default None 192
Using Guide This command is to show switch multicast preview user Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show igmp-filter switch igmp-filter configuration igmp-filter 1 igmp-filter 2 Fengine# Relevant Command None 3.17 DHCP configuration command DHCP configuration command is including: dhcp relay (enable|disable) dhcp relay server-ip show dhcp
3.17.1 dhcp relay (enable|disable) Enable or disable Dhcp relay service Command Form dhcp relay (enable|disable) Parameter (enable|disable) Node Mode VLAN configuration mode Default disable Using Guide This command is to enable or disable DHCP relay service on switch, since S2200ME-B is Layer 2 switch, DHCP RELAY can be enabled only in management vlan. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-vlan-1)# dhcp relay enable Fengine(config-vlan-1)# 193
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Relevant Command show dhcp 3.17.2 dhcp relay server-ip (A.B.C.D) Configure IP address of DHCP relay peer end service Command Form dhcp relay server-ip (A.B.C.D) Parameter A.B.C.DIP address Node Mode VLAN configuration mode Default 0.0.0.0
Using Guide This command is to enable DHCP relay service and then configure IP address of peer end server. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-vlan-1)# dhcp relay server-ip 192.168.1.200 Fengine(config-vlan-1)# Relevant Command show dhcp 3.17.3 show dhcp Show Dhcp service configuration Command Form show dhcp Parameter None Node Mode privileged user mode Default None Using Guide This command is to show switch DHCP service configuration. Applicable Device S2200ME-B SERIES SWITCH 194
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Example Fengine# show dhcp Dhcp Configure dhcp relay : enable dhcp relay server ip :192.138.1.200 Fengine# Relevant Command None
3.18 SNTP configuration command SNTP configuration command is including: sntp (client|none) sntp peer ip-address sntp time-offset (plus|minus) <0-86400> show sntp
3.18.1 sntp (client|none) Set SNTP role Command Form sntp (client|none) Parameter client:enable SNTP server service none:not enable SNTP protocol Node Mode VLAN configuration mode Default none Using Guide This command is to enable switch network clock protocol (SNTP) service, the switch is only one role. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-vlan-1)# sntp client Fengine(config-vlan-1)# Relevant Command 195
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual show sntp 3.18.2 sntp peer ip-address Set IP address of switch SNTP client-end server. Command Form sntp peer ip-address (A.B.C.D) Parameter A.B.C.Dserver IP address Node Mode VLAN configuration mode Default 0.0.0.0
Using Guide This command is to set IP address of switch SNTP client-end server Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-vlan-1)# sntp peer ip-address 192.168.1.1 Fengine(config-vlan-1)# Relevant Command show sntp 3.18.3 sntp time-offset (plus|minus) <0-86400> Set switch time-offset Command Form sntp time-offset (plus|minus) <0-86400> Parameter (plus|minus):plus offset or minus offset <0-86400>:offset timesecond Node Mode VLAN configuration mode Default 0 Using Guide This command is to set switch time-offset. Applicable Device S2200ME-B SERIES SWITCH 196
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Example Fengine(config-vlan-1)# sntp time-offset plus 12 Fengine(config-vlan-1)# Relevant Command show sntp 3.18.4 show sntp Show switch current SNTP service configuration. Command Form show sntp Parameter None Node Mode privileged configuration mode Default none
Using Guide This command is to show switch current SNTP service configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine# show sntp Sntp Configure vlan 1 sntp client Fengine# Relevant Command None
3.19 SPNM configuration command SPNM configuration command is including: spnm (enable|disable) spnm community spnm password spnm send-access-mac spnm server-ip 197
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual spnm access-port show spnm access-ports show spnm information
3.19.1 spnm (enable|disable) Enable or disable SPNM protocol Command Form spnm (enable|disable) Parameter (enable|disable) Node Mode SPNM configuration mode Default disable Using Guide This command is to enable or disable switch private network management (SPNM) protocol. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-spnm)# spnm enable Fengine(config-spnm)# Relevant Command show spnm information 3.19.2 spnm community Configure SPNM community of network management platform notified by SPNM Command Form spnm community STRING Parameter STRING:character string of SNMP community Node Mode SPNM configuration mode Default None Using Guide 198
This command is to set SPNM community of network management platformnotified by SPNM. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-spnm)# spnm community NETMAN Fengine(config-spnm)# Relevant Command show spnm information
3.19.3 spnm password Configure password of SPNM protocol communication. Command Form spnm password STRING Parameter STRINGpassword string, the length should not be longer than 64 Node Mode SPNM configuration mode Default None Using Guide This command is to set password for SPNM protocol communication. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-spnm)# spnm password test Fengine(config-spnm)# Relevant Command show spnm information 3.19.4 spnm send-access-mac Enable or disable SPNM protocol sending access MAC. Command Form spnm send-access-mac (enable|disable) Parameter (enable|disable) 199
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Node Mode SPNM configuration mode Default disable
Using Guide This command is to enable or disable SPNM protocol sending access MAC. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-spnm)# spnm send-access-mac enable Fengine(config-spnm)# Relevant Command show spnm information 3.19.5 spnm server-ip Set IP address of network management platform communicating with switch. Command Form spnm server-ip (A.B.C.D) Parameter A.B.C.DIP address of network management platform Node Mode SPNM configuration mode Default 0.0.0.0 Using Guide This command is to set IP address of network management platform communicating with the switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-spnm)# spnm server-ip 192.168.1.200 Fengine(config-spnm)# Relevant Command show spnm information 3.19.6 spnm access-port Enable or disable switch port to be network access port 200
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Command Form spnm access-port (enable|disable)
Parameter (enable|disable)enable enable disable disable Node Mode interface configuration mode Default None Using Guide This commandis to enable or disable switch port to be SPNM protocol access port Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-eth-1)# spnm access-port enable Fengine(config-eth-1)# Relevant Command show spnm access-ports 3.19.7 show spnm access-ports Show port information when switch enable receiving SPNM protocol. Command Form show spnm access-ports Parameter None Node Mode privileged user mode Default None Using Guide This command is to show port information when switch enable receiving SPNM protocol. Applicable Device S2200ME-B SERIES SWITCH Example Fengine# show spnm access-ports Fengine# 201
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Relevant Command None 3.19.8 show spnm information
Show switch private network management configuration. Command Form show spnm information Parameter None Node Mode privileged user mode Default None Using Guide This command is to show switch private network configuration. Applicable Device S2200ME-B SERIES SWITCH Example Fengine# show spnm information spnm protocol status : disable spnm server ip address : 0.0.0.0 spnm send access MAC status : disable spnm community : NETMAN spnm FSM state : notReady Fengine# Relevant Command None
3.20 interface batch-disposal configuration command Configuration command are: port <1-26> description port PORTLIST dot1q accept (all|tagged-only) port PORTLIST dtag (enable|disable) port PORTLIST dtag dot1q (enable|disable) port PORTLIST duplex (half|full) speed (10|100|1000) port PORTLIST duplex auto 202
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual port PORTLIST flow-ctrl (enable|disable)
port PORTLIST igmp-filter <1-100> (enable|disable) port PORTLIST join trunk port PORTLIST link-trap (enable|disable) port PORTLIST loop-check (enable|disable|re-check) port PORTLIST loop-check vlan port PORTLIST no-shutdown port PORTLIST packet-limit port PORTLIST priority port PORTLIST pvid port PORTLIST quit trunk port PORTLIST rate-limit rx port PORTLIST rate-limit tx port PORTLIST rstp priority port PORTLIST security-mac (enable|disable) port PORTLIST sgm (enable|disable) vlan port PORTLIST sgm discovery time port PORTLIST sgm discovery ttl port PORTLIST shutdown port PORTLIST spnm access-port (enable|disable) port PORTLIST stp (enable|disable) port PORTLIST stp priority port PORTLIST user-limit aging-time port PORTLIST user-limit number port PORTLIST sgm (enable|disable) port PORTLIST sgm discovery time (<1-300>|default) port PORTLIST sgm discovery ttl (<1-255>|default) port PORTLIST sgm inband enable <1-4094> port PORTLIST sgm vlan (add|remove) VLAN-LIST
3.20.1 port <1-26> description 203
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Set port description of each switch port Command Form port <1-26> description STRING Parameter <1-26>:interface No. STRING:port description character string Node Mode global configuration mode Default None
Using Guide This command is to set description of each switch port Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 1 description port1 Fengine(config)# Relevant Command description STRING 3.20.2 port PORTLIST dot1q accept (all|tagged-only) Configure switch port to accept data packet type Command Form port PORTLIST dot1q accept (all|tagged-only) Parameter PORTLIST:port list (e.g.: 1,2,5-15,20) all:all type data packet tagged-only:only accept VLAN tagged data packet Node Mode global configuration mode Default None Using Guide This command is to set whether a series port accept all type data packet or only accept VLAN-tagged data packet. Applicable Device S2200ME-B SERIES SWITCH 204
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Example Fengine(config)# port 2-7,10 dot1q accept all Fengine(config)# Relevant Command dot1q accept (all|tagged-only) 3.20.3 port PORTLIST dot1x (enable|disable) enable or disable switch 802.1x protocol Command Form port PORTLIST dot1x (enable|disable) Parameter PORTLISTport list (e.g.: 1,2,5-15,20) (enable|disable) Node Mode system configuration mode Default disable Using Guide Enable or disable 802.1x protocol on switch port Applicable Device S2200ME-B series switch Example Fengine(config)# port 2-7,10 dot1x enable Fengine(config)# Relevant Command dot1x (enable|disable) 3.20.4 port PORTLIST dot1x authenticator max-user
Configure max-user number supported on the port enabled 802.1x protocol Command Form port PORTLIST dot1x authenticator max-user <1-65535> Parameter PORTLISTport list (e.g.: 1,2,5-15,20) <1-65535>user number Node Mode global configuration mode Default None 205
Using Guide Configurequiet-timeout for reauthentication on the port enabled 802.1x protocol, the time is mainly to prevent vicious attack to the device. Applicable Device S2200ME-B series switch Example Fengine(config)# port 2-7,10 dot1x authenticator max-user 100 Fengine(config)# Relevant Command dot1x authenticator max-user <1-65535> 3.20.5 port PORTLIST dot1x authenticator quiet-timeout <1-120> Configure quiet-timeout for reauthentication on the port enabled 802.1x protocol, the time is mainly to prevent vicious attack to the device. Command Form port PORTLIST dot1x authenticator quiet-timeout <1-120> Parameter PORTLISTport list (e.g.: 1,2,5-15,20) <1-120>time (unit: s) Node Mode global configuration mode Default 60 Using Guide Configure quiet-timeout for reauthentication on the port enabled 802.1x protocol, the time is mainly to prevent vicious attack to the device. Applicable Device S2200ME-B Example Fengine(config)# port 2-7,10 dot1x authenticator quiet-timeout <1-120> Fengine(config)# Relevant Command dot1q accept (all|tagged-only) 3.20.6 port PORTLIST dot1x authenticator quiet-timeout default Configure quiet-timeout for reauthentication on the port enabled 802.1x protocol, the time is mainly to prevent vicious attack to the device. 206
Command Form port PORTLIST dot1x authenticator quiet-timeout default Parameter PORTLISTport list (e.g.: 1,2,5-15,20) Node Mode global configuration mode Default None Using Guide Configure quiet-timeout for reauthentication on the port enabled 802.1x protocol, the time is mainly to prevent vicious attack to the device. This command is to set the default time (60s). Applicable Device S2200ME-B series switch Example Fengine(config)# port 2-7,10 dot1x authenticator quiet-timeout default Fengine(config)# Relevant Command no dot1x authenticator quiet-timeout 3.20.7 port PORTLIST dot1x authenticator radius-server NAME Configure the name of radius client corresponding to the port enabled 802.1x protocol. Command Form port PORTLIST dot1x authenticator radius-server NAME Parameter PORTLISTport list (e.g.: 1,2,5-15,20) NAMEradius client name Node Mode global configuration mode Default None Using Guide This command is to configure the name of radius client corresponding to the port enabled 802.1x protocol, default is to delete the name. Applicable Device S2200ME-B series switch 207
Example Fengine(config)# port 2-7,10 dot1x authenticator radius-server test Fengine(config)# Relevant Command dot1x authenticator radius-server NAME 3.20.8 port PORTLIST dot1x authenticator radius-server default Delete the name of radius client corresponding to the port enabled 802.1x protocol. Command Form port PORTLIST dot1x authenticator radius-server default Parameter PORTLISTport list (e.g.:1,2,5-15,20) Node Mode global configuration mode Default None Using Guide This command is to delete the name of the radius client corresponding to the port enabled 802.1x protocol. Applicable Device S2200ME-B series switch Example Fengine(config)# port 2-7,10 dot1x authenticator radius-server default Fengine(config)# Relevant Command no dot1x authenticator radius-server 3.20.9 port PORTLIST dot1x authenticator reauthenticate-period Configure 802.1x protocol reauthentication-period. Command Form port PORTLIST dot1x authenticator reauthenticate-Period <60-7200> Parameter PORTLISTport list (e.g.:1,2,5-15,20) <60-7200>timeunit: s Node Mode global configuration mode Default 208
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3600
Using Guide This command is to set switch 802.1x protocol reauthentication-period, command default is to set reauthentication period to be default (3600s). Applicable Device S2200ME-B series switch Example Fengine(config)# port 2-7,10 dot1x authenticator reauthenticate-Period 4000 Fengine(config)# Relevant Command dot1x authenticator reauthenticate-Period <60-7200> 3.21.10 port PORTLIST dot1x authenticator reauthenticate-period default Configure 802.1x protocol reauthentication-period. Command Form port PORTLIST dot1x authenticator reauthenticate-period default Parameter PORTLISTport list (e.g.:1,2,5-15,20) Node Mode global configuration mode Default None Using Guide Configure 802.1x protocol reauthentication-period default (3600s). Applicable Device S2200ME-B series switch Example Fengine(config)# port 2-7,10 dot1x authenticator reauthenticate-timeout default Fengine(config)# Relevant Command no dot1x authenticator reauthenticate-timeout 3.20.11 port PORTLIST dot1x reauthenticate disable Enable or disable switch port 802.1x reauthentication function. Command Form port PORTLIST dot1x reauthenticate disable 209
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Parameter PORTLISTport list (e.g.:1,2,5-15,20) Node Mode global configuration mode Default None
Using Guide This command is to disable switch port 802.1x reauthentication function. Applicable Device S2200ME-B series switch Example Fengine(config)# port 2-7,10 dot1x reauthenticate disable Fengine(config)# Relevant Command dot1x reauthenticate disable 3.20.12 port PORTLIST dot1x reauthenticate enable Enable or disable switch port 802.1x reauthentication function. Command Form port PORTLIST dot1x reauthenticate enable Parameter PORTLISTport list (e.g.:1,2,5-15,20) Node Mode global configuration mode Default None Using Guide This command is to enable switch port 802.1x reauthentication function. Applicable Device S2200ME-B series switch Example Fengine(config)# port 2-7,10 dot1x reauthenticate enable Fengine(config)# Relevant Command dot1x reauthenticate enable 3.20.13 port PORTLIST dtag (enable|disable) 210
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Enable double tag protocol on the port. Command Form port PORTLIST dtag (enable|disable) Parameter PORTLISTport list (e.g.:1,2,5-15,20) (enable|disable) Node Mode global configuration mode Default disable
Using Guide After enable this setting, all port egress message will add a tag, ingress message will delete a tag then forward. The added tag type No. is from global dtag protocol, vid is from group source port pvid. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 dtag enable Fengine(config)# Relevant Command dtag (enable|disable) 3.20.14 port PORTLIST dtag dot1q (enable|disable) Enable or disable port 802.1q function. Command Form port PORTLIST dtag dot1q (enable|disable) Parameter PORTLISTport list (e.g.:1,2,5-15,20) (enable|disable) Node Mode global configuration mode Default disable Using Guide Set whether port enable 802.1q function, if enabled, then forward vlan tag-based vlan id when receiving vlan-tagged data, otherwise, forward port-based pvid. In order to make vid of double-tag port outer tag to be pvid of message source port, we suggest to disable source port dot1q mode. Applicable Device 211
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 dtag dot1q enable Fengine(config)# Relevant Command dtag (enable|disable) 3.20.15 port PORTLIST duplex (half|full) speed (10|100|1000) Set working mode of switch port.
Command Form port PORTLIST duplex (half|full) speed (10|100|1000) Parameter PORTLISTport list (e.g.:1,2,5-15,20) halfwork mode is half-duplex fullwork mode is full-duplex (10|100|1000)rate is 10M or 100M or 1000M Node Mode system configuration mode Default None Using Guide This command is to configure switch port work mode. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 duplex full speed 100 Fengine(config)# Relevant Command duplex (half|full) speed (10|100|1000) 3.20.16 port PORTLIST duplex auto Set switch port work mode to be auto-negotiation mode. Command Form port PORTLIST duplex auto Parameter PORTLISTport list (e.g.:1,2,5-15,20) Node Mode 212
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual system configuration mode Default None
Using Guide This command is to set switch port work mode to be auto-negotiation mode. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 duplex auto Fengine(config)# Relevant Command duplex auto 3.20.17 port PORTLIST flow-ctrl (enable|disable) Enable or disable switch port flow control. Command Form port PORTLIST flow-ctrl (enable|disable) Parameter PORTLISTport list (e.g.:1,2,5-15,20) enableenable flow control. disabledisable flow control. Node Mode global configuration mode Default None Using Guide Flow control can reduce data frame lose caused by saturated buffer when terminal is directly connected with switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 flow-ctrl enable Fengine(config)# Relevant Command flow-ctrl (enable|disable) 3.20.18 port PORTLIST igmp-filter <1-100> (enable|disable) 213
Enable or disable certain igmp filter to be applied to the switch port. Command Form port PORTLIST igmp-filter <1-100> (enable|disable) Parameter PORTLISTport list (e.g.:1,2,5-15,20) <1-100>igmp filter list No. (enable|disable)enable is to enable, disable is to disable Node Mode global configuration mode Default disable Using Guide This command is to apply certain igmp filter to switch port or delete apply certain igmp filter to the port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 igmp-filter 1 enable Fengine(config)# Relevant Command igmp-filter <1-100> (enable|disable) 3.20.19 port PORTLIST join trunk Configure port Trunk ID Command Form port PORTLIST join trunk <1-1-65535> Parameter PORTLISTport list (e.g.:1,2,5-15,20) <1-1-65535>trunk ID Node Mode global configuration mode Default The port does not belong to any Trunk Using Guide This command is to configure a series physical port to join Trunk. This command is invalid when used under Trunk interface configuration mode. Applicable Device 214
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 join trunk 2 Fengine(config)# Relevant Command join trunk <1-64> 3.20.20 port PORTLIST link-trap (enable|disable) Enable or disable switch port link-trap. Command Form port PORTLIST link-trap (enable|disable) Parameter PORTLISTport list (e.g.:1,2,5-15,20) enableenable trap disabledisable trap Node Mode global configuration mode Default disable
Using Guide This command is to configure whether notify snmp network management when interface link state is changed. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 link-trap enable Fengine(config)# Relevant Command dot link-trap (enable|disable) 3.20.21 port PORTLIST loop-check (enable|disable|re-check) Enable, disable, repeat port loop-check Command Form port PORTLIST loop-check (enable|disable|re-check) Parameter PORTLISTport list (e.g.:1,2,5-15,20) enableenable loop-check 215
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual disabledisable loop-check re-checkrepeat loop-check Node Mode global configuration mode Default None
Using Guide This command is to enable or disable switch port loop-check, and repeat loop-check for the port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 loop-check enable Fengine(config)# Relevant Command loop-check (enable|disable|re-check) 3.20.22 port PORTLIST loop-check vlan Configure the VLAN on which execute loop-check on the port. Command Form port PORTLIST loop-check vlan <1-4094> Parameter PORTLISTport list (e.g.:1,2,5-15,20) <1-4094>VLAN id Node Mode global configuration mode Default 1 Using Guide This command is to configure the VLAN on which execute loop-check on certain port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 loop-check vlan 1 Fengine(config)# Relevant Command loop-check vlan <1-4094> 216
3.20.23 port PORTLIST no-shutdown Enable switch port Command Form port PORTLIST no-shutdown Parameter PORTLISTport list (e.g.:1,2,5-15,20) Node Mode global configuration mode Default None Using Guide This command is to enable switch port to forward data. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 no-shutdown Fengine(config)# Relevant Command no shutdown 3.20.24 port PORTLIST packet-limit Set rate limit of switch port data packet Command Form port PORTLIST packet-limit broadcast 0-100000 > port PORTLIST packet-limit dlf <0-100000 > port PORTLIST packet-limit multicast <0-100000 > port PORTLIST packet-limit b-m <0-100000> port PORTLIST packet-limit b-m-dlf <0-100000> Parameter PORTLISTport list (e.g.:1,2,5-15,20) <0-100000>rate limit range, unit: kbps Node Mode global configuration mode Default Broadcast and dlf is 64K as default, multicast has no limit. Using Guide 217
This command is to configure rate limit of switch port data packet, broadcast is to limit broadcast received at interface, dlf is to limit station unknown data packet received by interface, multicast is to limit broadcast+multicast packet received by interface, b-m-dlf is to limit broadcast+multicast+DLF data packet received by interface. If the configuration is less than 1792, it should be 64 times of it, if the configuration is more than2000, it should be 1000 times of it. The whole switch has only one limit. Applicable Device S2200ME-B series switch supports limit for interface broadcast, multicast, dlf data packet. Example Fengine(config)# port 2-7,10 packet-limit broadcast 512 Fengine(config)# Relevant Command packet-limit 3.20.25 port PORTLIST priority Set interface default priority. Command Form port PORTLIST priority <0-7> Parameter PORTLISTport list (e.g.:1,2,5-15,20) <0-7>priority range is 0-7 Node Mode global configuration mode Default None Using Guide This command is to set interface default priority, if the data received at this port is untagged data, then scheduling the default priority of this port when forwarding the data message. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 priority 2 Fengine(config)# Relevant Command priority <0-7> 218
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.20.26 port PORTLIST pvid Set switch port PVID. Command Form port PORTLIST pvid <1-4094> Parameter PORTLISTport list (e.g.:1,2,5-15,20) <1-4094>switch VLAN id is ranged in 1-4094 Node Mode global configuration mode Default 1
Using Guide This command is to set switch port PVID, when an interface receive untagged vlan or priority-tagged data, we consideer the data belong to the vlan indicated by the pvid of this interface, then forward data in this vlan. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 pvid 2 Fengine(config)# Relevant Command pvid <1-4094> 3.20.27 port PORTLIST quit trunk Configure switch port exit Trunk Command Form port PORTLIST quit trunk Parameter PORTLISTport list (e.g.:1,2,5-15,20) Node Mode global configuration mode Default None Using Guide This command is to configure physical port to exit Trunk Applicable Device S2200ME-B SERIES SWITCH 219
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Example Fengine(config)# port 2-7,10 quit trunk Fengine(config)# Relevant Command quit trunk 3.20.28 port PORTLIST rate-limit rx Set rate-limit of switch port receiving direction. Command Form port PORTLIST rate-limit rx <0-100000>
Parameter PORTLISTport list (e.g.:1,2,5-15,20) <0-100000>rate rangeunitkbps, 0 is for no limit Node Mode global configuration mode Default The default is no configured rate limit Using Guide This command is to control switch rate, rx is to control receiving data, tx is to control sending data, if the configuration is less than 1792, it should be 64 times of it, if it is more than 2000, it should be 1000 times of it. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 rate-limit rx 0 Fengine(config)# Relevant Command rate-limit rx <0-100000> 3.20.29 port PORTLIST rate-limit tx Set rate-limit of switch port sending direction. Command Form port PORTLIST rate-limit tx <0-100000> Parameter PORTLISTport list (e.g.:1,2,5-15,20) <0-100000>rate rangeunitkbps, 0 is for no limit Node Mode 220
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual global configuration mode Default None
Using Guide This command is to control rate limit of switch port tx data, on cetain occasion, need to control port rate so as to provide different bandwidth for different user, different switch can configure different rate. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 rate-limit tx 100 Fengine(config)# Relevant Command rate-limit tx <0-100000> 3.20.30 port PORTLIST rstp priority Configure switch port RSTP priority Command Form port PORTLIST rstp priority <0-15> Parameter PORTLISTport list (e.g.:1,2,5-15,20) <0-15>switch port RSTP priority Node Mode global configuration mode Default 8 Using Guide This command is to configure a series of RSTP priority for the switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 rstp priority 10 Fengine(config)# Relevant Command rstp priority <0-15> 3.20.31 port PORTLIST security-mac (enable|disable) 221
Enable or disable switch port MAC security access control Command Form port PORTLIST security-mac (enable|disable) Parameter PORTLISTport list (e.g.:1,2,5-15,20) (enable|disable) Node Mode global configuration mode Default disable Using Guide This command is to enable or disable switch port MAC access security control. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 security-mac enable Fengine(config)# Relevant Command security-mac (enable|disable)
3.20.32 port PORTLIST spnm access-port (enable|disable) Enable or disable switch port to be network access port. Command Form port PORTLIST spnm access-port (enable|disable) Parameter PORTLISTport list (e.g.:1,2,5-15,20) (enable|disable) Node Mode global configuration mode Default None Using Guide This command is to enable or disable switch port to be SPNM protocol receiving port. Applicable Device S2200ME-B SERIES SWITCH 222
Example Fengine(config)# port 2-7,10 spnm access-port enable Fengine(config)# Relevant Command spnm access-port (enable|disable) 3.20.33 port PORTLIST stp (enable|disable) Enable or disable STP protocol on switch port. Command Form port PORTLIST stp (enable|disable) Parameter PORTLISTport list (e.g.:1,2,5-15,20) (enable|disable) Node Mode global configuration mode Default None Using Guide STP protocol can check out and disable network loop, and establish backup\ connection between switch, bridge or router. This switch is permitted to communicate with other bridge device in the network to assure that any two work station has only one route, when main connection is cut, backup connection will be auto-start. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 stp enable Fengine(config)# Relevant Command stp (enable|disable) 3.20.34 port PORTLIST stp priority Configure STP priority of the port. Command Form port PORTLIST stp priority <0-255> Parameter PORTLISTport list (e.g.:1,2,5-15,20) 223
<0-255>port stp priority is ranged in 0-255, the lower the priority value is, the higher the priority weight is. Node Mode global configuration mode Default 128 Using Guide This command is to set port priority of stp protocol, the port with the lowest prority in subnet port is designated port. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 stp priority 100 Fengine(config)# Relevant Command stp priority <0-255> 3.20.35 port PORTLIST user-limit number Set user-limit number permitted by switch port. Command Form port PORTLIST user-limit number <0-20> Parameter PORTLISTport list (e.g.:1,2,5-15,20) <0-20>user-limit number Node Mode global configuration mode Default 0 Using Guide This command is to set permitted user-number, 0 is for no limit; when this command take effect, the port will only learn designated mac address, only the designated user number data flow can be forward by the switch. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 user-limit number 10 Fengine(config)# Relevant Command 224
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual user-limit number <0-20> 3.20.36 port PORTLIST sgm (enable|disable) Enable or disable sgm on interface. Command Form port PORTLIST sgm (enable|disable) Parameter (enable|disable) Node Mode global configuration mode Default The default is disabled
Using Guide This command is to enable/disable sgm on interface. The interface without sgm function can not dispose any sgm message. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config)# port 2-7,10 sgm enable Fengine(config)# Relevant Command sgm (enable|disable) 3.20.37 port PORTLIST sgm discovery time (<1-300>|default) set discovery time for port transmitting topology. Command Form port PORTLIST sgm discovery time (<1-300>|default) Parameter <1-300>time interval is set within 1~300unit: second default: 30 second Node Mode global configuration mode Default The default is 30 second Using Guide this command is used for discovery time of switch port transmitting SGM topology. Applicable Device S2200ME-B SERIES SWITCH 225
Example Fengine (config-eth-1)# port 2-7,10 sgm discovery time 100 Fengine (config-eth-1)# Relevant Command sgm discovery time (<1-300>|default) 3.20.38 port PORTLIST sgm discovery ttl (<1-255>|default) set time interval of direct connection with neoghbour for aging port. Command Form port PORTLIST sgm discovery ttl (<1-255>|default) Parameter <1-255>time interval of discovery default:90 Node Mode global configuration mode Default Default is 90 Using Guide this command is to set time interval of direct connection with neoghbour for aging port in SGM, we suggest it to be 3 times of discovery time of transmitting topology. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-eth-1)#port 2-7,10 sgm discovery ttl 100 Fengine (config-eth-1)# Relevant Command sgm discovery ttl 100 3.20.39 port PORTLIST sgm inband enable <1-4094> Enable sgm configuration interface on designated vlan. Command Form port PORTLIST sgm inband disable port PORTLIST sgm inband enable <1-4094> Parameter <1-4094>vlan ID for operation Node Mode global configuration mode 226
Using Guide This command is to enable/disable sgm configuration interface vlan. When received message is not in vlan that port joined, then no disposal for it. Both the command switch and member switch need to configure. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-eth-1)# port 2-7,10 sgm inband enable 1 Fengine (config-eth-1)# Relevant Command None 3.20.40 port PORTLIST sgm vlan (add|remove) VLAN-LIST Set vlan list for interface add or remove. Command Form port PORTLIST sgm vlan (add|remove) VLAN-LIST Parameter (add|remove)add/remove VLAN-LISTvlan list for operation Node Mode global configuration mode Default None Using Guide This command is to set vlan list for interface add or remove. When received message is not in vlan list that port added, then no disposal for it. Applicable Device S2200ME-B SERIES SWITCH Example Fengine (config-eth-1)# port 2-7,10sgm vlan add 1,3 Fengine (config-eth-1)# Relevant Command sgm vlan (add|remove) VLAN-LIST 3.21 anti-arp attack configuration command anti-arp (enable|disable) 227
anti-arp trust ip (A.B.C.D) anti-arp trust ip (A.B.C.D) mac (AA.BB.CC.DD.EE.FF) no anti-arp trust ip no anti-arp trust ip (A.B.C.D) show anti-arp
3.21.1 anti-arp (enable|disable) Enable/disable anti-arp attack module Command Form anti-arp (enable|disable) Parameter (enable|disable) Command Mode global configuration mode Default disable Using Guide This command is to enable or disable anti-arp attack module Example Fengine (config)# anti-arp enable Fengine# Relevant Command show anti-arp 3.21.2 anti-arp trust ip (A.B.C.D) Configure reliable address Command Form anti-arp trust ip (A.B.C.D) Parameter (A.B.C.D)reliable IP address Command Mode global configuration mode Default None Using Guide Configure reliable address, only the arp packet sent by reliable can send to cpu for disposal, other arp packet will be filter. Example 228
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine (config)# anti-arp trust ip 192.168.1.102 Fengine# Relevant Command
anti-arp trust ip (A.B.C.D) mac (AA.BB.CC.DD.EE.FF) no anti-arp trust ip no anti-arp trust ip (A.B.C.D) show anti-arp 3.21.3 anti-arp trust ip (A.B.C.D) mac (AA.BB.CC.DD.EE.FF) Configure reliable IP+MAC address Command Form anti-arp trust ip (A.B.C.D) mac (AA.BB.CC.DD.EE.FF) Parameter (A.B.C.D)reliable source IP address (AA.BB.CC.DD.EE.FF)reliable source MAC address Command Mode global configuration mode Default None Using Guide Configure reliable IP+MAC address, only arp packet sent by reliable address will be send to cpu for disposal, other arp packet will be filter. Example Fengine (config)# anti-arp trust ip 192.168.1.102 mac 00:04:67:80:75:57 Fengine# Relevant Command no anti-arp trust ip no anti-arp trust ip (A.B.C.D) show anti-arp
3.21.4 no anti-arp trust ip Delete all anti-arp list. Command Form no anti-arp trust ip Parameter 229
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None Command Mode global configuration mode Default None Using Guide Delete all anti-arp list. Example Fengine (config)# no anti-arp trust ip Fengine# Relevant Command no anti-arp trust ip (A.B.C.D) show anti-arp 3.21.5 no anti-arp trust ip (A.B.C.D) Delete a designated anti-arp list. Command Form no anti-arp trust ip Parameter (A.B.C.D)reliable source IP address Command Mode global configuration mode Default None Using Guide Delete a designated anti-arp list. Example Fengine (config)# no anti-arp trust ip Fengine# Relevant Command show anti-arp 3.21.6 show anti-arp Show all anti-arp list. Command Form show anti-arp Parameter 230
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual None Command Mode privileged user mode Default None Using Guide Show all anti-arp list. Example Fengine (config)# no anti-arp trust ip Fengine# Relevant Command show anti-arp 3.22 VLAN transmission configuration command
translation-vlan <1-4094> <1-4094> mapped <1-4094> join translation-vlan VLANLIST uplink <1-64> translation-vlan nto1 (enable|disable) show translation-vlan show interface translation-vlan
3.22.1 translation-vlan <1-4094> <1-4094> mapped <1-4094> Configure vlan transmission list, NO form of this command is to delete list. Command Form translation-vlan <1-4094> <1-4094> mapped <1-4094> Parameter <1-4094> vlan transmission list id <1-4094>vlan id for mapping <1-4094>vlan id for mapping Command Mode global configuration mode Default None Using Guide Use this command to create an vlan transmission list, transmit vlan id for mapping vlan to configured mapping vlan id. Applicable Device S2200ME-B series switch Example 231
Fengine (config)# translation-vlan 1 100 mapped 1000 Fengine# Relevant Command no translation-vlan <1-4094> mapped 3.22.2 join translation-vlan VLANLIST uplink <1-64> Designate vlan transmission uplink port. Command Form join translation-vlan VLANLIST uplink <1-64> Parameter VLANLISTvlanlist <1-64>interface No. Command Mode interface configuration mode Default None Using Guide Designate vlan transmission uplink port. Applicable Device S2200ME-B series switch Example Fengine (config)#join translation-vlan 1 uplink 12 Fengine# Relevant Command quit translation-vlan VLANLIST 3.22.3 translation-vlan nto1 (enable|disable) Enable or disable N 1 vlan transmission function Command Form translation-vlan nto1 (enable|disable) Parameter (enable|disable) Command Mode interface configuration mode Default disable Using Guide 232
N 1 vlan transmission function, that is transmit multi vlan of one port into 1 vlan tag. Example Fengine (config)# translation-vlan nto1 enable Fengine# Relevant Command show interface translation-vlan .22.4 show translation-vlan mapped Show vlan transmission mapping information Command Form show translation-vlan mapped show translation-vlan mapped TRANSLATIONVLANLIST Parameter TRANSLATIONVLANLISTvlan transmission list Command Mode global configuration mode Default None Using Guide Show vlan transmission mapping information Applicable Device S2200ME-B series switch Example S2200ME#sh translation-vlan mapped Vlan-Translation Uplink Port: 24 Index VID Map-VID 1 1 10 Relevant Command 3.22.5 show interface translation-vlan Show interface vlan transmission configuration Command Form show interface translation-vlan [<1-64>] Parameter <1-64>interface No. Command Mode 233
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual global configuration mode Default None Using Guide Show interface vlan transmission configuration Applicable Device S2200ME-B series switch Example S2200ME#sh int translation-vlan If Translation-vlan Uplink Nto1Status 2 1 9 enable Relevant Command
3.23 ACL configuration command ACLaccess control listconfiguration command is including: match access-list ACLLIST description rule <1-1024> mac rule <1-1024> l2type rule <1-1024> vlan rule <1-1024> ttl rule <1-1024> tos rule <1-1024> ip rule <1-1024> icmp rule <1-1024> tcp rule <1-1024> udp rule <1-1024> action (permit|deny) rule <1-1024> action cos change (inner|outer) <0-7> rule <1-1024> arp 3.23.1 match access-list ACLLIST Enable designated ACL list to all port. NO form of this command is to disable enable. Command Form match access-list ACLLIST no match access-list ACLLIST Parameter ACLLISTacl list. e.g.: 1,2-5,7 is for ACL 1,2,3,4,5,7 Default 234
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Not enable Node Mode global configuration mode Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#match access-list 1,2 Fengine(config-acl-1)# Relevant Command show access-list cursory 3.23.2 description Configuration ACL group name Command Form description STRING Parameter STRINGACL group description Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#description acl1 Fengine(config-acl-1)# Relevant Command show access-list cursory 3.23.3 rule <1-1024> mac Configure a rule of data packet mac address.
Command Form rule <1-1024> mac (AA:BB:CC:DD:EE:FF) (AA:BB:CC:DD:EE:FF) rule <1-1024> mac (AA:BB:CC:DD:EE:FF) any rule <1-1024> mac any (AA:BB:CC:DD:EE:FF) 235
Parameter <1-1024>rule order in ACL group, priority of this rule AA:BB:CC:DD:EE:FFdesignate a detail mac address, the former is for source mac, the later is for destination mac anyant mac address Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 mac 00:19:D1:05:74:EF any Fengine(config-acl-1)# Configure a data packet source mac address 00-19-D1-05-74-EF, destination mac address is any mac address rule. Relevant Command show access-list detail 3. 23.4 rule <1-1024> l2type Configure a rule of data packet Layer 2 protocol type. Command Form rule <1-1024> l2type TYPE Parameter <1-1024>rule order in ACL group, it is priority of rule. TYPELayer protocol type protocol, use hexadecimal. Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 l2type 0x0802 Fengine(config-acl-1)# 236
Configure a data packet Layer2 protocol No. 0x0802, rule of arp protocol. Relevant Command show access-list detail 3. 23.5 rule <1-1024> vlan Configure a rule of vlan. Command Form rule <1-1024> vlan (outer|inner) <1-4094> rule <1-1024> outer-vlan <1-4094> inner-vlan <1-4094> Parameter <1-1024>rule order No. in ACL group, priority of rule outer|innerouter vlan tag /inner vlan tag <1-4096>vlan id Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 vlan inner 100 Fengine(config-acl-1)# Configure a data packe rule whose inner vlan tag is 100. Relevant Command show access-list detail 3. 23.6 rule <1-1024> ttl Configure a rule about TTL Command Form rule <1-1024> ttl <1-255> Parameter <1-1024>rule order No. in ACL group, priority of rule <1-255>ttl hops Node Mode ACL configuration mode Default None 237
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 ttl 10 Fengine(config-acl-1)# Configure a rule with ttl hops 10 Relevant Command show access-list detail 3. 23.7 rule <1-1024> tos Configure a rule about data packet IP service type. Command Form rule <1-1024> tos <0-7>
Parameter <1-1024>rule order No. in ACL group, priority of rule <0-7>TOS Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 tos 5 Fengine(config-acl-1)# Configure a rule with service type 5 Relevant Command show access-list detail 3. 23.8 rule <1-1024> ip Configure a rule of data packet ip address. Command Form rule <1-1024> ip (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D) rule <1-1024> ip any (A.B.C.D) (A.B.C.D) rule <1-1024> ip (A.B.C.D) (A.B.C.D) any 238
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual rule <1-1024> ip any any
Parameter <1-1024>rule order of ACL group, it is also the priority of the rule (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D) : source IP address, source IP address mask, destination IP address, destination IP address mask. Any: any IP address Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 ip 192.168.1.2 255.255.255.0 any Fengine(config-acl-1)# Configure a rule with data source IP is 192.168.1.2, 24 bits mask, destination IP can be any IP. Relevant Command show access-list detail 3. 23.9 rule <1-1024> icmp Configure a rule of data packet icmp protocol. Command Form rule <1-1024> icmp (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D) rule <1-1024> icmp any (A.B.C.D) (A.B.C.D) rule <1-1024> icmp (A.B.C.D) (A.B.C.D) any rule <1-1024> icmp any any Parameter <1-1024>rule order of ACL group, it is also the priority of the rule (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D) : source IP address, source IP address mask, destination IP address, destination IP address mask. Any: any IP address Node Mode ACL configuration mode Default None Using Guide None 239
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Applicable Device S2200ME-B SERIES SWITCH
Example Fengine(config-acl-1)#rule 8 icmp 192.168.1.2 255.255.255.0 any Fengine(config-acl-1)# Configure a rule with the data packet source icmp to be 192.168.1.224 bit mask, destination IP is any IP. Relevant Command show access-list detail 3. 23.10 rule <1-1024> tcp/udp Configure a rule of data packet tcp/udp protocol. Command Form rule <1-1024> (tcp|udp) (A.B.C.D) (A.B.C.D) <1-65535> (A.B.C.D) (A.B.C.D) <1-65535> rule <1-1024> (tcp|udp) any <1-65535> (A.B.C.D) (A.B.C.D) <1-65535> rule <1-1024> (tcp|udp) (A.B.C.D) (A.B.C.D) <1-65535> any <1-65535> rule <1-1024> (tcp|udp) any <1-65535> any <1-65535> rule <1-1024> (tcp|udp) (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D) <165535> rule <1-1024> (tcp|udp) any (A.B.C.D) (A.B.C.D) <1-65535> rule <1-1024> (tcp|udp) (A.B.C.D) (A.B.C.D) any <1-65535> rule <1-1024> (tcp|udp) any any <1-65535> rule <1-1024> (tcp|udp) (A.B.C.D) (A.B.C.D) <1-65535> (A.B.C.D) (A.B.C.D) rule <1-1024> (tcp|udp) any <1-65535> (A.B.C.D) (A.B.C.D) rule <1-1024> (tcp|udp) (A.B.C.D) (A.B.C.D) <1-65535> any rule <1-1024> (tcp|udp) any <1-65535> any rule <1-1024> (tcp|udp) any any rule <1-1024> tcp (A.B.C.D) (A.B.C.D) <1-65535> (A.B.C.D) (A.B.C.D) <1-65535> established rule <1-1024> tcp any <1-65535> (A.B.C.D) (A.B.C.D) <1-65535> established rule <1-1024> tcp (A.B.C.D) (A.B.C.D) <1-65535> any <1-65535> established rule <1-1024> tcp any <1-65535> any <1-65535> established rule <1-1024> tcp (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D) <1-65535> established rule <1-1024> tcp any (A.B.C.D) (A.B.C.D) <1-65535> established rule <1-1024> tcp (A.B.C.D) (A.B.C.D) any <1-65535>established rule <1-1024> tcp any any <1-65535> established rule <1-1024> tcp (A.B.C.D) (A.B.C.D) <1-65535> (A.B.C.D) (A.B.C.D) established 240
rule <1-1024> tcp any <1-65535> (A.B.C.D) (A.B.C.D) established rule <1-1024> tcp (A.B.C.D) (A.B.C.D) <1-65535> any established rule <1-1024> tcp any <1-65535> any established rule <1-1024> tcp any any established rule <1-1024> (tcp|udp) (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D) Parameter <1-1024>rule order of ACL group, it is also the priority of the rule tcp/udpTCP/UDP protocol (A.B.C.D) (A.B.C.D) <1-65535> (A.B.C.D) (A.B.C.D) <1-65535>source IP addresssource IP address masksource portdestination IP address destination IP address maskdestination port anyany IP address establishedfor configure reversed acl when configuring tcp protocol. Node Mode ACL configuration mode Default None Using Guide Established fragment is to configure contrary access control list, it is mainly used under anti-virus. Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 tcp 172.16.3.0 255.255.255.0 172.16.4.0 255.255.255.0 established Fengine(config-acl-1)# Configure a rule, this rule is generally used for all PC accessing 172.16.4.0 from 172.16.3.0, the precondition is that TCP connection is established. When TCP connection is not established, not permit 172.16.3.0 to access 172.16.4.0. Relevant Command show access-list detail 3. 23.11 rule <1-1024> action (permit|deny) Configure corresponding action of the rule Command Form rule <1-1024> action (permit|deny) Parameter <1-1024>rule No. of ACL group, it is also the priority of the rule. (permit|deny)permit or deny 241
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 action deny Fengine(config-acl-1)# Disable data packet of rule 8. Relevant Command show access-list detail 3. 23.12 rule <1-1024> action cos change Configure cos action of the rule.
Command Form rule <1-1024> action cos change (inner|outer) <0-7> rule defaction cos change (inner|outer) <0-7> Parameter <1-1024>rule order No. in ACL group, priority of rule (inner|outer)inner COS or outer COS <0-7>COS defactionconfigure this action to be default action of acl rule Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 action cos change inner 3 Fengine(config-acl-1)# Change inner cos meeting with rule 8 data packet to be 3. Fengine(config-acl-1)#rule defaction cos change inner 3 Fengine(config-acl-1)# 242
Change inner COS meeting with the data packet without action rule to be 3. Relevant Command show access-list detail 3. 23.13 rule <1-1024> action cos new <0-7> Configure cos action of rule. Command Form rule <1-1024> action cos new <0-7> rule defaction cos new <0-7> Parameter <1-256>rule order No. in ACL group, priority of rule <0-7>COS defactionconfigure this action to be default action of acl group rule. Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 action cos new 3 Fengine(config-acl-1)# Add outer COS meeting with rule 8 to be 3. Relevant Command show access-list detail 3. 23.14 rule <1-1024> action tos <0-7> Configure TOS action of rule. Command Form rule <1-1024> action tos <0-7> rule defaction tos <0-7> Parameter <1-1024>rule order No. in ACL group, priority of rule <0-7>TOS defactionconfigure this action to be default of acl rule. Node Mode 243
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 action tos 3 Fengine(config-acl-1)# Set ip service type of rule 8 to be 3. Relevant Command show access-list detail 3. 23.15 rule <1-1024> action dscp DSCP Configure DSCP action of rule. Command Form rule <1-1024> action dscp DSCP rule defaction dscp DSCP
Parameter <1-1024>rule order No. in ACL group, priority of rule DSCPdscp by hex defactionconfigure this action to be default of acl rule. Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 action dscp 0x3a Fengine(config-acl-1)# Set dscp of rule 8 to be 0x3a Relevant Command show access-list detail 3. 23.16 rule <1-1024> action trapcpu (only|forward) 244
Configure the corresponding rule data packet flow action Command Form rule <1-1024> action trapcpu (only|forward) rule defaction trapcpu (only|forward) Parameter <1-1024>rule No. of ACL group, it is also the priority of the rule. (only|forward)data packet only get on CPU or get on CPU then forward. defactionconfigure this action to be default action of acl rule. Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 action trapcpu forward Fengine(config-acl-1)# Set data packet of rule 8 to get on CPU then forward out. Relevant Command show access-list detail 3. 23.17 rule <1-1024> action ratelimit <64-1000000> Configure rule action of rate limit. Command Form rule <1-1024> action ratelimit <64-1000000> rule defaction ratelimit <64-1000000> Parameter <1-1024>rule No. of ACL group, it is also the priority of the rule. <64-1000000>limited rate, unit: kbps, which should be times of 64kbps. defactionconfigure this action to be default action of acl rule. Node Mode ACL configuration mode Default None Using Guide None 245
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 action ratelimit 128 Fengine(config-acl-1)# Set rate of rule 8 to be 128kbps Relevant Command show access-list detail 3. 23.18 rule <1-1024> action (mirror|redirect) <1-64>
Configure the corresponding data packet to mirror or redirect to certain port. Command Form rule <1-1024> action (mirror|redirect) <1-64> rule defaction (mirror|redirect) <1-64> Parameter <1-1024>rule No. of ACL group, it is also the priority of the rule. (mirror|redirect)mirror or redirect to certain port <1-64>port No. defactionconfigure this action to be default action of acl rule. Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 action redirect 10 Fengine(config-acl-1)# Set data packet of rule 8 redirect to port 10. Relevant Command show access-list detail 3. 23.19 rule <1-1024> action sendqueue <0-7> Configure the corresponding data packet to be sent to designated queue. Command Form rule <1-1024> action sendqueue <0-7> rule defaction sendqueue <0-7> 246
Parameter <1-1024>rule No. of ACL group, it is also the priority of the rule. <0-7>queue No. defactionconfigure this action to be default action of acl rule. Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#rule 8 action sendqueue 5 Fengine(config-acl-1)# Send data packet of rule 8 to queue 5. Relevant Command show access-list detail 3. 23.20 no rule <1-1024> Delete a rule. Command Form no rule <1-1024> Parameter <1-1024>rule No of ACL group, also the priority of this rule. Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#no rule 8 Fengine(config-acl-1)# Delete rule 8 Relevant Command 247
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual show access-list cursory 3. 23.21 no rule <1-1024> action Delete the action corresponding to the designated rule Command Form no rule <1-1024> action
Parameter <1-1024>rule No. of ACL group, it is also the priority of the rule. Node Mode ACL configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine(config-acl-1)#no rule 8 action Fengine(config-acl-1)# Delete action of rule 8. Relevant Command show access-list detail 3. 23.22 match access-list <1-399> Apply acl rule to the interface, NO form of this command is to cancel the application. Command Form match access-list <1-399> no match access-list Parameter <1-399>acl group No. Node Mode interface configuration mode Default None Using Guide In or out limit only configure one group Applicable Device 248
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual S2200ME-B SERIES SWITCH Example Fengine(config-eth-2)#match access-list 1 Fengine(config-eth-2)# Apply ACL1 to interface2 Relevant Command show access-list port 3. 23.23 show access-list [<1-399>] Show configuration of ACL. Command Form show access-list [<1-399>] Parameter [<1-399>]ACL group No. optional Node Mode privileged configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show access-list 100 appointed ACL detail infromation access-list 100 description: rule number: 1 rules of this ACL: rule 1 tcp-- src any src port[100]to[100] dest any actions of this ACL: rule 1 action deny Fengine# Relevant Command show access-list port 3. 23.24 show access-list port [<1-64>] Show ACL applied on the port. Command Form 249
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual show access-list port [<1-64>] Parameter [<1-64>]optional parameter is for port No. Node Mode privileged configuration mode Default None Using Guide None Applicable Device S2200ME-B SERIES SWITCH Example Fengine#show access-list port 1 ACL port information: Port 1 in direction: acl [none] out direction: acl [1] Fengine# Relevant Command show access-list port
3. 23.25 rule <1-1024> arp Configure a rule of data packet arp protocol Command Form rule <1-1024> arp (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D) rule <1-1024> arp (A.B.C.D) (A.B.C.D) any rule <1-1024> arp any (A.B.C.D) (A.B.C.D) rule <1-1024> arp any any Parameter (A.B.C.D) (A.B.C.D) (A.B.C.D) (A.B.C.D)source IP addresssource IP address mask, destination IP address, destination IP address mask anyany IP address Node Mode RULE configuration mode Default None Using Guide None 250
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Applicable Device S2200ME-B series switch
Example Fengine(config-acl-1)# rule 2 arp 192.168.1.2 255.255.255.0 any Configure a rule of arp (code 1), the data packet of the rule required source IP should be 192.168.1.2, 24 bits mask, destination IP is any IP. Relevant Command show access-list detail
3.24 802.1X configuration command 802.1X protocol configuration command is including: dot1x (enable|disable) dot1x authenticator link-mode dot1x authenticator logical-port dot1x authenticator max-request dot1x authenticator supplicant-timeout dot1x authenticator txwhen-timeout dot1x authenticator max-user dot1x authenticator quiet-timeout dot1x authenticator radius-server dot1x authenticator reauthenticate-period dot1x reauthenticate dot1x user <0-63> USERNAME password PASSWORD dot1x user <0-63> bind-to mac AA:BB:CC:DD:EE:FF dot1x user <0-63> bind-to port <1-64> dot1x user <0-63> max-time <1-100> dot1x user lock dot1x user lock fail-times dot1x user lock trap no dot1x authenticator user all no dot1x interface <1-64> user 251
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual show dot1x authenticator user show dot1x interface show dot1x user
3.24.1 dot1x (enable|disable) enable or disable switch 802.1x protocol Command Form dot1x (enable|disable) Parameter enableenable 802.1x disable disable 802.1x Node Mode global configuration modeinterface configuration mode Default disable Using Guide This command is to configure whether switch is enabled 802.1x protocol or enable/disable 802.1x protocol on certain port. Applicable Device S2200ME-B series switch Example Fengine(config)# dot1x enable Fengine(config)# Relevant Command None 3.24.2 dot1x authenticator link-mode Use this command to set a mode for physical port and user when establishing authentication connection. Command Form dot1x authenticator link-mode (passive|active) Parameter passivephysical interface is using passive connection mode, authentication request is sent by client-end. Activephysical interface is using active connection mode, authentication request is sent by device to client-end. Node Mode interface configuration mode 252
Using Guide Use this command to set a mode for physical port and user when establishing authentication connection. Applicable Device S2200ME-B series switch Example Fengine((config-eth1/2))#dot1x authenticator link-mode passive Fengine((config-eth1/2))# Relevant Command None 3.24.3 dot1x authenticator logical-port Use this command to set a mode to create an interface 802.1x logical port. Command Form dot1x authenticator logical-port (port-mac|port-mac-vlan|port) Parameter portlogical port is formed according to physical port port-maclogical port is formed according to physical port and MAC address port-mac-vlanlogical port is formed according to physical port and MACaddress and VLAN ID. Node Mode interface configuration mode Default None Using Guide Use this command to set a mode to create an interface 802.1x logical port. Applicable Device S2200ME-B series switch Example Fengine((config-eth1/2))# dot1x authenticator logical-port port Fengine((config-eth1/2))# Relevant Command None 3.24.4 dot1x authenticator max-request 253
Use this command to set max times of an interface 802.1x authentication request. Command Form dot1x authenticator max-request (<1-10>|default) Parameter <1-10>max times of authentication request defaultdefault is 2 Node Mode interface configuration mode Default 2 Using Guide Use this command to set max times of an interface 802.1x authentication request. Applicable Device S2200ME-B series switch Example Fengine((config-eth1/2))# dot1x authenticator max-request 3 Fengine((config-eth1/2))# Relevant Command None 3.24.5 dot1x authenticator supplicant-timeout Use this command to set supplicant timer of an interface 802.1x. Command Form dot1x authenticator supplicant-timeout (<1-65535>|default) Parameter <1-65535>timeout of 802.1x supplicant timer. Unit: second defaultthe default is 30 second Node Mode interface configuration mode Default 30 Using Guide Use this command to set supplicant timer of an interface 802.1x . Applicable Device S2200ME-B series switch 254
Example Fengine((config-eth1/2))# dot1x authenticator supplicant-timeout 1200 Fengine((config-eth1/2))# Relevant Command None 3.24.6 dot1x authenticator txwhen-timeout Use this command to set txWhen timer of an interface 802.1x. Command Form dot1x authenticator txwhen-timeout (<1-65535>|default) Parameter <1-65535>timeout of 802.1x txWhen timer, unit: second defaultthe default is 30 second Node Mode interface configuration mode Default 30 Using Guide Use this command to set txWhen timer of an interface 802.1x. Applicable Device S2200ME-B series switch Example Fengine((config-eth1/2))# dot1x authenticator txwhen-timeout 5000 Fengine((config-eth1/2))# Relevant Command None 3.24.7 dot1x authenticator max-user Configure max user number supported by the port enabled 802.1x. Command Form dot1x authenticator max-user <1-65535> Parameter <1-65535>user number Node Mode interface configuration mode Default 255
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual The default permits 10 IEEE802.1x user. Using Guide
This command is to configure max user number supported by the port enabled 802.1x. Applicable Device S2200ME-B series switch Example Fengine(config-eth-2)#dot1x authenticator max-user 6 Fengine(config-eth-2)# Relevant Command dot1x (enable|disable), show dot1x interface 3.24.8 dot1x authenticator quiet-timeout Configure quiet-timeout on the port enabled 802.1x protocol for second accept users authenticator, the time is to prevent vicious attack for the device. Command Form dot1x authenticator quiet-timeout (<1-120>|default) Parameter <1-120>timeunit: s Node Mode interface configuration mode Default 60 Using Guide Configure quiet-timeout on the port enabled 802.1x protocol for second accept users authenticator, the time is to prevent vicious attack for the device. Applicable Device S2200ME-B series switch Example Fengine(config-eth-2)#dot1x authenticator quiet-timeout 100 Fengine(config-eth-2)# Relevant Command None 3.24.9 dot1x authenticator radius-server Configure name of the port enabled 802.1x protocol and corresponding radius client. 256
Command Form dot1x authenticator radius-server NAME mode (normal|relay) no dot1x authenticator radius-server Parameter NAMEradius client name normalnormal mode relayrelay mode Node Mode interface configuration mode Default If the device IEEE802.1x does not identify radius client name, use local authentication mode Using Guide This command is to configure name of the port enabled 802.1x protocol port authenticator radius client, NO form of this command is to delete name. Applicable Device S2200ME-B series switch Example Fengine(config-eth-2)#dot1x authenticator radius-server test Fengine(config-eth-2)# Relevant Command None 3.24.10 dot1x authenticator reauthenticate-Period Configure 802.1x reauthenticate-period Command Form dot1x authenticator reauthenticate-Period (<60-7200>|default) Parameter <60-7200>timeunit: s Node Mode interface configuration mode Default 3600 Using Guide This command is to set switch 802.1x reauthentication period. Applicable Device S2200ME-B series switch 257
Example Fengine(config-eth-2)#dot1x authenticator reauthenticate-Period 100 Fengine(config-eth-2)# Relevant Command None 3.24.11 dot1x reauthenticate enable or disable 802.1x reauthentication function Command Form dot1x reauthenticate no dot1x reauthenticate Parameter None Node Mode interface configuration mode Default None Using Guide This command is to enable or disable 802.1x reauthentication, NO form of this command is to disable. Applicable Device S2200ME-B series switch Example Fengine(config-eth-2)#dot1x reauthenticate Fengine(config-eth-2)# Relevant Command None 3.24.12 dot1x user <0-63> USERNAME password PASSWORD Configure user name and password of 802.1x authentication. Command Form dot1x user <0-63> USERNAME password PASSWORD no dot1x user <0-63> Parameter <0-63>user ID index USERNAMEuser name PASSWORDpassword Node Mode 258
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual global configuration mode Default None
Using Guide This command is to add and delete user for 802.1x authentication. Switch may not use radius authentication, and use local authentication for accessing user, the default is local authentication. But if radius authentication is designated to use, the authentication is decided by radius, local user configured on this device is no use. Applicable Device S2200ME-B series switch Example Fengine (config)# dot1x user 1 test password test Fengine (config)# Relevant Command show dot1x-user 3.24.13 dot1x user <0-63> bind-to mac AA:BB:CC:DD:EE:FF Bind certain user to particular mac address Command Form dot1x user <0-63> bind-to mac AA:BB:CC:DD:EE:FF Parameter <0-63>user ID index AA:BB:CC:DD:EE:FFdesignagted mac address Node Mode global configuration mode Default None Using Guide None Applicable Device S2200ME-B series switch Example Fengine (config)# dot1x user 1 bind-to mac 00:19:D1:05:74:EF Fengine (config)# Relevant Command show dot1x-user 3.24.14 dot1x user <0-63> bind-to port <1-64> 259
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Bind certain user to particular interface Command Form dot1x user <0-63> bind-to port <1-64> Parameter <0-63>user No. index <1-64>designated port Node Mode global configuration mode Default None Using Guide None Applicable Device S2200ME-B series switch Example Fengine (config)# dot1x user 1 bind-to port 1 Fengine (config)# Relevant Command show dot1x-user 3.24.15 dot1x user <0-63> max-time <1-100> Set user max logging times Command Form dot1x user <0-63> max-time <1-100> Parameter <0-63>user No. index <1-100>logging times Node Mode global configuration mode Default None Using Guide None Applicable Device S2200ME-B series switch Example Fengine (config)# dot1x user 1 max-time 10 Fengine (config)# 260
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Relevant Command show dot1x-user 3.24.16 dot1x user lock Set whether permit to lock user Command Form dot1x user lock (enable|disable) Parameter (enable|disable)permit/not permit to lock user Node Mode global configuration mode Default None Using Guide Set whether permit to lock user Applicable Device S2200ME-B series switch Example Fengine (config)#dot1x user lock enable Fengine (config)# Relevant Command show dot1x-user 3.24.17 dot1x user lock fail-times Set user authentication failure times for lock Command Form dot1x user lock fail-times <1-20> Parameter <1-20>authentication failure times Node Mode global configuration mode Default None Using Guide Set user authentication times for lock Applicable Device S2200ME-B series switch Example 261
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Fengine (config)# dot1x user lock fail-times 5 Fengine (config)# Relevant Command show dot1x-user 3.24.18 dot1x user lock trap Set whether send trap when user is locked Command Form dot1x user lock trap (enable|disable) Parameter (enable|disable)enable /disable sending trap Node Mode global configuration mode Default None Using Guide Set whether send trap when user is locked Applicable Device S2200ME-B series switch Example Fengine (config)# dot1x user lock trap enable Fengine (config)# Relevant Command show dot1x-user 3.24.19 no dot1x authenticator user all
force all users with authentication of 802.1x protocol on switch to get off the line Command Form no dot1x authenticator user all Parameter None Node Mode global configuration mode Default None Using Guide this command is to configure all users with authentication of 802.1x protocol on switch to get off the line. 262
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Applicable Device S2200ME-B series switch Example Fengine(config)# no dot1x authenticator user all Fengine(config)# Relevant Command show dot1x authenticator user 3.24.20 no dot1x interface <1-64> user
force all users with authentication of 802.1x protocol on certain interface of switch to get off the line Command Form no dot1x interface <1-64> user <0-65535> no dot1x interface <1-64> user all Parameter <1-64>interface No. <0-65535>user No. Node Mode global configuration mode Default None Using Guide this command is to configure that a certain user on a certain interface which passed 802.1x protocol or all users to be offline. Applicable Device S2200ME-B series switch Example Fengine(config)# no dot1x interface <1-64> user all Fengine(config)# Relevant Command show dot1x authenticator user 3.24.21 show dot1x authenticator user show information of all users that passed 802.1x protocol authentication. Command Form show dot1x authenticator user Parameter None 263
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Node Mode privileged user mode Default None
Using Guide this command is to show user configuration information of all 802.1x protocol that user configured on the switch. Applicable Device S2200ME-B series switch Example Fengine# show dot1x authenticator user Fengine# Relevant Command None 3.24.22 show dot1x interface show the information of 802.1x protocol configured at switch port. Command Form show dot1x interface Parameter None Node Mode privileged user mode Default None Using Guide this command is to show the information of 802.1x protocol configured at switch port. Applicable Device S2200ME-B series switch Example Fengine#show dot1x interface Port Users Maxusers 5 0 24 Fengine# Relevant Command None 3.24.23 show dot1x user 264
show users information of all 802.1x protocol that user configured. Command Form show dot1x-user Parameter None Node Mode privileged user mode Default None Using Guide this command is to show users configuration and user locked configuration of all 82.1x protocol that user configured on the switch. Applicable Device S2200ME-B series switch Example Fengine#show dot1x user UserId UserName Password 0 test1 test1 1 test2 test2 Fengine# Relevant Command None 3.25 DHCP-SNOOP configuration command The configuration command are: dhcp-snoop (enable|disable) dhcp-snoop option82 (enable|disable) dhcp-snoop (trust|untrust) show dhcp-snoop trust show dhcp-snoop interface show dhcp-snoop interface binding 3.25.1 dhcp-snoop (enable|disable) enable disable dhcp snoop service Command Form dhcp-snoop (enable|disable) Parameter (enable|disable) Node Mode 265
global configuration modeinterface configuration mode Default disable Using Guide This command is to enable or disable dhcp snoop service on switch. Applicable Device S2200ME-B series switch Example Fengine (config)# dhcp-snoop enable Fengine (config)# Relevant Command show dhcp-snoop interface 3.25.2 dhcp-snoop option82 (enable|disable) enable and disable dhcp 82 options Command Form dhcp-snoop option82 (enable|disable) Parameter (enable|disable) Node Mode global configuration mode Default disable Using Guide This command is to enable or disable dhcp 82 options on switch Applicable Device S2200ME-B series switch Example Fengine (config)# dhcp-snoop option82 enable Fengine (config)# Relevant Command show dhcp-snoop interface 3.25.3 dhcp-snoop (trust|untrust) enable and disable dhcp trust port Command Form dhcp-snoop (trust|untrust) 266
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Parameter (trust|untrust)trust is enable, untrust is disable Node Mode interface configuration mode Default disable Using Guide
This command is to enable or disable dhcp trust port on switch, dhcp server should be connected with trust port to prevent dhcp cheat attack. Applicable Device S2200ME-B series switch Example Fengine (config)# dhcp-snoop trust Fengine (config)# Relevant Command show dhcp trust 3.25.4 show dhcp-snoop trust Show whether dhcp-snoop service is trust by interface Command Form show dhcp-snoop trust Parameter None Node Mode privileged configuration mode Default None Using Guide None Applicable Device S2200ME-B series switch Example None Relevant Command None 3.25.5 show dhcp-snoop interface 267
Show whether dhcp-snoop service is enabled on interface. Command Form show dhcp-snoop interface Parameter None Node Mode privileged configuration mode Default None Using Guide None Applicable Device S2200ME-B series switch Example None Relevant Command None 3.25.6 show dhcp-snoop interface binding Show binding information of dhcp-snoop on interface, including mac address, ip address. Command Form show dhcp-snoop interface Parameter None Node Mode privileged configuration mode Default None Using Guide None Applicable Device S2200ME-B series switch Example None Relevant Command None
268
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual 3.26 RLINK configuration command The configuration command are: rlink <1-16> protect-vlan join rlink <1-16> (master|slave|uplink|downlink) show rlink config show rlink interface
3.26.1 rlink <1-16> protect-vlan Configure or delete protection vlan of rlink instance Command Form rlink <1-16> protect-vlan <1-4094> rlink <1-16> protect-vlan VLANLIST no rlink <1-16> protect-vlan <1-4094> no rlink <1-16> protect-vlan VLANLIST Parameter <1-16>rlink instance id <1-4094>vlan id VLANLISTvlan list Command Mode global configuration mode Default None Using Guide If Protection vlan is configured, for main port A, the VLAN is forward status on port A, and be blocked status on backup port B. when link of main port A is fault, the status of backup port B will switch to forward status. Applicable Device S2200ME-B series switch Example Fengine (config)#link 1 protect-vlan 10 Relevant Command 3.26.2 join rlink <1-16> (master|slave|uplink|downlink) Configure port rlink status Command Form join rlink <1-16> (master|slave|uplink|downlink) 269
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual no join rlink <1-16>
Parameter <1-16>rlink instance id (master|slave|uplink|downlink)main port,backup port, uplink port, downlink port Command Mode interface configuration mode Default None Using Guide Configure current port to be main port, backup port, uplink port or downlinkport. Applicable Device S2200ME-B series switch Example Fengine(config-ge1/1)#rlink 1 master 3.26.3 show rlink config Show rlink configuration Command Form show rlink config Parameter None Node Mode privileged configuration mode Default None Using Guide None Applicable Device S2200ME-B series switch Example None Relevant Command None 3.26.4 show rlink interface 270
F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Show rlink interface configuration Command Form show rlink interface show rlink interface <1-64> Parameter None Node Mode privileged configuration mode Default None Using Guide None Applicable Device S2200ME-B series switch Example None Relevant Command None
271
Chapter 4 Command switch configure member switch
Chapter 4 Command switch configure member switch

S2200ME-B series switch support SGM, use CLI to configure member switch. Configure member switch is shown as below: 1 Input sgm member (AA.BB.CC.DD.EE.FF) to select member switch to configure under global configuration mode.
Example: Fengine (config-sgm)#sgm member 00.04.67.90.be.42
************************************************ * * * * * Copyright 2000-2007 FiberHome Networks For Fengine Fengine Switch OS (Version 1.06 ) * * * * *
************************************************
User Access Verification
Username: 2 Then input user name and password to enter corresponding configuration mode of member switch and do operation for member switch. The verbose command can refer to Chpater 3 of this book.
272

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual (V3.0)

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual (V3.0)

Hochgeladen von

Copyright:

Verfügbare Formate

F-ENGINE

S2200ME-B Carrier Ethernet Switch Command Line Interface Manual V2.9

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Postal code Tel Fax Website Email

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Chapter 2 Hardware platform&Softwre environment .............................. 4

Chapter 3 Switch configuration command ................................................. 5

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Chapter 4 Command switch configure member switch ......................... 272

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Chapter 2 Chapter 3 Chapter 4

Caution, Notice Note

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

This product is strictly conforming to IEEE 802.3-1998 and Q/WRI 5012-2001.

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Fengine (config)# Fengine(confi g-system)#

Fengine(confi g-line)# Fengine(confi g-eth-N1)#

Configure interface parameter (N1: interface

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Chapter 2 Hardware platform &Software environment

Chapter 2 Hardware platform&Softwre environment

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Chapter 3 configuration command

Chapter 3 Switch configuration command

Chapter 3 configuration command

3.1.1 cd Switch under different directory in the system. 6

Chapter 3 configuration command

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Chapter 3 configuration command

Chapter 3 configuration command

Chapter 3 configuration command

Chapter 3 configuration command

Chapter 3 configuration command

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Parameter None

Chapter 3 configuration command

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual Default None

Chapter 3 configuration command

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Chapter 3 configuration command

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Chapter 3 configuration command

Chapter 3 configuration command

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Chapter 3 configuration command

Chapter 3 configuration command

Chapter 3 configuration command

F-Engine S2200ME-B Carrier Ethernet Switch CLI Manual

Chapter 3 configuration command