3Com 7750 Series Switch Command Reference Guide User Manual To The 3c2a2617 A1bb 45ef 879a 8e40595e881c
User Manual: 3Com 7750 Series to the manual
Open the PDF directly: View PDF 
.
Page Count: 1177
| Download | |
| Open PDF In Browser | View PDF |
3Com Switch 7750 Series
Command Reference Guide
www.3Com.com
Part Number: 10015463 Rev. AB
September 2006
Copyright © 2006, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by
any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission
from 3Com Corporation.
3Com Corporation reserves the right to revise this documentation and to make changes in content from time to time without
obligation on the part of 3Com Corporation to provide notification of such revision or change.
3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed,
including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a
particular purpose. 3Com may make improvements or changes in the product(s) and/or the program(s) described in this
documentation at any time.
If there is any software on removable media described in this documentation, it is furnished under a license agreement included
with the product as a separate document, in the hard copy documentation, or on the removable media in a directory file named
LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy, please contact 3Com and a copy will be provided to you.
UNITED STATES GOVERNMENT LEGEND
If you are a United States government agency, then this documentation and the software described herein are provided to you
subject to the following:
All technical data and computer software are commercial in nature and developed solely at private expense. Software is
delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or as a “commercial item” as
defined in FAR 2.101(a) and as such is provided with only such rights as are provided in 3Com’s standard commercial license for
the Software. Technical data is provided with limited rights only as provided in DFAR 252.227-7015 (Nov 1995) or FAR
52.227-14 (June 1987), whichever is applicable. You agree not to remove or deface any portion of any legend provided on any
licensed program or documentation contained in, or delivered to you in conjunction with, this User Guide.
Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may not be registered in
other countries.
3Com, the 3Com logo, are registered trademarks of 3Com Corporation.
Intel and Pentium are registered trademarks of Intel Corporation. Microsoft, MS-DOS, Windows, and Windows NT are
registered trademarks of Microsoft Corporation. UNIX is a registered trademark in the United States and other countries, licensed
exclusively through X/Open Company, Ltd.
All other company and product names may be trademarks of the respective companies with which they are associated.
3Com Corporation
350 Campus Drive
Marlborough, MA
01752-3064
3Com Switch 7750 Series
Command Reference Guide – CLI
Table of Contents
Table of Contents
Chapter 1 CLI Configuration Commands.................................................................................... 1-1
1.1 CLI Configuration Commands ........................................................................................... 1-1
1.1.1 command-privilege level ......................................................................................... 1-1
1.1.2 display history-command ........................................................................................ 1-2
1.1.3 super ....................................................................................................................... 1-2
1.1.4 super password ....................................................................................................... 1-3
i
3Com Switch 7750 Series
Command Reference Guide – CLI
Chapter 1 CLI Configuration Commands
Chapter 1 CLI Configuration Commands
1.1 CLI Configuration Commands
1.1.1 command-privilege level
Syntax
command-privilege level level view view command
undo command-privilege view view command
View
System view
Parameter
level: Command Level. This argument ranges from 0 to 3.
view: Command view. This argument can be any command view the switch supports.
command: Command to be specified.
Description
Use the command-privilege level command to set the level of the specified
command in a specified view.
Use the undo command-privilege view command to restore the level of the specified
command in the specified view to the default.
Commands fall into four command levels: visit, monitor, system, and manage, which
are identified as 0, 1, 2, and 3 respectively. The administrator can change the level of a
command to enable users of specific level to utilize the command.
By default, the ping, tracert, and telnet commands are at the visit level (level 0); the
display and debugging commands are at the monitor level (level 1); all configuration
commands are at the system level (level 2); and FTP/TFTP/XModem and file system
related commands are at the manage level (level 3).
Example
# Specify the interface command in system view to be of level 0.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] command-privilege level 0 view system interface
1-1
3Com Switch 7750 Series
Command Reference Guide – CLI
Chapter 1 CLI Configuration Commands
1.1.2 display history-command
Syntax
display history-command
View
Any view
Parameter
None
Description
Use the display history-command command to display history commands. All the
history commands are saved in the history command cache. When the history
command cache is full, the old information in it will be overlaid.
Related command: history-command max-size.
Example
# Display history commands.
<3Com> display history-command
system-view
quit
display history-command
1.1.3 super
Syntax
super [ level ]
View
User view
Parameter
level: User level. This argument ranges from 0 to 3 and defaults to 3. If you execute
this command with the level argument not provided, this command switches the
current user level to level 3.
Description
Use the super command to switch the current user level to the one identified by the
level argument. If a password is previously set by using the super password [ level
level ] { simple | cipher } password command, you need to provide the password as
1-2
3Com Switch 7750 Series
Command Reference Guide – CLI
Chapter 1 CLI Configuration Commands
well to switch to the higher user level. You will remain in the original user level if you
fail to provide the correct password.
Note that:
z
Users logging into a switch also fall into four levels, each of which corresponding
to one of the command levels. Users at a specific level can only use the
commands at the same level and the commands at the lower levels.
z
You can specify an AUX user to provide a password when he switches from a
lower user level to a higher user level and specify the password by using the
super password [ level level ] { simple | cipher } password command. With a
password configured, an AUX user remains in the original user level if the
password provided is incorrect when the AUX user attempts to switch to a higher
user level. If the password is not configured, an AUX user can switch to a higher
user level directly.
z
A password is necessary for a VTY user to switch to a higher user level. You can
use the super password [ level level ] { simple | cipher } password command to
set the password. With the password not configured, a VTY user is prompted the
message reading “Password is not set” and remains in the previous level.
z
An AUX user or a VTY user can switch to a lower user level directly regardless of
the password.
Related command: super password.
Example
# Switch to user level 3.
<3Com> super 3
Password:
1.1.4 super password
Syntax
super password [ level level ] { simple | cipher } password
undo super password [ level level ]
View
System view
Parameter
level: User level. This argument ranges from 1 to 3 and defaults to 3. If you execute
this command with the level argument not provided, this command sets the password
to switch to level 3.
simple: Specifies to provide the password in plain text.
cipher: Specifies to provide the password in encrypted text.
1-3
3Com Switch 7750 Series
Command Reference Guide – CLI
Chapter 1 CLI Configuration Commands
password: Password to be set. If you specify the simple keyword, provide this
argument in plain text. If you specify the cipher keyword, you can provide this
argument in either encrypted text or plain text. In this case, a password containing no
more than 16 characters (such as 123) is regarded to be in plain text and is converted
to
the
corresponding
24-character
encrypted
form
(such
as
7-CZB#/YX]KQ=^Q`MAF4<1!!) automatically. You can also provide a 24-character
encrypted password directly (such as 7-CZB#/YX]KQ=^Q`MAF4<1!!). In this case, you
must know its corresponding plain-text password is 123.
Description
Use the super password command to set the password for users to switch to a higher
user level. To prevent unauthorized accesses, you can use this command to require
users to provide the password when they switch to a higher user level. For security
purpose, the password a user enters when switching to a higher user level is not
displayed. A user will remain at the original user level if the user has tried three times
to enter the correct password but fails to do this.
Use the undo super password command to cancel the configuration.
Note that no matter what form of the password (plain text or encrypted text) is in, the
password entered for verification must be in plain text.
Example
# Set the password to switch from the current user level to user level 3 to “zbr”.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] super password level 3 simple zbr
1-4
3Com Switch 7750 Series
Command Reference Guide – Login
Table of Contents
Table of Contents
Chapter 1 Login Commands ........................................................................................................ 1-1
1.1 Login Commands............................................................................................................... 1-1
1.1.1 authentication-mode................................................................................................ 1-1
1.1.2 auto-execute command........................................................................................... 1-2
1.1.3 databits.................................................................................................................... 1-3
1.1.4 display user-interface .............................................................................................. 1-3
1.1.5 display users ........................................................................................................... 1-5
1.1.6 flow-control .............................................................................................................. 1-6
1.1.7 free user-interface ................................................................................................... 1-7
1.1.8 header ..................................................................................................................... 1-8
1.1.9 history-command max-size ................................................................................... 1-10
1.1.10 idle-timeout.......................................................................................................... 1-11
1.1.11 lock ...................................................................................................................... 1-12
1.1.12 modem ................................................................................................................ 1-12
1.1.13 modem auto-answer ........................................................................................... 1-13
1.1.14 modem timer answer........................................................................................... 1-14
1.1.15 parity.................................................................................................................... 1-14
1.1.16 protocol inbound.................................................................................................. 1-15
1.1.17 screen-length....................................................................................................... 1-16
1.1.18 send..................................................................................................................... 1-16
1.1.19 service-type ......................................................................................................... 1-17
1.1.20 set authentication password................................................................................ 1-19
1.1.21 shell ..................................................................................................................... 1-20
1.1.22 speed................................................................................................................... 1-21
1.1.23 stopbits ................................................................................................................ 1-21
1.1.24 sysname .............................................................................................................. 1-22
1.1.25 telnet.................................................................................................................... 1-23
1.1.26 user-interface ...................................................................................................... 1-23
1.1.27 user privilege level .............................................................................................. 1-24
Chapter 2 Commands for User Control....................................................................................... 2-1
2.1 Commands for Controlling Logging in Users..................................................................... 2-1
2.1.1 acl............................................................................................................................ 2-1
2.1.2 snmp-agent community........................................................................................... 2-1
2.1.3 snmp-agent group ................................................................................................... 2-2
2.1.4 snmp-agent usm-user ............................................................................................. 2-4
i
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Chapter 1 Login Commands
1.1 Login Commands
1.1.1 authentication-mode
Syntax
authentication-mode { password | scheme [ command-authorization ] | none }
View
User interface view
Parameter
password: Authenticates users using the local password.
scheme: Authenticates users locally or remotely using usernames and passwords.
command-authorization:
Performs
command
authorization
on
TACACS
authentication server.
none: Does not authenticate users.
Description
Use the authentication-mode command to specify the authentication mode.
z
If you specify the password keyword to authenticate users using the local
password, remember to set the local password using the set authentication
password { cipher | simple } password command.
z
If you specify the scheme keyword to authenticate users locally or remotely
using usernames and passwords, the actual authentication mode, that is, local or
remote, depends on other related configuration.
z
If this command is executed with the command-authorization keywords
specified, authorization is performed on the TACACS server whenever you
attempt to execute a command, and the command can be executed only when
you pass the authorization. Normally, a TACACS server contains a list of the
commands available to different users.
If you specify to perform local authentication when a user logs in through the Console
port, a user can log into the switch with the password not configured. But for a VTY
user interface, a password is needed for a user to log into the switch through it under
the same circumstance.
By default, users logging in through the Console port are not authenticated, whereas
modem users and Telnet users are authenticated.
1-1
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Example
# Configure to authenticate users using the local password on the AUX interface.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux 0
[3Com-ui-aux0] authentication-mode password
1.1.2 auto-execute command
Syntax
auto-execute command text
undo auto-execute command
View
User interface view
Parameter
text: Command to be executed automatically.
Description
Use the auto-execute command command to set the command that is executed
automatically after a user logs in.
Use the undo auto-execute command command to disable the specified command
from being automatically executed.
Normally, the telnet command is specified to be executed automatically to enable the
user to Telnet to a specific network device automatically.
By default, no command is automatically executed.
Caution:
z
The auto-execute command command may cause you unable to perform
common configuration in the user interface, so use it with caution.
z
Before executing the auto-execute command command and save your
configuration, make sure you can log into the switch in other modes and cancel the
configuration.
1-2
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Example
# Configure the telnet 10.110.100.1 command to be executed automatically after
users log into VTY 0.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface vty 0
[3Com-ui-vty0] auto-execute command telnet 10.110.100.1
% This action will lead to configuration failure through ui-vty0. Are you
sure?[Y/N]y
1.1.3 databits
Syntax
databits { 7 | 8 }
undo databits
View
User interface view
Parameter
7: Sets the data bits to 7.
8: Sets the data bits to 8.
Description
Use the databits command to set the databits for the user interface.
Use the undo databits command to revert to the default data bits.
Execute these two commands in AUX user interface view only.
The default data bits is 8.
Example
# Set the data bits to 7.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux 0
[3Com-ui-aux0] databits 7
1.1.4 display user-interface
Syntax
display user-interface [ type number | number ] [ summary ]
1-3
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
View
Any view
Parameter
type: User interface type.
number: User interface number.
summary: Displays the summary information about a user interface.
Description
Use the display user-interface command to display the information about a
specified user interface or all user interfaces. If the summary keyword is not specified,
this command displays user interface type, absolute/relative user interface number,
transmission speed, available command level, authentication mode, and physical
position. If the summary keyword is specified, this command displays the number
and type of the user interfaces, including those that are in use and those that are not
in use.
Example
# Display the information about user interface 0.
<3Com> display user-interface 0
Idx
F 0
Type
Tx/Rx
Modem Privi Auth
AUX 0
9600
-
3
Int
N
-
+
: Current user-interface is active.
F
: Current user-interface is active and work in async mode.
Idx
: Absolute index of user-interface.
Type : Type and relative index of user-interface.
Privi: The privilege of user-interface.
Auth : The authentication mode of user-interface.
Int
: The physical location of UIs.
A
: Authenticate use AAA.
N
: Current UI need not authentication.
P
: Authenticate use current UI's password.
Table 1-1 Descriptions on the fields of the display user-interface command
Filed
Description
+
The user interface is in use.
F
The user interface operates in asynchronous mode.
Idx
The absolute index of the user interface
Type
User interface type and the relative index
1-4
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Filed
Description
Tx/Rx
Transmission speed of the user interface
Modem
Indicates whether or not a modem is used.
Privi
Available command level
Auth
Authentication mode
Int
Physical position of the user interface
A
The current user is authenticated by AAA.
N
Users are not authenticated.
P
Users need to provide passwords to pass the authentication.
# Display the summary information about the user interface.
<3Com>display user-interface summary
User interface type : [AUX]
0:UXXX XXXX
User interface type : [VTY]
8:UUUU X
5 character mode users.
(U)
8 UI never used.
(X)
5 total UI in use
1.1.5 display users
Syntax
display users [ all ]
View
Any view
Parameter
all: Displays the information about all user interfaces.
Description
Use the display users command to display the information about user interfaces. If
you do not specify the all keyword, only the information about the current user
interface is displayed.
Example
# Display the information about the current user interface.
1-5
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
<3Com> display users
UI
F 0
1
AUX 0
VTY 0
Delay
Type
Ipaddress
Username
00:00:00
00:06:08
TEL
Userlevel
3
192.168.0.3
+
: Current operation user.
F
: Current operation user work in async mode.F 0
AUX 0
00:00:00
Table 1-2 Descriptions on the fields of the display users command
Field
Description
F
The information is about the current user interface, and the
current user interface operates in asynchronous mode.
UI
The numbers in the left sub-column are the absolute user
interface indexes, and those in the right sub-column are the
relative user interface indexes.
Delay
The period (in seconds) the user interface idles for.
Type
User type
IPaddress
The IP address form which the user logs in.
Username
The login name of the user that logs into the user interface.
Userlevel
The level of the commands available to the users logging into
the user interface
+
The user interface is in use.
1.1.6 flow-control
Syntax
flow-control { hardware | none | software }
undo flow-control
View
User interface view
Parameter
hardware: Performs hardware flow control.
none: Performs no flow control.
software: Performs software flow control.
1-6
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Description
Use the flow-control command to configure the flow control mode of the user
interface.
Use the undo flow-control command to restore the default flow control mode of the
user interface.
By default, flow control is not performed.
This command can only be executed in AUX user interface view.
Example
# Set flow control mode to software flow control.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux 0
[3Com-ui-aux0] flow-control software
1.1.7 free user-interface
Syntax
free user-interface [ type ] number
View
User view
Parameter
type: User interface type.
number: Index of the user interface. This argument can be an absolute user interface
index (if you do not provide the type argument) or a relative user interface index (if you
provide the type argument).
Description
Use the free user-interface command to release a specified user interface. If you
execute this command, the corresponding user interface will be disconnected.
Note that the current user interface cannot be released.
Example
# Release user interface VTY 0.
<3Com> free user-interface vty 0
Are you sure you want to free user-interface vty0 [Y/N]? y
[OK]
1-7
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
After you execute this command, user interface VTY 0 will be disconnected. The user
in it must log in again to connect to the switch.
1.1.8 header
Syntax
header [ incoming | login | shell ] text
undo header { incoming | login | shell }
View
System view
Parameter
Incoming: Sets the login banner for users that log in through modems. If you specify
to authenticate login users, the banner appears after a user passes the authentication.
(The session does not appear in this case.)
login: Sets the login banner. The banner set by this keyword is valid only when users
are authenticated before they log into the switch and appears while the switch
prompts for user name and password.
shell: Sets the session banner, which appears after a session is established. If you
specify to authenticate login users, the banner appears after a user passes the
authentication.
text: Banner to be displayed. If no keyword is specified, this argument is the login
banner. You can provide this argument in two ways. One is to enter the banner in the
same line as the command (A command line can accept up to 255 characters.) The
other is to enter the banner in multiple lines (you can start a new line by pressing
,) where you can enter a banner that can contain up to 2000 characters
(including the invisible characters). Note that the first character is the beginning
character and the end character of the banner. After entering the end character, you
can press to exit the interaction.
Description
Use the header command to set the banners that are displayed when a user logs into
a switch. The login banner is displayed on the terminal when the connection is
established. And the session banner is displayed on the terminal if a user successfully
logs in.
Use the undo header command to disable displaying a specific banner or all
banners.
Note that if you specify any one of the three keywords without providing the text
argument, the specified keyword will be regarded as the login information.
1-8
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
You can specify the banner in the following three ways, each of which requires that
the first character and the last character of the banner be the same.
z
Enter the banner in multiple lines. If you only type one character in the first line of
a banner, the character and the last character do not act as part of the banner.
The following gives an example of this way.
[3Com] header shell 0
Input banner text, and quit with the character '0'.
Welcome!0
When you log in the next time, “Welcome!” is displayed as the banner. The beginning
character and the end character (character 0) do not appear.
z
Enter the banner in multiple lines. If you type multiple characters in the first line of
a banner and the beginning and the end characters of the banner in this line are
not the same, the beginning character is part of the banner. The following is an
example.
[3Com] header shell hello
Input banner text, and quit with the character 'h'.
my friend !
h
When you log in the next time, “hello” and “my friend !“ is displayed respectively in two
lines as the banner. The beginning character “h” appears in the banner.
z
Enter the banner in a single line. You can also specify the banner in a single line.
In this case, the banner does contain the beginning and the end character. The
following is an example.
[3Com] header shell 0welcome,my friend!0
When you log in the next time, “welcome, my friend!” is displayed as the banner.
Example
# Set the session banner.
Option 1: Enter the banner in the same line as the command.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] header shell %SHELL: Hello! Welcome%
(Make sure the beginning and end characters of the banner are the same.)
When you log in the next time, the session banner appears on the terminal as the
following:
[3Com] quit
<3Com> quit
Please press ENTER
SHELL: Hello! Welcome
1-9
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
(The beginning and end characters of the banner are not displayed.)
<3Com>
Option 2: Enter the banner in multiple lines.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] header shell %SHELL:
(Following appears after you press :)
Input banner text, and quit with the character '%'.
Continue entering the banner and end the banner with the character identical with the
beginning character of the banner.
Hello! Welcome %
(Press .)
[3Com]
When you log in the next time, the session banner appears on the terminal as the
following:
[3Com] quit
<3Com> quit
Please press ENTER
%SHELL:
(Note that the beginning character of the banner appears.)
Hello! Welcome
<3Com>
1.1.9 history-command max-size
Syntax
history-command max-size value
undo history-command max-size
View
User interface view
Parameter
value: Size of the history command buffer. This argument ranges from 0 to 256 and
defaults to 10. That is, the history command buffer can store 10 commands by default.
Description
Use the history-command max-size command to set the size of the history
command buffer.
1-10
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Use the undo history-command max-size command to revert to the default history
command buffer size.
Example
# Set the size of the history command buffer of AUX 0 to 20 to enable it to store up to
20 commands.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux 0
[3Com-ui-aux0] history-command max-size 20
1.1.10 idle-timeout
Syntax
idle-timeout minutes [ seconds ]
undo idle-timeout
View
User interface view
Parameter
minutes: Number of minutes. This argument ranges from 0 to 35,791.
seconds: Number of seconds. This argument ranges from 0 to 59.
Description
Use the idle-timeout command to set the timeout time. The connection to a user
interface is terminated if no operation is performed in the user interface within the
timeout time.
Use the undo idle-timeout command to revert to the default timeout time.
You can use the idle-timeout 0 command to disable the timeout function.
The default timeout time is 10 minutes.
Example
# Set the timeout time of AUX 0 to 1 minute.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux 0
[3Com-ui-aux0] idle-timeout 1 0
1-11
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
1.1.11 lock
Syntax
lock
View
User view
Parameter
None
Description
Use the lock command to lock the current user interface to prevent unauthorized
operations in the user interface.
With the execution of this command, the system prompts to enter and confirm the
password, and then locks the user interface. You can set the password in the range of
1 to 16 characters.
Enter the correct password to cancel the lock. If your password contains more than 16
characters, the system will cancel the lock as long as the first 16 characters are
matched.
Example
# Lock the current user interface.
<3Com> lock
Password:
Again:
locked !
1.1.12 modem
Syntax
modem [ call-in | both ]
undo modem [ call-in | both ]
View
User interface view
Parameter
call-in: Permits call in.
both: Permits both call in and call out.
1-12
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Description
Use the modem command to configure the both attribute of the Modem.
Use the undo modem command to disable the both configuration.
Both call in and call out are allowed when the modem command is executed without
any keyword.
Both call in and call out are disabled when the undo modem command is executed
without any keyword.
The command can only be executed in AUX user interface view.
Example
# Enable Modem call in and call out.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux 0
[3Com-ui-aux0] modem both
1.1.13 modem auto-answer
Syntax
modem auto-answer
undo modem auto-answer
View
User interface view
Parameter
None
Description
Use the modem auto-answer command to set the answer mode to auto answer.
Use the undo modem auto-answer command to set the answer mode to manual
answer.
By default, manual answer mode is adopted.
The command can only be executed in AUX user interface view.
Example
# Set the answer mode of Modem to auto answer.
<3Com> system-view
System View: return to User View with Ctrl+Z.
1-13
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
[3Com] user-interface aux 0
[3Com>-ui-aux0] modem auto-answer
1.1.14 modem timer answer
Syntax
modem timer answer seconds
undo modem timer answer
View
User interface view
Parameter
seconds: Waiting timeout time, in seconds, ranging from 1 to 60.The default value is
30 seconds.
Description
Use the modem timer answer to configure the carrier detection timeout time after
off-hook during call-in connection setup.
Use the undo modem timer answer command to restore the default timeout time.
The command can only be executed in AUX user interface view.
Example
# Set the timeout time to 45 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux 0
[3Com-ui-aux0] modem timer answer 45
1.1.15 parity
Syntax
parity { even | mark | none | odd | space }
undo parity
View
User interface view
Parameter
mark: Performs mark checks.
even: Performs even checks.
1-14
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
none: Does not check.
odd: Performs odd checks.
space: Performs space checks.
Description
Use the parity command to set the check mode of the user interface.
Use the undo parity command to revert to the default check mode.
Use these two commands in AUX user interface view only.
No check is performed by default.
Example
# Set to perform even checks.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux 0
[3Com-ui-aux0] parity even
1.1.16 protocol inbound
Syntax
protocol inbound { all | ssh | telnet }
View
User interface view
Parameter
all: Supports both Telnet protocol and SSH protocol.
ssh: Supports SSH protocol.
telnet: Supports Telnet protocol.
Description
Use the protocol inbound command to specify the protocols supported by the user
interface.
Both Telnet protocol and SSH protocol are supported by default.
Related command: user-interface vty.
Example
# Configure that only SSH protocol is supported in VTY 0.
<3Com> system-view
1-15
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
System View: return to User View with Ctrl+Z.
[3Com] user-interface vty 0
[3Com-ui-vty0] protocol inbound ssh
1.1.17 screen-length
Syntax
screen-length screen-length
undo screen-length
View
User interface view
Parameter
screen-length: Number of lines the screen can contain. This argument ranges from 0
to 512 and defaults to 24.
Description
Use the screen-length command to set the number of lines the terminal screen can
contain.
Use the undo screen-length command to revert to the default number of lines.
By default, the terminal screen can contain up to 24 lines.
You can use the screen-length 0 command to disable the function to display
information in pages.
Example
# Set the number of lines the terminal screen can contain to 20.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux0
[3Com-ui-aux0] screen-length 20
1.1.18 send
Syntax
send { all | number | type number }
View
User view
1-16
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Parameter
all: Sends messages to all user interfaces.
type: User interface type.
number: Absolute or relative index of the user interface.
Description
Use the send command to send messages to a specified user interface or all user
interfaces.
Example
# Send “hello” to all user interfaces.
<3Com> send all
Enter message, end with CTRL+Z or Enter; abort with CTRL+C:
hello^Z
Send message? [Y/N]y
1.1.19 service-type
Syntax
service-type { ftp [ ftp-directory directory ] | lan-access | { ssh | telnet | terminal }*
[ level level ] }
undo service-type { ftp [ ftp-directory ] | lan-access | { ssh | telnet | terminal }* }
View
Local user view
Parameter
ftp: Specifies the users to be of FTP type.
ftp-directory directory: Specifies the path for FTP users. The directory argument is a
string up to 64 characters.
lan-access: Specifies the users to be of LAN-access type, which normally means
Ethernet users, such as 802.1x users.
ssh: Specifies the users to be of SSH type.
telnet: Specifies the users to be of Telnet type.
terminal: Makes Terminal services available to users logging in through the Console
port.
level level: Specifies the user level for Telnet users, Terminal users, or SSH users.
The level argument ranges from 0 to 3 and defaults to 0.
1-17
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Description
Use the service-type command to specify the login type and the corresponding
available command level.
Use the undo service-type command to cancel login type configuration.
Commands fall into four command levels: access, monitor, system, and
administration, which are described as follows:
z
Access level: Commands of this level are used to diagnose network and change
the language mode of user interface, such as the ping, tracert, and
language-mode command. The Telnet command is also of this level.
Commands of this level cannot be saved in configuration files.
z
Monitor level: Commands of this level are used to maintain the system, to debug
service problems, and so on. The display and debugging command are of
monitor level. Commands of this level cannot be saved in configuration files.
z
System level: Commands of this level are used to configure services.
Commands concerning routing and network layers are of system level. You can
utilize network services by using these commands.
z
Administration level: Commands of this level are for the operation of the entire
system and the system supporting modules. Services are supported by these
commands. Commands concerning file system, file transfer protocol (FTP),
trivial file transfer protocol (TFTP), downloading using XModem, user
management, and level setting are of administration level.
Example
# Configure commands of level 0 are available to the users logging in using the user
name of “zbr”.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] local-user zbr
[3Com-luser-zbr] service-type telnet level 0
# To verify the above configuration, you can quit the system, log in again using the
user name of “zbr”, and then list the available commands, as listed in the following.
[3Com] quit
<3Com> ?
User view commands:
cluster
Run cluster command
debugging
Enable system debugging functions
language-mode
Specify the language environment
ping
Send echo messages
quit
Exit from current command view
super
Privilege the current user a specified priority level
1-18
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
telnet
Establish one TELNET connection
tracert
Trace route function
undo
Cancel current setting
1.1.20 set authentication password
Syntax
set authentication password { cipher | simple } password
undo set authentication password
View
User interface view
Parameter
cipher: Specifies to display the local password in encrypted text when you display the
current configuration.
simple: Specifies to display the local password in plain text when you display the
current configuration.
password: Password. The password must be in plain text if you specify the simple
keyword in the set authentication password command. If you specify the cipher
keyword, the password can be in either encrypted text or plain text. When you enter
the password in plain text containing up to 16 characters (such as 123), the system
converts the password to the corresponding 24-character encrypted password (such
as 7-CZB#/YX]KQ=^Q`MAF4<1!!). Make sure you are aware of the corresponding
plain
password
if
you
enter
the
password
in
ciphered
text
(such
as
7-CZB#/YX]KQ=^Q `MAF4<1!!).
Description
Use the set authentication password command to set the local password.
Use the undo set authentication password command to remove the local
password.
Note that only plain text passwords are expected when users are authenticated.
Note:
By default, modem users and Telnet users need to provide their passwords to log in. If
no password is set, the “Login password has not been set !” message appears on the
terminal when users log in.
1-19
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Example
# Set the local password of VTY 0 to “123”.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface vty 0
[3Com-ui-vty0] set authentication password simple 123
1.1.21 shell
Syntax
shell
undo shell
View
User interface view
Parameter
None
Description
Use the shell command to make terminal services available for the user interface.
Use the undo shell command to make terminal services unavailable to the user
interface.
By default, terminal services are available in all user interfaces.
Note the following when using the undo shell command:
z
This command is available in all user interfaces except the AUX (Console) user
interface.
z
This command is unavailable in the current user interface.
z
This command prompts for confirmation when being executed in any valid user
interface.
Example
# Log into user interface 0 and make terminal services unavailable in VTY 0 through
VTY 4.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface vty 0 4
[3Com-ui-vty0-4] undo shell
1-20
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
1.1.22 speed
Syntax
speed speed-value
undo speed
View
User interface view
Parameter
speed-value: Transmission speed (in bps). This argument can be 300, 600, 1200,
2400, 4800, 9600, 19,200, 38,400, 57,600, and 115,200 and defaults to 9,600.
Description
Use the speed command to set the transmission speed of the user interface.
Use the undo speed command to revert to the default transmission speed.
Use these two commands in the AUX user interface view only.
Example
# Set the transmission speed of the AUX user interface to 115,200 bps.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux 0
[3Com-ui-aux0] speed 115200
1.1.23 stopbits
Syntax
stopbits { 1 | 1.5 | 2 }
undo stopbits
View
User interface view
Parameter
1: Sets the stop bits to 1.
1.5: Sets the stop bits to 1.5.
2: Sets the stop bits to 2.
1-21
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Description
Use the stopbits command to set the stop bits of the user interface.
Use the undo stopbits command to revert to the default stop bits.
Use these two commands in the AUX user interface only.
By default, the stop bits is 1.
Note:
Changing the value of the stop bits does not affect the communications.
Example
# Set the stop bits to 2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface aux 0
[3Com-ui-aux0] stopbits 2
1.1.24 sysname
Syntax
sysname string
undo sysname
View
System view
Parameter
string: Domain name of the switch. This argument can contain 1 to 30 characters and
defaults to “3Com”.
Description
Use the sysname command to set a domain name for the switch.
Use the undo sysname command to revert to the default domain name.
The CLI prompt reflects the domain name of a switch. For example, if the domain
name of a switch is “3Com”, then the prompt of user view is <3Com>.
Example
# Set the domain name of the switch to “ABC”.
1-22
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] sysname ABC
[ABC]
1.1.25 telnet
Syntax
telnet { hostname | ip-address } [ service-port ]
View
User view
Parameter
hostname: Host name of the remote switch. You can use the ip host command to
assign a host name to a switch.
ip-address: IP address of the remote switch.
service-port: TCP port number of the port that provides Telnet service on the switch.
This argument ranges from 0 to 65,535.
Description
Use the telnet command to Telnet to another switch from the current switch to
manage the former remotely. You can terminate a Telnet connection by pressing or by executing the quit command.
The default TCP port number is 23.
Related command: display tcp status, and ip host.
Example
# Telnet to the switch with the host name of 3Com2 and IP address of 129.102.0.1
from the current switch (with the host name of 3Com1).
<3Com1> telnet 129.102.0.1
Trying 129.102.0.1 ...
Press CTRL+K to abort
Connected to 129.102.0.1 ...
<3Com2>
1.1.26 user-interface
Syntax
user-interface [ type ] first-number [ last-number ]
1-23
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
View
System view
Parameter
type: User interface type.
first-number: User interface index, which identifies the first user interface to be
configured.
last-number: User interface index, which identifies the last user interface to be
configured.
Description
Use the user-interface command to enter one or more user interface views to
perform configuration.
Example
# Enter VTY 0 user interface view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface vty 0
[3Com-ui-vty0]
1.1.27 user privilege level
Syntax
user privilege level level
undo user privilege level
View
User interface view
Parameter
level: Command level ranging from 0 to 3.
Description
Use the user privilege level command to configure the command level available to
the users logging into the user interface.
Use the undo user privilege level command to revert to the default command level.
By default, the commands of level 3 are available to the users logging into the AUX
user interface. The commands of level 0 are available to the users logging into VTY
user interfaces.
1-24
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 1 Login Commands
Example
# Configure that commands of level 0 are available to the users logging into VTY 0.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface vty 0
[3Com-ui-vty0] user privilege level 0
# You can verify the above configuration by Telneting to VTY 0 and displaying the
available commands, as listed in the following.
<3Com> ?
User view commands:
cluster
Run cluster command
debugging
Enable system debugging functions
language-mode
Specify the language environment
ping
Send echo message
quit
Exit from current command view
super
Privilege current user a specified priority level
telnet
Establish one TELNET connection
tracert
Trace route function
undo
Cancel current setting
1-25
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 2 Commands for User Control
Chapter 2 Commands for User Control
2.1 Commands for Controlling Logging in Users
2.1.1 acl
Syntax
acl acl-number { inbound | outbound }
undo acl { inbound | outbound }
View
User interface view
Parameter
acl-number: ACL number ranging from 2,000 to 3,999.
inbound: Filters the users Telneting to the current switch.
outbound: Filters the users Telneting to other switches from the current switch.
Description
Use the acl command to apply an ACL to filter Telnet users.
Use the undo acl command to disable the switch from filtering Telnet users using the
ACL.
By default, Telnet users are not filtered by ACLs.
Example
# Apply ACL 2000 to filter users Telneting to the current switch (assuming that ACL
2,000 already exists.)
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface vty 0 4
[3Com-ui-vty0-4] acl 2000 inbound
2.1.2 snmp-agent community
Syntax
snmp-agent community { read | write } community-name [ mib-view view-name |
acl acl-number ]*
undo snmp-agent community community-name
2-1
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 2 Commands for User Control
View
System view
Parameter
read: Specifies that the community has read-only permission in the specified view.
Write: Specifies that the community has read/write permission in the specified view.
community-name: Community name. A string ranges from 1 to 32 characters.
mib-view: Sets the name of the MIB view accessible to the community.
view-name: MIB view name, 1 to 32 characters long.
acl acl-number: Specifies the ACL number. The acl-number argument ranges from
2,000 to 2,999.
Description
Use the snmp-agent community command to set a community name and to enable
users to access the switch through SNMP. You can also optionally use this command
to apply an ACL to filter network management users.
Use the undo snmp-agent community command to cancel community-related
configuration for the specified community.
By default, SNMPv1 and SNMPv2c access a switch by community names.
Example
# Set the community name to “h123”, enable users to access the switch in the name
of the community (with read-only permission), and apply ACL 2,000 to filter network
management users (assuming that ACL 2000 already exists.)
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent community read h123 acl 2000
2.1.3 snmp-agent group
Syntax
snmp-agent group { v1 | v2c } group-name [ read-view read-view ] [ write-view
write-view ] [ notify-view notify-view ] [ acl acl-number ]
undo snmp-agent group { v1 | v2c } group-name
snmp-agent group v3 group-name [ authentication | privacy ] [ read-view
read-view ] [ write-view write-view ] [ notify-view notify-view ] [ acl acl-number ]
undo snmp-agent group v3 group-name [ authentication | privacy ]
2-2
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 2 Commands for User Control
View
System view
Parameter
v1: Specifies to adopt v1 security scheme.
v2c: Specifies to adopt v2c security scheme.
v3: Specifies to adopt v3 security scheme.
group-name: Group name. This argument can be of 1 to 32 characters.
authentication: Specifies to authenticate SNMP data without encrypting the data.
privacy: Authenticates and encrypts packets.
read-view: Sets a read-only view.
read-view: Name of the view to be set to read-only. This argument can be of 1 to 32
characters.
write-view: Sets a readable & writable view.
write-view: Name of the view to be set to readable & writable. This argument can be of
1 to 32 characters.
notify-view: Sets a notifying view.
notify-view: Name of the view to be set to a notifying view. This argument can be of 1
to 32 characters.
acl acl-number: Specifies an ACL. The acl-number argument ranges from 2,000 to
2,999.
Description
Use the snmp-agent group command to create a SNMP group. You can also
optionally use this command to apply an ACL to filter network management users.
Use the undo snmp-agent group command to remove a specified SNMP group.
By default, the snmp-agent group v3 group-name command is provided without the
authentication and privacy keyword. That is, the switch does not authenticate or
encrypt the specified group.
Example
# Create a SNMP group named “h123” and apply ACL 2001 to filter network
management users (assuming that ACL 2001 already exists).
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent group v1 h123 acl 2001
2-3
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 2 Commands for User Control
2.1.4 snmp-agent usm-user
Syntax
snmp-agent usm-user { v1 | v2c } user-name group-name [ acl acl-number ]
undo snmp-agent usm-user { v1 | v2c } user-name group-name
snmp-agent usm-user v3 user-name group-name [ authentication-mode { md5 |
sha } auth-password ] [ privacy des56 priv-password ] [ acl acl-number ]
undo snmp-agent usm-user v3 user-name group-name { local | engineid
engineid-string }
View
System view
Parameter
v1: Specifies to adopt V1 security scheme.
v2c: Specifies to adopt V2 security scheme.
v3: Specifies to adopt V3 security scheme.
user-name: User name. This argument can be of 1 to 32 characters.
group-name: Group name the user corresponds to. This argument can be of 1 to 32
characters.
authentication-mode: Specifies to authenticate users.
md5: Specifies the authentication protocol to be HMAC-MD5-96.
sha: Specifies the authentication protocol to be HMAC-SHA-96.
auth-password: Authentication password. This argument can be of 1 to 64 characters.
privacy: Specifies to encrypt data.
des56: Specifies the encrypting protocol to be DES.
priv-password: Encrypting password string. This argument can be of 1 to 64
characters.
acl acl-number: Specifies the ACL number. The acl-number argument ranges from
2,000 to 2,999.
local: Specifies the user to be a local user entity.
engineid: Specifies the ID of the engine associated with the user.
engineid-string: Engine ID, a string comprising 10 to 64 characters.
2-4
3Com Switch 7750 Series
Command Reference Guide – Login
Chapter 2 Commands for User Control
Description
Use the snmp-agent usm-user command to add a user to a specified SNMP group.
You can also optionally use this command to apply an ACL to filter network
management users.
Use the undo snmp-agent usm-user command to remove a user from the
corresponding SNMP group. The operation also frees the user from the
corresponding ACL-related configuration.
Example
# Add the user named “3Com” to the SNMP group named “3Comgroup”, specifying to
authenticate the user, specifying the authentication protocol to be HMAC-MD5-96, the
authentication password to be “3Com”, and applying ACL 2002 to filter network
management users (assuming that ACL 2002 already exists).
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent usm-user v3 3Com 3Comgroup authentication-mode md5 3Com acl
2002
2-5
3Com Switch 7750 Series
Command Reference Guide – Configuration File Management
Table of Contents
Table of Contents
Chapter 1 Configuration File Management Commands ............................................................ 1-1
1.1 Configuration File Management Commands ..................................................................... 1-1
1.1.1 display current-configuration ................................................................................... 1-1
1.1.2 display saved-configuration..................................................................................... 1-7
1.1.3 display this............................................................................................................... 1-8
1.1.4 display startup ......................................................................................................... 1-9
1.1.5 reset saved-configuration...................................................................................... 1-10
1.1.6 save....................................................................................................................... 1-11
1.1.7 startup saved-configuration................................................................................... 1-12
i
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
Chapter 1 Configuration File Management
Commands
1.1 Configuration File Management Commands
1.1.1 display current-configuration
Syntax
display current-configuration [ [ controller | interface [ interface-type
[ interface-number ] ] | configuration [ configuration ] ] [ | { begin | exclude |
include } text ] ] | [ vlan [ vlan-id ] ]
View
Any view
Parameter
controller: View the configuration information of controllers.
interface: View the configuration information of interfaces.
interface-type: Type of the interface, which may be Aux, GigabitEthernet, NULL,
Vlan-interface, or M-Ethernet.
interface-number: Number of the interface.
configuration configuration: View the configuration information excluding the port
information. The value of the configuration argument is the keyword of the
configuration on the switch, such as:
z
acl-adv: Views the configuration information of advanced ACLs.
z
ospf: Views the configuration information of the OSPF protocol.
z
system: Views the name of the host.
z
timerange: Views the configuration information of the time range.
The optional configuration keywords are available only after the related functions are
enabled on the switch.
vlan [ vlan-id ]: Displays the VLAN configuration in the system. If the vlan-id
argument is not specified, the configuration information of all VLANs in the system is
displayed; if the vlan-id argument is specified, the configuration information of the
specified VLAN is displayed.
|: Filters the configuration information to be output via the regular expression.
begin: Displays the configuration beginning with the specified characters.
1-1
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
exclude: Displays the configuration excluding the specified characters.
include: Displays the configuration including the specified characters.
text: Text included in a configuration item, expressed in a regular expression. .
Table 1-1 Description on the special characters in the regular expression
Character
Meaning
Description
If the first character of a
regular expression is not “_”,
the number of the underline
characters
in
a
regular
expression is only limited by
the length of a command line.
Underline,
represent
_
which
the
can
following
characters: (^|$|[,{}]), space,
starting
character,
and
ending character.
If the first character of a
regular
expression
is
“_”,
there can be up to four other
successive
underline
characters following it.
If the underline characters are
not successive, only the first
underline character group is
matched.
The
subsequent
underline groups are ignored.
(
Left
parenthesis,
push-in-stack signal
You are not recommended to
use this character in a regular
expression.
Period. A wildcard, it can
.
represent
any
single
—
character, including spaces.
Asterisk. It means that the
*
preceding
sub-expression
can be matched for zero or
zo* matches “z” and “zoo”.
multiple times.
Plus sign. It means that the
+
preceding
sub-expression
can be matched for one or
multiple times.
1-2
zo+ matches "zo" and “zoo”,
but not "z".
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
Description
Use the display current-configuration command to display the currently effective
configuration parameters of the switch.
By default, if some running configuration parameters are the same with the default
operational parameters, they will not be displayed.
If a user needs to authenticate whether the configurations are correct after finishing a
set of configuration, the display current-configuration command can be used to
display the running parameters. Although the user has configured some parameters,
but the related functions are not effective, they are not displayed.
When there is much configuration information, you can use the regular expression to
filter the output information. For specific rules about the regular expression, refer to
the corresponding operation manual.
Related
command:
save,
reset
saved-configuration
saved-configuration.
Example
# View the running configuration parameters of the switch.
<3Com> display current-configuration
#
sysname 3Com
#
radius scheme system
server-type nec
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
domain system
radius-scheme system
access-limit disable
state active
idle-cut disable
domain default enable system
#
local-server nas-ip 127.0.0.1 key hello
#
router id 2.2.2.2
#
stp timer hello 500
#
1-3
and
display
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
vlan 1
#
vlan 2
#
interface Vlan-interface1
#
interface Vlan-interface2
ip address 10.1.1.2 255.255.255.0
#
interface Aux0/0
#
interface Ethernet1/0/1
duplex full
speed 1000
port access vlan 2
#
interface Ethernet1/0/2
#
interface Ethernet1/0/3
#
interface Ethernet1/0/4
#
interface Ethernet2/0/1
port access vlan 2
#
interface Ethernet2/0/2
#
interface Ethernet2/0/3
#
interface Ethernet2/0/4
#
interface NULL0
#
ospf
#
area 0.0.0.0
network 10.1.1.0 0.0.0.255
#
user-interface aux 0
user-interface vty 0 4
#
return
1-4
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
# View configuration information of all the VLANs.
<3Com> display current-configuration vlan
#
vlan 1
description TestVlan1
igmp-snooping enable
#
vlan 10
description testVlan10
igmp-snooping enable
#
vlan 100
description testVlan100
#
vlan 1000
description testVlan1000
#
return
# View configuration information of the VLAN1.
<3Com> display current-configuration vlan 1
#
vlan 1
description TestVlan1
igmp-snooping enable
#
return
# View the lines containing the character string “10*” in the configuration information.
The “*” indicates that the “0” before it can appear 0 times or multiple consecutive
times.
<3Com> display current-configuration | include 10*
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
local-server nas-ip 127.0.0.1 key hello
vlan 1
interface Vlan-interface1
ip address 10.1.1.2 255.255.255.0
interface Ethernet1/0/1
speed 1000
interface Ethernet1/0/2
interface Ethernet1/0/3
interface Ethernet1/0/4
1-5
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
interface Ethernet2/0/1
network 10.1.1.0 0.0.0.255
# View configuration information beginning with “user”.
<3Com> display current-configuration | include ^user
user-interface aux 0
user-interface vty 0 4
# View the configuration information except the port configuration.
<3Com> display current-configuration configuration
#
sysname 3Com
#
radius scheme system
server-type nec
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
domain system
radius-scheme system
access-limit disable
state active
idle-cut disable
domain default enable system
#
local-server nas-ip 127.0.0.1 key hello
#
router id 2.2.2.2
#
stp timer hello 500
#
ospf
#
area 0.0.0.0
network 10.1.1.0 0.0.0.255
#
user-interface aux 0
user-interface vty 0 4
#
return
1-6
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
1.1.2 display saved-configuration
Syntax
display saved-configuration
View
Any view
Parameter
None
Description
Use the display saved-configuration command to view the configuration files
saved in the flash memory of the Ethernet Switch.
If the Ethernet Switch works abnormally after startup, execute the display
saved-configuration command to view the startup configuration of the Ethernet
Switch.
Related
command:
save,
reset
saved-configuration,
current-configuration.
Example
# Display configuration files in flash memory of the Ethernet Switch.
<3Com> display saved-configuration
#
sysname 3Com
#
local-user abc password simple abc
#
tcp window 8
#
interface Aux7/0/1
link-protocol ppp
#
interface Ethernet4/0/1
#
interface Ethernet4/0/2
#
interface Ethernet4/0/3
ip address 10.110.101.17 255.255.255.0
#
interface NULL0
1-7
display
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
#
ospf 1
#
ip route-static 10.12.0.0 255.255.0.0 Ethernet 12/0/0
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode none
#
return
The configurations listed above are global configuration, port configuration and user
interface configuration respectively.
1.1.3 display this
Syntax
display this
View
Any view
Parameter
None
Description
Use the display this command to display the running configuration of the current
view. If you need to authenticate whether the configurations is correct after you have
finished a set of configurations under a view, you can use the display this command
to view the running parameters.
Some effective parameters are not displayed if they are the same with the default
ones, while some parameters, though have been configured by the user, if their
related functions are not effective, are not displayed either.
Associated configuration of the interface is displayed when executing the command
in different interface views; related configuration of the protocol view is displayed
when executing this command in different protocol views; and all the configuration of
the protocol view is displayed when executing this command in protocol sub-views.
Related
command:
save,
reset,
saved-configuration,
current-configuration, display saved-configuration.
1-8
display
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
Example
# Display the running configuration parameters in system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] display this
#
sysname 3Com S6506R
#
ftp server enable
ftp timeout 36
#
local-server nas-ip 127.0.0.1 key 3Com
#
domain default enable system
#
undo slave auto-update config
#
temperature-limit 1 10 70
temperature-limit 3 10 80
temperature-limit 5 10 70
#
poe power max-value 2400
#
priority-trust cos
#
return
1.1.4 display startup
Syntax
display startup
View
Any view
Parameter
None
Description
Use the display startup command to display the configuration file names used for
the current and the next start-ups.
1-9
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
Related command: startup saved-configuration.
Example
# Display the configuration filenames used for the current and the next start-ups.
<3Com> display startup
MainBoard:
Startup saved-configuration file:
flash:/vrpcfg.cfg
Next startup saved-configuration file:
flash:/vrpcfg.cfg
1.1.5 reset saved-configuration
Syntax
reset saved-configuration
View
User view
Parameter
None
Description
Use the reset saved-configuration command to erase configuration files from the
flash memory of the Ethernet Switch.
Perform this command with cautious. It is suggested to consult technical support
personnel first.
Generally, this command is used in the following situations:
z
After upgrade of software, configuration files in flash memory may not match the
new version's software. Perform reset saved-configuration command to erase
the old configuration files.
z
If a used Ethernet Switch is applied to the new circumstance and the original
configuration files cannot meet the new requirements, the Ethernet Switch
should be configured again. Erase the original configuration files for
reconfiguration.
If the configuration files do not exist in the flash memory when Ethernet Switch is
electrified and initialized, it will enter setup switch view automatically.
Related
command:
save,
display
current-configuration,
saved-configuration.
Example
# Erase the configuration files from the flash memory of the Ethernet Switch.
1-10
display
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
<3Com> reset saved-configuration
The saved configuration will be erased.
Are you sure?[Y/N]y
Configuration in flash memory is being cleared.
Please wait ...
....
Configuration in flash memory is cleared.
1.1.6 save
Syntax
save [ file-name | safely ]
View
User view
Parameter
file-name: File name with the extension name “.cfg”, a character string of 5 to 56
characters.
safely: Saves the configuration files to the flash memory in the safely mode.
Description
Use the save command to save the current configuration files to the Flash memory.
After finishing a group of configurations and achieving corresponding functions, user
should remember to get the current configuration files stored in the flash memory.
The configured files can be saved in one of the following two ways:
z
Fast saving: in this mode, the configuration files are saved fast. However, if
restart or power-off occurs in the saving procedure, the configuration files will be
lost.
z
Safely saving: in this mode, the configuration files are saved slowly. However,
even if restart or power-off occurs in the saving procedure, the configuration
files still exist.
If the save command is executed without the safely keyword, the configuration files
are saved in the fast saving mode. If the save command is executed with the safely
keyword, the configuration files are saved in the safely saving mode.
You are recommended to adopt the fast saving mode in the conditions of stable
power and adopt the safely saving mode in the conditions of unstable power or
remote maintenance.
Related command: reset saved-configuration, display current-configuration,
display saved-configuration.
1-11
3Com Switch 7750 Series
Chapter 1 Configuration File Management
Command Reference Guide – Configuration File Management
Commands
Example
# Get the current configuration files stored in the flash memory.
<3Com> save
The configuration will be written to the device.
Are you sure?[Y/N]y
Now saving current configuration to the device.
Saving configuration flash:/vrpcfg.cfg. Please wait...
...........
Configuration is saved to flash memory successfully.
1.1.7 startup saved-configuration
Syntax
startup saved-configuration { cfgfile | device-name }
View
User view
Parameter
cfgfile: The name of the configuration file. It is a string with a length of 5 to 56
characters.
device-name: Name of the current storage device.
Description
Use the startup saved-configuration command to configure the configuration file
used for enabling the system for the next time.
The configuration file uses “.cfg” as its extension name and is saved under the root
directory of the Flash.
Related command: display startup.
Example
# Configure the configuration file for the next start-up as vrpcfg.cfg.
<3Com> startup saved-configuration vrpcfg.cfg
1-12
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Table of Contents
Table of Contents
Chapter 1 VLAN Configuration Commands................................................................................ 1-1
1.1 VLAN Configuration Commands........................................................................................ 1-1
1.1.1 broadcast-suppression............................................................................................ 1-1
1.1.2 description ............................................................................................................... 1-2
1.1.3 display interface Vlan-interface ............................................................................... 1-2
1.1.4 display vlan.............................................................................................................. 1-4
1.1.5 interface Vlan-interface ........................................................................................... 1-5
1.1.6 name ....................................................................................................................... 1-6
1.1.7 shutdown ................................................................................................................. 1-7
1.1.8 vlan.......................................................................................................................... 1-7
1.1.9 vlan to...................................................................................................................... 1-8
1.1.10 vlan all ................................................................................................................. 1-10
1.2 Port-Based VLAN Configuration Commands .................................................................. 1-11
1.2.1 port ........................................................................................................................ 1-11
1.3 Protocol-Based VLAN Configuration Commands............................................................ 1-12
1.3.1 display protocol-vlan interface............................................................................... 1-12
1.3.2 display protocol-vlan slot....................................................................................... 1-13
1.3.3 display protocol-vlan vlan...................................................................................... 1-14
1.3.4 port hybrid protocol-vlan vlan ................................................................................ 1-15
1.3.5 protocol-vlan vlan slot ........................................................................................... 1-15
1.3.6 protocol-vlan.......................................................................................................... 1-17
i
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
Chapter 1 VLAN Configuration Commands
1.1 VLAN Configuration Commands
1.1.1 broadcast-suppression
Syntax
broadcast-suppression { ratio | pps pps }
undo broadcast-suppression
View
VLAN view
Parameter
ratio: Specifies the bandwidth ratio for the maximum broadcast traffic in specific VLAN.
Its value ranges from 1 to 100 and defaults to 100. The smaller the ratio is, the less the
allowed broadcast traffic can pass.
pps pps: Specifies the maximum number of broadcast packets that can pass through a
specific VLAN per second. Its value ranges from 1 to 148800.
Description
Use the broadcast-suppression command to suppress broadcast traffic through a
VLAN.
hUse the undo broadcast-suppression command to reset the allowed
broadcast traffic through a VLAN to the default value.
By default, the switch does not suppress broadcast traffic.
When the actual broadcast traffic exceeds the specified value, the system will discard
the extra packets so that the bandwidth occupied by broadcast traffic can be kept within
a specific ratio to ensure normal network operation.
A VLAN only supports one broadcast storm suppression mode at one time. If you
configure broadcast storm suppression modes multiple times for a VLAN, the latest
configuration will overwrite the previous configuration.
Example
# Allow broadcast traffic to occupy 20% bandwidth in VLAN2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 2
[3Com-vlan2] broadcast-suppression 20
1-1
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
1.1.2 description
Syntax
description { string | text }
undo description
View
VLAN view, VLAN interface view
Parameter
string: Contiguous string describing the VLAN. It contains 1 to 32 characters without
space. The default value is the VLAN ID, for example, “VLAN 0001”.
text: Text describing the VLAN interface. It contains 1 to 80 characters and space is
allowed. The default value is the VLAN interface name, for example, “Vlan-interface1
Interface”.
Description
Use the description command to set the description string or text for the current VLAN
or VLAN interface.
Use the undo description command to restore the default description string or text.
By default, the description string of a VLAN is its VLAN ID, for example, ”VLAN 0001”;
the descriptive text of a VLAN interface is its name, for example, “Vlan-interface 1
Interface”.
Related command: display vlan, and display interface Vlan-interface.
Example
# Specify the description string of the current VLAN as “research”.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 1
[3Com-vlan1] description research
1.1.3 display interface Vlan-interface
Syntax
display interface Vlan-interface [ vlan-id ]
View
Any view
1-2
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
Parameter
vlan-id: ID of the specific VLAN interface.
Description
Use the display interface Vlan-interface command to display the related information
of a VLAN interface, including, physical state and link state of the VLAN interface,
format of the sent frames, MAC address, IP address and subnet mask of the VLAN
interface, and descriptive string and MTU of the VLAN interface
If the vlan-id argument is specified, the information about the specified VLAN interface
is displayed; if the vlan-id argument is not specified, the information about all the
created VLAN interfaces is displayed.
Related command: interface Vlan-interface.
Example
# Display the information about Vlan-interface 2.
<3Com> display interface Vlan-interface 2
Vlan-interface2 current state :DOWN
Line protocol current state :DOWN
IP
Sending
Frames'
Format
is
PKTFMT_ETHNT_2,
Hardware
address
is
0012-a990-2241
Internet Address is 10.1.1.1/24 Primary
Description : Vlan-interface2 Interface
The Maximum Transmit Unit is 1500
Table 1-1 Description of the fields of the display interface Vlan-interface command
z
z
z
z
Field
z
Vlan-interface2
current state
z
Line protocol current
state
IP Sending Frames'
Format
z
z
z
Hardware address
z
z
Internet Address
z
z
Description
z
z
The
Maximum
Transmit Unit
1-3
z
Description
Current state of the VLAN
interface
Current state of the Line
protocol
Format of the frames that
IP sends
MAC
address
corresponding to the
VLAN interface
IP
address
corresponding to the
VLAN interface
Description on the VLAN
interface
Maximum
unit
transmission
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
1.1.4 display vlan
Syntax
display vlan [ vlan-id [ to vlan-id ] | all | static | dynamic ]
View
Any view
Parameter
vlan-id: Specifies the VLAN ID, ranging from 1 to 4094.
to: Specifies multiple contiguous VLAN IDs.
all: Specifies to display the information about all the VLANs.
static: Specifies to display the VLANs created statically.
dynamic: Specifies to display the VLANs created dynamically.
Description
Use the display vlan command to display the information about specified VLANs or all
VLANs.
If the vlan-id argument or the all keyword is specified, the information about the
specified VLANs or the all VLANs is displayed, including VLAN ID, VLAN type (dynamic
or static), routing function status (If enabled, the primary IP address and mask are
displayed), VLAN description and VLAN name, VLAN broadcast storm suppression
ratio, and VLAN member ports.
If no argument or keyword is specified, this command displays the list of all the existing
VLANs. If the dynamic or static keyword is specified, this command displays the list of
the VLANs that are created dynamically or statically.
Related command: vlan.
Example
# Display the information about VLAN 2.
<3Com> display vlan 2
VLAN ID: 2
VLAN Type: static
Route Interface: not configured
Description: VLAN 0002
Name: VLAN 0002
Broadcast MAX-ratio: 100
Tagged
Ports: none
1-4
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
Untagged Ports:
Ethernet3/0/30
Table 1-2 Description of the fields of the display vlan command
z
z
z
z
z
z
z
z
z
Field
z
VLA
N ID
VLA
N
Type
Rout
e
Interf
ace
z
VLAN ID
z
VLAN type (dynamic or static)
z
Desc
riptio
n
Nam
e
Broa
dcast
MAX
-ratio
Tagg
ed
Ports
Whether the routing interface function is
enable for this VLAN
z
Description on the VLAN
z
VLAN name
z
VLAN broadcast storm suppression ratio
z
Unta
gged
Ports
Description
z
The ports that keep packets’ tags when
sending packets
The ports that strip off packet tags when
sending packets
1.1.5 interface Vlan-interface
Syntax
interface Vlan-interface vlan-id
undo interface Vlan-interface vlan-id
View
System view
Parameter
vlan-id: ID of the VLAN interface, in the range of 1 to 4,094.
1-5
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
Description
Use the interface Vlan-interface command to create a VLAN interface or enter VLAN
interface view.
Use the undo interface Vlan-interface command to delete the VLAN interface.
Related command: display interface Vlan-interface.
Example
# Enter Vlan-interface 1 view
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 1
[3Com-Vlan-interface1]
1.1.6 name
Syntax
name string
undo name
View
VLAN view
Parameter
string: String that refers to the VLAN name. It contains 1 to 32 characters.
Parameter
Use the name command to assign a name to the current VLAN.
Use the undo name command to restore to the default VLAN name.
By default, the name of a VLAN is its VLAN ID, for example, “VLAN 0001”.
Example
# Specify the name of VLAN 2 to ”hello”.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 2
[3Com-vlan2] name hello
1-6
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
1.1.7 shutdown
Syntax
shutdown
undo shutdown
View
VLAN interface view
Parameter
None
Description
Use the shutdown command to disable a VLAN interface.
Use the undo shutdown command to enable a VLAN interface.
By default, a VLAN interface is enabled. In this scenario, the VLAN interface’s status is
determined by the status of its ports, that is, if all the ports of the VLAN interface are
down, the VLAN interface is down (disabled); if one or more ports of the VLAN interface
are up, the VLAN interface is up (enabled).
If a VLAN interface is disabled, its status is not determined by the status of its ports.
You can use the undo shutdown command to enable a VLAN interface when its
related parameters and protocols are configured. When a VLAN interface fails, you can
use the shutdown command to disable the interface, and then use the undo
shutdown command to enable this interface again, which may restore the interface.
The operation of enabling/disabling a VLAN interface does not influence all the
Ethernet ports belonging to this VLAN.
Example
# Disable Vlan-interface2 and then enable it.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 2
[3Com-Vlan-interface2] shutdown
[3Com-Vlan-interface2] undo shutdown
1.1.8 vlan
Syntax
vlan vlan-id
undo vlan { vlan-id [ to vlan-id ] | all }
1-7
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
View
System view
Parameter
vlan-id: ID of the VLAN that you want to enter. Its value ranges from 1 to 4094.
to: Specifies the range of VLANs to be removed.
all: Specifies to remove all VLANs.
Description
Use the vlan command to enter a VLAN view. If the VLAN identified by the vlan-id
argument does not exist, this command creates the VLAN and then enters the VLAN
view.
Use the undo vlan command to remove a VLAN.
Caution:
z
The protocol reserved VLAN, Voice VLAN, the system default VLAN (VLAN 1) and
remote-probe VLAN cannot be removed by the undo vlan command.
z
When you use the undo vlan command to remove a VLAN which is the default
VLAN of an access port, a trunk port or a hybrid port on the device, the port will use
VLAN 1 as the default VLAN after the undo vlan command is executed.
Related command: display vlan
Example
# Enter VLAN 1 view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 1
[3Com-vlan1]
1.1.9 vlan to
Syntax
vlan vlan-id1 to vlan-id2
undo vlan vlan-id1 to vlan-id2
1-8
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
View
System view
Parameter
vlan-id: ID of the initial VLAN to be created, in the range of 1 to 4,094.
to: Specifies the range of VLANs.
vlan-id2: ID of the terminal VLAN to be created, in the range of 1 to 4,094, no smaller
than the vlan-id1 argument.
Description
Use the vlan to command to create multiple VLANs in batch.
Use the undo vlan to command to remove multiple VLANs in batch.
Caution:
z
VLAN 1 is the default VLAN, which need not be created and cannot be removed.
z
Protocol-reserved VLANs, Voice VLANs, default VLAN (namely, VLAN1), share
VLANs and remote-mirroring-enabled test VLANs cannot be directly removed by
using the undo vlan to command.
Example
# Create VLAN 4 to VLAN 100 in batch.
<3Com> system-view
Enter system view, return to user view with Ctrl+Z.
[3Com] vlan 4 to 100
This operation may take a few minutes.
Please wait...
Done.
[3Com]
# Display all the VLANs in the switch after multiple VLANs are created in batch.
[3Com] display vlan
Now, the following VLAN exist(s
1(default), 4-100
---
98 VLAN(s) found
---
1-9
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
1.1.10 vlan all
Syntax
vlan all
undo vlan all
View
System view
Parameter
None
Description
Use the vlan all command to create all the VLANs, namely, VLAN 2 to VLAN 4,094.
Use the undo vlan all command to remove all the VLANs.
Caution:
z
VLAN 1 is the default VLAN, which need not be created and cannot be removed.
z
Protocol-reserved VLANs, Voice VLANs, default VLAN (namely, VLAN1), share
VLANs and remote-mirroring-enabled test VLANs cannot be directly removed by
using the undo vlan all command.
z
The operation of creating all VLANs and the operation of removing all VLANs will
occupy plenty of system resources. As a result, the switch will not respond to the
current user interface. During the operation, you cannot configure VLANs on the
other user interfaces.
Example
# Create all the VLANs.
<3Com> system-view
Enter system view, return to user view with Ctrl+Z.
[3Com] vlan all
This operation may take a few minutes.
Please wait...
Done.
# Remove all the VLANs, among which VLAN 2 is a shared VLAN, VLAN 5 is a Voice
VLAN and VLAN 20 is a remote-mirroring-enabled test VLAN.
[3Com] undo vlan all
1-10
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
This may delete all static VLAN except the VLAN kept by protocol and the default
VLAN.
Continue?[Y/N]:y
This operation may take a few minutes.
Please wait...
Can't delete vlan when shared-vlan enabled!
Can't delete vlan when voice vlan enabled
Cannot delete remote probe VLAN
Fail to delete VLAN: 2, 5, 20
Done.
1.2 Port-Based VLAN Configuration Commands
1.2.1 port
Syntax
port interface-list
undo port interface-list
View
VLAN view
Parameter
interface-list: List of Ethernet ports to be added to or removed from a VLAN. You need
to provide this argument in the form of interface-list = { interface-type interface-number
[ to interface-type interface-number ] } &<1-10>, where:
z
interface-type is port type and interface-number is port number. For detailed
explanation, refer to port related command part in this manual.
z
The port number to the right of the to keyword must be larger than or equal to the
one to the left of the keyword.
z
&<1-10> means that you can provide this argument repeatedly for up to 10 times.
Parameter
Use the port command to add a port or multiple ports to a VLAN.
Use the undo port command to remove a port or multiple ports from a VLAN.
1-11
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
Caution:
The port command is only applicable to access ports. To add trunk ports and hybrid
ports to a VLAN, you can use the port trunk permit vlan and port hybrid vlan
commands in Ethernet port view. For related command information, refer to the Port
Basic Configuration Command section of the 3Com Switch 7750 Command Reference
Guide.
Related command: display vlan.
Example
# Add Ethernet1/0/1 through Ethernet1/0/3 to VLAN 2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 2
[3Com-vlan2] port Ethernet1/0/1 to Ethernet1/0/3
1.3 Protocol-Based VLAN Configuration Commands
1.3.1 display protocol-vlan interface
Syntax
display protocol-vlan interface { { interface-type interface-number [ to interface-type
interface-number ] } | all }
View
Any view
Parameter
{ interface-type interface-number [ to interface-type interface-number ] }: Specifies the
port number of the protocol to be displayed. If you do not use the to keyword, only one
port is specified. If you use the to keyword, multiple contiguous ports are specified. The
interface-type argument refers to the port type and the interface-number argument
refers to the port number.
all: Displays the protocol-related information about all ports.
Description
Use the display protocol-vlan interface command to display the protocol-based
VLAN information, including VLAN ID, protocol index and protocol type.
Related command: display interface.
1-12
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
Example
# Display protocol information and protocol index configured for Ethernet1/0/1 and
Ethernet1/0/2 ports.
<3Com> display protocol-vlan interface Ethernet 1/0/1 to Ethernet 1/0/2
Interface: Ethernet1/0/1
VLAN ID
Protocol-Index
Protocol-type
50
1
ip 192.168.10.1 255.255.255.0
80
2
ip 101.120.34.0 255.255.0.0
100
1
ip 104.232.43.0 255.255.255.0
100
2
ipx ethernetii
Interface: Ethernet1/0/2
VLAN ID
Protocol-Index
Protocol-type
50
5
ipx raw
80
1
at
100
3
snap etype 0x0abc
100
5
llc dsap 0xac ssap 0xbd
1.3.2 display protocol-vlan slot
Syntax
display protocol-vlan slot { slot-number | all }
View
Any view
Parameter
slot-number: Specifies board resident slot number.
all: Specifies all boards.
Description
Use the display protocol-vlan slot command to display the protocol-based VLAN
information in specific board, including VLAN ID, protocol index and protocol type.
Example
# Display the protocol-based VLAN information of all boards.
<3Com> display protocol-vlan slot all
Slot: 0
VLAN ID
Protocol-Index
Protocol-Type
4
0
ip 10.1.1.1 255.255.255.0
4
1
ip 192.168.1.1 255.0.0.0
4
2
ip 10.1.0.4 255.0.0.0
1-13
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
4
3
ip 172.168.0.1 255.255.0.0
4
4
ip 172.168.1.1 255.255.255.0
1.3.3 display protocol-vlan vlan
Syntax
display protocol-vlan vlan { vlan-id [ to vlan-id ] | all }
View
Any view
Parameter
vlan-id: VLAN ID, ranging from 1 to 4094.
to: Specifies the range of VLAN IDs.
all: Specifies all VLANs.
Description
Use the display protocol-vlan vlan command to display the protocol information and
protocol index configured for specified VLANs.
Related command: display vlan.
Example
# Display the protocol information and protocol indices configured for VLAN 2 through
VLAN 20..
<3Com> display protocol-vlan vlan 2 to 20
VLAN ID: 2
VLAN Type: Protocol-based VLAN
Protocol Index
Protocol Type
0
ip 1.1.1.0 255.255.255.0
VLAN ID: 20
VLAN Type: Protocol-based VLAN
Protocol Index
Protocol Type
0
ip 192.168.0.0 255.255.255.0
1
ipx ethernetii
2
snap etype 0x0abc
3
llc dsap 0xac ssap 0xbd
1-14
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
1.3.4 port hybrid protocol-vlan vlan
Syntax
port hybrid protocol-vlan vlan vlan-id { protocol-index [ to protocol-end ] | all }
undo port hybrid protocol-vlan vlan vlan-id { protocol-index [ to protocol-end ] | all }
View
Ethernet port view
Parameter
vlan-id: VLAN ID, ranging from 1 to 4094.
to: Specifies the range for VLAN IDs.
protocol-index: Beginning protocol index, ranging from 0 to 6. Its value must be smaller
than or equal to the value of the protocol-end argument.
protocol-end: End protocol index, ranging from 0 to 6. Note that its value must be larger
than or equal to the value of the protocol-index argument.
all: Specifies all protocol indices.
Description
Use the port hybrid protocol-vlan vlan command to associate a port with the
protocol-based VLAN.
Use the undo port hybrid protocol-vlan vlan command to remove the association
between the specified protocol-based VLAN and a port.
Related command: protocol-vlan vlan slot and display protocol-vlan interface.
Example
# Associate port Ethernet1/0/1 with the protocol-based VLAN 3, whose protocol index
is from 0 to 6.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] port hybrid protocol-vlan vlan 3 0 to 6
1.3.5 protocol-vlan vlan slot
Syntax
protocol-vlan vlan vlan-id { protocol-index [ to protocol-end ] | all } { slot slot-number |
mainboard }
undo protocol-vlan vlan vlan-id { protocol-index [ to protocol-end ] | all } { slot
slot-number | mainboard }
1-15
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
View
System view
Parameter
vlan-id: VLAN ID, ranging from 1 to 4094.
protocol-index: Beginning protocol index, ranging from 0 to 6. Its value must be smaller
than or equal to the value of the protocol-end argument.
protocol-end: End protocol index, ranging from 0 to 6. Note that its value must be larger
than or equal to the value of the protocol-index argument.
all: Specifies all protocol indices.
slot slot-number: Specify to associate a board with protocol-based VLAN. The
slot-number argument specifies board slot number.
mainboard: Main board
Description
Use the protocol-vlan vlan slot command to associate a board with protocol-based
VLAN.
Use the undo protocol-vlan vlan slot command to cancel the association.
Note that it is necessary to add those ports that require protocol in the board to the
protocol-based VLAN. Currently, only non-A-type boards, including service boards and
main control boards, support this command.
Table 1-3 shows the supported protocol-based VLAN creation commands on different
boards.
Table 1-3 Protocol-based VLAN creation commands on different boards
Command description
A-type board
Non-A-type board
Create protocol-based VLAN
on specific board in system
view.
Not supported
Supported (for all IP protocols and
subnet IP protocols.
Create protocol-based VLAN
on specific port in Ethernet
port view.
Supported
Supported (exclude all IP protocols
and subnet IP protocols.
Note:
A-type boards include 3C16860, 3C16861, 3C16858, 3C16859.
Related command: port hybrid protocol-vlan vlan and display protocol-vlan
interface.
1-16
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
Example
# Associate protocols 0 to 6 in VLAN3 with board 5.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] protocol-vlan vlan 3 0 to 6 slot 5
1.3.6 protocol-vlan
Syntax
protocol-vlan [ protocol-index ] { at | ip [ ip-address [ net-mask ] ] | ipx { ethernetii | llc
| raw | snap } | mode { ethernetii [ etype etype-id ] | llc [ dsap dsap-id [ ssap ssap-id ]
| ssap ssap-id ] | snap [ etype etype-id ] } }
undo protocol-vlan { protocol-index [ to protocol-end ] | all }
View
VLAN view
Parameter
at: Specifies an AppleTalk-based VLAN.
ip [ ip-address [ net-mask ] ]: Specifies an IP-based VLAN. The ip-address argument
specifies IP address and the net-mask argument specifies subnet mask. The default
subnet mask is the mask of the network where ip-address belongs.
ipx { ethernetii | llc | raw I snap }: Specifies IPX protocol-based VLAN. The ethernetii,
llc, raw and snap keywords indicate four encapsulation types.
mode: Specifies VLAN based on other protocol type and encapsulation format.
ethernetii [ etype etype-id ]: Specifies EthernetII encapsulation-based VLAN. The
etype-id argument indicates the Ethernet type of the incoming packets, and its value
ranges from 600 to FFFF.
llc [ dsap dsap-id [ ssap ssap-id ] | ssap ssap-id ]: Specifies VLAN based on logical
link control encapsulation format. The dsap-id argument indicates the destination
service access point and its value ranges from 0 to FF. The ssap-id argument indicates
the source service access point and its value ranges from 0 to FF.
snap [ etype etype-id ]: Specifies VLAN based on sub-network access protocol (SNAP)
encapsulation format. The etype-id argument indicates the Ethernet type of incoming
packets and its value ranges from 600 to FFFF.
protocol-index: Beginning protocol index, ranging from 0 to 6. Its value must be smaller
than or equal to the value of the protocol-end argument. If this argument is not specified,
the system will assign an index automatically.
1-17
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
protocol-end: End protocol index, ranging from 0 to 6. Note that its value must be larger
than or equal to the value of the protocol-index argument.
all: Specifies all protocol indices.
Description
Use the protocol-vlan command to configure the protocol template used for
classifying protocol-based VLANs.
Use the undo protocol-vlan command to cancel the configuration.
Caution:
In a VLAN, it is not allowed to configure two templates with the same protocol type and
encapsulation format. If any parameter in a user-defined template has the same value
as the corresponding parameter in the standard template, the user-defined template
and the standard template cannot be configured in the same VLAN.
Pay attention to the following notices about the template configuration:
z
It is not allowed to configure both ipx llc standard template and LLC user-defined
template in the same VLAN.
z
It is not allowed to configure both ipx raw standard template and LLC user-defined
template whose dsap and ssap are both ff in the same VLAN.
z
It is not allowed to configure both ipx ethernetii standard template and EthernetII
user-defined template whose etype is 8137 in the same VLAN.
z
It is not allowed to configure both ipx snap standard template and SNAP
user-defined template whose etype is 8137 in the same VLAN.
z
When the values of the dsap-id and ssap-id arguments are AA, the packet
encapsulation type is not llc but snap. To avoid template conflict, the system disable
the value AA for the dsap-id and ssap-id arguments when you configure LLC
user-defined template.
In addition, pay attention to the following notices about IP template:
z
If a packet can match both Ipv4-based VLAN and the VLAN based on other protocol,
Ipv4-based VLAN takes higher priority.
z
ip [ ip-address [ net-mask ] ] defines IPv4-based VLAN. If you want to define the
VLANs based on IP or other encapsulation formats, use mode { ethernetii [ etype
etype-id ] } and snap [ etype etype-id ], in which, etype-id is 0x0800.
Related command: display protocol-vlan vlan.
Example
# Configure VLAN 3 as a VLAN based on all IP packets.
1-18
3Com Switch 7750 Series
Command Reference Guide – VLAN Commands
Chapter 1 VLAN Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 3
[3Com-vlan3] protocol-vlan ip
# Configure VLAN 5 as a VLAN based on network segment 123.34.56.0.
[3Com-vlan3] vlan 5
[3Com-vlan5] protocol-vlan ip 123.34.56.0
# Cancel protocols 0 to 5 in VLAN 5.
[3Com-vlan5] undo protocol-vlan 0 to 5
1-19
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications
Table of Contents
Table of Contents
Chapter 1 Voice VLAN Configuration Commands ..................................................................... 1-1
1.1 Voice VLAN Configuration Commands ............................................................................. 1-1
1.1.1 display voice vlan oui .............................................................................................. 1-1
1.1.2 display voice vlan status ......................................................................................... 1-1
1.1.3 display vlan.............................................................................................................. 1-3
1.1.4 voice vlan ................................................................................................................ 1-4
1.1.5 voice vlan aging....................................................................................................... 1-5
1.1.6 voice vlan enable .................................................................................................... 1-5
1.1.7 voice vlan mac-address .......................................................................................... 1-6
1.1.8 voice vlan mode ...................................................................................................... 1-7
1.1.9 voice vlan security enable ....................................................................................... 1-8
Chapter 2 isolate-user-VLAN Configuration Commands .......................................................... 2-1
2.1 isolate-user-VLAN Configuration Commands.................................................................... 2-1
2.1.1 display isolate-user-vlan.......................................................................................... 2-1
2.1.2 isolate-user-vlan ...................................................................................................... 2-2
2.1.3 isolate-user-vlan enable .......................................................................................... 2-3
Chapter 3 Super VLAN Configuration Commands .................................................................... 3-1
3.1 Super VLAN Configuration Commands............................................................................. 3-1
3.1.1 dhcp-server ............................................................................................................. 3-1
3.1.2 display supervlan..................................................................................................... 3-1
3.1.3 subvlan .................................................................................................................... 3-3
3.1.4 supervlan................................................................................................................. 3-4
i
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 1 Voice VLAN Configuration Commands
Chapter 1 Voice VLAN Configuration Commands
1.1 Voice VLAN Configuration Commands
1.1.1 display voice vlan oui
Syntax
display voice vlan oui
View
Any view
Parameter
None
Description
Use the display voice vlan oui command to display the currently supported OUI
addresses and the related information.
Related command: voice vlan voice, vlan enable.
Example
# Display the OUI addresses of the voice VLAN.
<3Com> display voice vlan oui
Oui Address
Mask
Description
00e0-bb00-0000
ffff-ff00-0000
3com phone
0003-6b00-0000
ffff-ff00-0000
Cisco phone
00e0-7500-0000
ffff-ff00-0000
Polycom phone
00d0-1e00-0000
ffff-ff00-0000
Pingtel phone
000f-e200-0000
ffff-ff00-0000
H3C Aolynk phone
00aa-bb00-0000
ffff-ff00-0000
ABC
1.1.2 display voice vlan status
Syntax
display voice vlan status
View
Any view
1-1
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 1 Voice VLAN Configuration Commands
Parameter
None
Description
Use the display voice vlan status command to display voice VLAN-related
information, including voice VLAN status (disabled/enabled), security mode, aging time,
port mode (manual mode or automatic mode), and so on.
Related command: voice vlan, voice vlan enable.
Example
# Display the information about the voice VLAN.
<3Com> display voice vlan status
Voice Vlan status: ENABLE
Voice Vlan ID: 2
Voice Vlan security mode: Security
Voice Vlan aging time: 1440 minutes
Current voice vlan enabled port mode:
PORT
MODE
-------------------------------Ethernet1/0/2
MANUAL
Ethernet1/0/5
AUTO
Table 1-1 Description on the fields of the display voice vlan status command
Field
Description
Voice Vlan status
The status of global voice VLAN function:
enabled/disabled
Voice Vlan ID
The VLAN which is currently enabled with voice
VLAN function.
Voice Vlan security mode
The status of voice VLAN security mode:
enabled/disabled.
Voice Vlan aging time
The voice VLAN aging time
Current voice vlan enabled
port mode
The operation mode of ports with the voice VLAN
function enabled
Ethernet1/0/2
MANUAL
Port Ethernet1/0/2 is in manual mode.
Ethernet1/0/5
AUTO
Port Ethernet1/0/5 is in automatic mode.
1-2
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 1 Voice VLAN Configuration Commands
Caution:
The “Current voice vlan enable port mode” field lists the ports with the voice VLAN
function enabled. Note that a port listed in this field may not currently operate in a voice
VLAN. To check the ports operating in the current voice VLAN, use the display vlan
command, which is described in section1.1.3 ”display vlan”.
1.1.3 display vlan
Syntax
display vlan vlan-id
View
Any view
Parameter
vlan-id: Voice VLAN ID in the range of 1 to 4094.
Description
Use the display vlan command to display the automatic/manual ports in the current
voice VLAN.
Related command: voice vlan.
Example
# Display the ports included in the current voice VLAN, assuming that the current voice
VLAN is VLAN 6.
<3Com> display vlan 6
VLAN ID: 6
VLAN Type: static
Route Interface: not configured
Description: VLAN 0006
Name: VLAN 0006
Tagged
Ports:
GigabitEthernet1/0/5
Untagged Ports:
GigabitEthernet1/0/6
The output indicates that GigabitEthernet1/0/5 and GigabitEthernet1/0/6 ports are in
the current voice VLAN.
1-3
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 1 Voice VLAN Configuration Commands
1.1.4 voice vlan
Syntax
voice vlan vlan-id enable
undo voice vlan enable
View
System view
Parameter
vlan-id: ID of the VLAN that needs to be enabled with the voice VLAN function, ranging
from 2 to 4094.
Description
Use the voice vlan command to enable the voice VLAN function globally.
Use the undo voice vlan enable command to disable the voice VLAN function
globally.
Caution:
z
When you are enabling voice VLAN function for a specified VLAN, the specified
VLAN must exist, otherwise, your configuration fails.
z
If you want to delete a VLAN with voice VLAN function enabled, you must disable
the voice VLAN function first.
z
The voice VLAN function can be enabled for only one VLAN at the same time.
Related command: display voice vlan status.
Example
# Create VLAN 2, and enable the voice VLAN function for it.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 2
[3Com-vlan2] quit
[3Com] voice vlan 2 enable
# After the voice function of VLAN2 is enabled, if you enable the voice VLAN function
for other VLANs, the system will prompt that your configuration fails.
[3Com] voice vlan 4 enable
Can't change voice vlan configuration when other voice vlan is running
1-4
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 1 Voice VLAN Configuration Commands
1.1.5 voice vlan aging
Syntax
voice vlan aging minutes
undo voice vlan aging
View
System view
Parameter
minutes: Aging time (in minutes) to be set for a voice VLAN. This argument ranges from
5 to 43,200 and defaults to 1,440.
Description
Use the voice vlan aging command to set the aging time for a voice VLAN.
Use the undo voice vlan aging command to restore the default aging time for a voice
VLAN.
Related command: display voice vlan status.
Example
# Set the aging time of the voice VLAN to 100 minutes.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] voice vlan aging 100
1.1.6 voice vlan enable
Syntax
voice vlan enable
undo voice vlan enable
View
Ethernet port view
Parameter
None
Description
Use the voice vlan enable command to enable the voice VLAN function for a port.
1-5
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 1 Voice VLAN Configuration Commands
Use the undo voice vlan enable command to disable the voice VLAN function for a
port.
z
The voice VLAN function takes effect on a port only when it is enabled in both
system view and port view.
z
The access port working in automatic mode does not support the voice VLAN
function.
Related command: display voice vlan status.
Example
# Enable the voice VLAN function for Ethernet1/0/2 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/2
[3Com-Ethernet1/0/2] voice vlan enable
1.1.7 voice vlan mac-address
Syntax
voice vlan mac-address oui mask oui-mask [ description text ]
undo voice vlan mac-address oui
View
System view
Parameter
oui: MAC address to be set. You need to provide this argument in the format of H-H-H.
Note:
Organizationally unique identifier (OUI) is the first 24 bits of a MAC address. It is the
global unique identifier assigned by IEEE for different device supplier.
oui-mask: MAC address mask in the format of H-H-H. This argument specifies the valid
bits of the MAC address.
text: Description string of the MAC address. This argument can contain 1 to 30
characters.
Description
Use the voice vlan mac-address command to set a MAC address used for a voice
VLAN to identify voice devices.
1-6
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 1 Voice VLAN Configuration Commands
Use the undo voice vlan mac-address command to disable a MAC address from
being used to identify voice devices.
A switch can use up to 16 MAC addresses to identify voice devices, including the five
default OUI addresses (as listed in Table 1-2). When the number of MAC addresses
reaches 16, you will fail to add new MAC addresses.
Table 1-2 Default OUI addresses of a switch
Number
OUI addresses
Vendor
1
0003-6b00-0000
Cisco phone
2
000f-e200-0000
H3C Aolynk phone
3
00d0-1e00-0000
Pingtel phone
4
00e0-7500-0000
Polycom phone
5
00e0-bb00-0000
3com phone
Related command: display voice vlan oui.
Example
# Specify 00aa-bb00-0000 as an OUI address, with the description string being “ABC”.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] voice vlan mac-address 00aa-bb00-0000 mask ffff-ff00-0000 description
ABC
1.1.8 voice vlan mode
Syntax
voice vlan mode auto
undo voice vlan mode auto
View
Ethernet port view
Parameter
None
Description
Use the voice vlan mode auto command to configure an Ethernet port to operate in
the automatic voice VLAN mode.
1-7
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 1 Voice VLAN Configuration Commands
Use the undo voice vlan mode auto command to configure an Ethernet port to
operate in the manual voice VLAN mode.
By default, an Ethernet port operates in the automatic voice VLAN mode.
Related command: display voice vlan status.
Example
# Configure GigabitEthernet3/0/2 port to operate in the manual voice VLAN mode.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet 3/0/2
[3Com-GigabitEthernet3/0/2] undo voice vlan mode auto
1.1.9 voice vlan security enable
Syntax
voice vlan security enable
undo voice vlan security enable
View
System view
Parameter
None
Description
Use the voice vlan security enable command to enable the voice VLAN security
mode.
Use the undo voice vlan security enable command to disable the voice VLAN
security mode.
In the voice VLAN security mode, the ports in a voice VLAN and with voice devices
attached to can only forward voice data. Data packets with their MAC addresses not
among the OUI addresses that can be identified by the system will be dropped. This
mode has no effects on other VLANs.
By default, the voice VLAN security mode is enabled.
Related command: display voice vlan status.
Example
# Disable the voice VLAN security mode.
<3Com> system-view
System View: return to User View with Ctrl+Z.
1-8
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 1 Voice VLAN Configuration Commands
[3Com] undo voice vlan security enable
1-9
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications
Chapter 2 isolate-user-VLAN Configuration
Commands
Chapter 2 isolate-user-VLAN Configuration
Commands
Note:
You need to configure the hybrid attribute for a port in the process of configuring an
isolate-user-VLAN. For hybrid port-related commands, refer to the Port Basic
Configuration part of the 3Com Switch 7750 Command Reference Guide.
2.1 isolate-user-VLAN Configuration Commands
2.1.1 display isolate-user-vlan
Syntax
display isolate-user-vlan [ vlan-id ]
View
Any view
Parameter
vlan-id: VLAN ID of the configured isolate-user-VLANs, ranging from 1 to 4,094.
Description
Use the display isolate-user-vlan command to display the mapping between the
isolate-user-VLAN and the secondary VLAN, and the current status and port
information of the isolate-user-VLAN and the secondary VLAN.
Related command: isolate-user-vlan enable and isolate-user-vlan.
Example
# Display the mapping between the isolate-user-VLAN and the secondary VLAN.
<3Com> display isolate-user-vlan
Isolate-user-VLAN
Vlan ID : 3
Secondary Vlan ID : 4-5
Vlan ID: 3
Vlan Type: static
2-1
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications
Chapter 2 isolate-user-VLAN Configuration
Commands
Isolate-user-VLAN type : isolate-user-VLAN
Route Interface: not configured
Description: VLAN 0003
Tagged
Ports: none
Untagged Ports:
Ethernet1/0/4
Ethernet1/0/8
Ethernet1/0/18
Vlan ID: 4
Vlan Type: static
Private-vlan Type : Secondary
Route Interface: not configured
Description: VLAN 0004
Tagged
Ports: none
Untagged Ports:
Ethernet1/0/4
Ethernet1/0/8
Vlan ID: 5
Vlan Type: static
Private-vlan Type : Secondary
Route Interface: not configured
Description: VLAN 0004
Tagged
Ports: none
Untagged Ports:
Ethernet1/0/4
Ethernet1/0/18
2.1.2 isolate-user-vlan
Syntax
isolate-user-vlan vlan-id secondary vlan-list
undo isolate-user-vlan vlan-id [ secondary vlan-list ]
View
System view
Parameter
vlan-id: VLAN ID of an isolate-user-VLAN, ranging from 1 to 4,094.
vlan-list: List of the secondary VLAN that needs to establish the mapping with the
isolate-user-VLAN, provided in the form of vlan-list = { vlan-id [ to vlan-id ] }&<1-4093>,
where the vlan-id is the VLAN ID of the secondary VLAN. VLAN ID after to must not be
less than that before to. You can input this argument repeatedly to establish the
mapping between the isolate-user-VLAN and all other VLANs.
2-2
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications
Chapter 2 isolate-user-VLAN Configuration
Commands
Description
Use the isolate-user-vlan command to establish the mapping between the
isolate-user-VLAN and the secondary VLAN.
Use the undo isolate-user-vlan command to cancel the mapping between the
isolate-user-VLAN and the secondary VLAN.
Without the parameter secondary vlan-list, the undo isolate-user-vlan command can
cancel the mapping between all the secondary VLANs and the specified
isolate-user-VLAN. With this parameter, the command can cancel the mapping
between the specified secondary VLAN and the specified isolate-user-VLAN.
Note that, establishing or canceling the mapping between the isolate-user-VLAN and
the secondary VLAN does not affect the port status in each VLAN.
By default, the user-created isolate-user-VLAN does not map the secondary VLAN.
Related command: display isolate-user-vlan.
Example
# Map the isolate-user-VLAN 10 with the secondary VLAN 2, 3, 4, 5, and 9.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isolate-user-vlan 10 secondary 2 to 5 9
2.1.3 isolate-user-vlan enable
Syntax
isolate-user-vlan enable
undo isolate-user-vlan enable
View
VLAN view
Parameter
None
Description
Use the isolate-user-vlan
enable command to specify a VLAN as an
isolate-user-VLAN.
Use the undo isolate-user-vlan enable command to cancel the configuration.
By default, no VLAN is enabled with the isolate-user-VLAN function.
2-3
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications
Chapter 2 isolate-user-VLAN Configuration
Commands
Note:
z
Multiple isolate-user-VLANs can be configured for a switch.
z
With GVRP function enabled, a switch cannot be enabled with isolate-user-VLAN
function.
z
The isolate-user-VLAN function and super VLAN function cannot be enabled
simultaneously for a VLAN. If a VLAN is specified as an isolate-user-VLAN or a
secondary VLAN, you cannot configure it as a super VLAN or a sub VLAN
additionally.
Related command: display isolate-user-vlan.
Example
# Configure VLAN 5 as an isolate-user-VLAN.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 5
[3Com-vlan5] isolate-user-vlan enable
2-4
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 3 Super VLAN Configuration Commands
Chapter 3 Super VLAN Configuration Commands
3.1 Super VLAN Configuration Commands
3.1.1 dhcp-server
Syntax
dhcp-server groupNo
undo dhcp-server
View
VLAN interface view
Parameter
groupNo: Number of DHCP server, ranging from 0 to 19.
Description
Use the dhcp-server command to specify which DHCP server group a VLAN interface
belongs to.
Use the undo dhcp-server command to cancel this mapping.
Example
# Configure VLAN 1 interface to belong to DHCP server group 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 1
[3Com-Vlan-interface1] dhcp-server 1
3.1.2 display supervlan
Syntax
display supervlan [ supervlan-id ]
View
Any view
Parameter
supervlan-id: ID of Super VLAN, range from 1 to 4,094.
3-1
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 3 Super VLAN Configuration Commands
Description
Use the display supervlan command to view the mapping relationship between Super
VLAN and Sub VLAN, and the ports identifying mapping relationship between super
VLAN and sub VLAN.
Related command: supervlan, and subvlan.
Example
# Display the mapping relationship between Super VLAN 100 and the sub VLANs.
<3Com> display supervlan 100
Supervlan ID :
Subvlan ID :
100
101-102
VLAN ID: 100
VLAN Type: static
It is a Super VLAN.
Route Interface: not configured
Description: VLAN 0100
Name: VLAN 0100
Broadcast MAX-ratio: 100
Tagged
Ports: none
Untagged Ports: none
VLAN ID: 101
VLAN Type: static
It is a Sub VLAN. And the Super VLAN is VLAN 100
ARP proxy disabled.
Route Interface: not configured
Description: VLAN 0101
Name: VLAN 0101
Broadcast MAX-ratio: 100
Tagged
Ports: none
Untagged Ports:
Ethernet3/0/3
VLAN ID: 102
VLAN Type: static
It is a Sub VLAN. And the Super VLAN is VLAN 100
ARP proxy disabled.
Route Interface: not configured
Description: VLAN 0102
Name: VLAN 0102
3-2
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 3 Super VLAN Configuration Commands
Broadcast MAX-ratio: 100
Tagged
Ports: none
Untagged Ports:
Ethernet3/0/4
3.1.3 subvlan
Syntax
subvlan vlan-list
undo subvlan [ vlan-list ]
View
VLAN view of the super VLAN
Parameter
vlan-list: List of sub VLANs, provided in the format of vlan-list = { vlan-id [ to
vlan-id ] }&<1-10>, where the vlan-id is the VLAN ID of a sub VLAN, and the &<1-10>
means you can specify ten sub VLANs or sub VLAN lists.
Description
Use the subvlan commmand to establish the mapping relationship between sub VLAN
and super VLAN.
Use the undo subvlan commmand to cancel the mapping relationship between sub
VLAN and super VLAN.
Without the argument vlan-list, the undo subvlan command can cancel the mapping
between all the sub VLANs and the isolate-user-VLAN. With this argument, the
command can cancel the mapping between the specified sub VLAN and the
isolate-user-VLAN.
Caution:
z
The sub VLAN must exist before you create mapping between the sub VLAN and
the super VLAN.
z
After establishing the mapping between the sub VLAN and the super VLAN, you can
still add (or delete) ports to (from) the sub VLAN.
z
A super VLAN can establish mappings with 1024 sub VLANs.
z
The system can create up to 1024 sub VLANs.
For the related commands, see display supervlan.
3-3
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 3 Super VLAN Configuration Commands
Example
# Establish the mapping relationship between sub VLAN 3, 4, 5, 9 and super VLAN 10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 10
[3Com-vlan10] supervlan
[3Com-vlan10] subvlan 3 to 5 9
3.1.4 supervlan
Syntax
supervlan
undo supervlan
View
VLAN view
Parameter
None
Description
Use the supervlan commmand to set current VLAN to super VLAN.
Use the undo supervlan commmand to restore the current VLAN type to ordinary
VLAN.
Note that:
z
You can not configure a VLAN which includes Ethernet ports as a super VLAN;
and after you configure a super VLAN, you cannot add any Ethernet port to it.
z
When a VLAN is configured as a super VLAN, ARP proxy function is automatically
enabled on the VLAN interface.
z
When a super VLAN exists, the ARP proxy function cannot be disabled on the
corresponding VLAN interface.
Related command: display supervlan.
Example
# Set the VLAN 2 to super VLAN.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 2
[3Com-vlan2] supervlan
3-4
3Com Switch 7750 Series
Command Reference Guide – Extended VLAN Applications Chapter 3 Super VLAN Configuration Commands
3-5
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Table of Contents
Table of Contents
Chapter 1 IP Address Configuration Commands....................................................................... 1-1
1.1 IP Address Configuration Commands ............................................................................... 1-1
1.1.1 display ip interface .................................................................................................. 1-1
1.1.2 ip address................................................................................................................ 1-3
Chapter 2 IP Performance Configuration Commands ............................................................... 2-1
2.1 IP Performance Configuration Commands........................................................................ 2-1
2.1.1 display fib ................................................................................................................ 2-1
2.1.2 display icmp statistics.............................................................................................. 2-3
2.1.3 display ip socket ...................................................................................................... 2-4
2.1.4 display ip statistics .................................................................................................. 2-6
2.1.5 display tcp statistics ................................................................................................ 2-7
2.1.6 display tcp status................................................................................................... 2-10
2.1.7 display udp statistics ............................................................................................. 2-11
2.1.8 ip............................................................................................................................ 2-12
2.1.9 ip forward-broadcast ............................................................................................. 2-13
2.1.10 reset ip statistics.................................................................................................. 2-13
2.1.11 reset tcp statistics................................................................................................ 2-14
2.1.12 reset udp statistics .............................................................................................. 2-14
2.1.13 tcp timer fin-timeout............................................................................................. 2-15
2.1.14 tcp timer syn-timeout........................................................................................... 2-15
2.1.15 tcp window........................................................................................................... 2-16
Chapter 3 IPX Configuration Commands.................................................................................... 3-1
3.1 IPX Configuration Commands ........................................................................................... 3-1
3.1.1 display ipx interface................................................................................................. 3-1
3.1.2 display ipx routing-table .......................................................................................... 3-3
3.1.3 display ipx service-table .......................................................................................... 3-5
3.1.4 display ipx statistics................................................................................................. 3-7
3.1.5 ipx enable ................................................................................................................ 3-9
3.1.6 ipx encapsulation .................................................................................................. 3-10
3.1.7 ipx netbios-propagation......................................................................................... 3-10
3.1.8 ipx network ............................................................................................................ 3-11
3.1.9 ipx rip import-route static....................................................................................... 3-12
3.1.10 ipx rip mtu............................................................................................................ 3-12
3.1.11 ipx rip multiplier ................................................................................................... 3-13
3.1.12 ipx rip timer update.............................................................................................. 3-14
3.1.13 ipx route load-balance-path................................................................................. 3-14
3.1.14 ipx route max-reserve-path ................................................................................. 3-15
i
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Table of Contents
3.1.15 ipx route-static ..................................................................................................... 3-16
3.1.16 ipx sap disable..................................................................................................... 3-17
3.1.17 ipx sap gns-disable-reply .................................................................................... 3-17
3.1.18 ipx sap gns-load-balance .................................................................................... 3-18
3.1.19 ipx sap max-reserve-servers............................................................................... 3-19
3.1.20 ipx sap mtu .......................................................................................................... 3-19
3.1.21 ipx sap multiplier ................................................................................................. 3-20
3.1.22 ipx sap timer update............................................................................................ 3-21
3.1.23 ipx service ........................................................................................................... 3-21
3.1.24 ipx split-horizon ................................................................................................... 3-23
3.1.25 ipx tick ................................................................................................................. 3-23
3.1.26 ipx update-change-only....................................................................................... 3-24
3.1.27 reset ipx routing-table statistics protocol............................................................. 3-24
3.1.28 reset ipx statistics ................................................................................................ 3-25
ii
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 1 IP Address Configuration Commands
Chapter 1 IP Address Configuration Commands
1.1 IP Address Configuration Commands
1.1.1 display ip interface
Syntax
display ip interface [ brief ] [ interface-type [ interface-number ]
View
Any view
Parameter
interface-type
interface-number:
interface-type
indicates
a
port
type
and
interface-number indicates a port number. For details, see the description of the
interface command in Port Basic Configuration Command Manual.
brief: Displays the basic interface configuration information.
Description
Use the display ip interface command to display information about one specific or all
interfaces.
Example
# Display information about VLAN interface 1.
<3Com>display ip interface Vlan-interface 1
Vlan-interface1 current state :UP
Line protocol current state :UP
Internet Address is 192.168.0.39/24 Primary
Broadcast address : 192.168.0.255
The Maximum Transmit Unit : 1500 bytes
IP packets input number: 9678, bytes: 475001, multicasts: 7
IP packets output number: 8622, bytes: 391084, multicasts: 0
TTL invalid packet number:
0
ICMP packet input number:
0
Echo reply:
0
Unreachable:
0
1-1
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 1 IP Address Configuration Commands
Source quench:
0
Routing redirect:
0
Echo request:
0
Router advert:
0
Router solicit:
0
Time exceed:
0
IP header bad:
0
Timestamp request:
0
Timestamp reply:
0
Information request:
0
Information reply:
0
Netmask request:
0
Netmask reply:
0
Unknown type:
0
Table 1-1 Description on the fields of the display ip interface command
Field
Description
Vlan-interface1 current state
Current state of VLAN interface 1
Line protocol current state
Current state of the Line protocol
Internet Address
IP address
Broadcast address
Broadcast address
The Maximum Transmit Unit
Max transmit unit
IP packets input number: 9678, bytes:
475001, multicasts: 7
IP packets output number: 8622, bytes:
391084, multicasts: 0
TTL invalid packet number
Number of input/output unicast packets,
bytes, and multicast packets
Number of received invalid TTL packets
1-2
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 1 IP Address Configuration Commands
Field
ICMP
0
packet
input
Description
number:
Echo reply:
0
Unreachable:
0
Source
quench:
0
Routing redirect:
Echo
0
request:
0
Router advert:
Router solicit:
0
0
Time
exceed:
0
IP
header
bad:
0
Timestamp
request:
Timestamp
reply:
0
Total number of received ICMP packets,
including:
Echo reply packet, unreachable packet,
source quench packet, routing redirect
packet, Echo request packet, router
advert packet, router solicit packet, time
exceed packet, IP header bad packet,
timestamp request packet, timestamp
reply packet, information request packet,
information reply packet, netmask
request packet, netmask reply packet,
and unknown types of packets.
0
Information request:
0
Information reply:
0
Netmask
request:
Netmask
reply:
Unknown
type:
0
0
0
1.1.2 ip address
Syntax
ip address ip-address { mask | mask-length } [ sub ]
undo ip address [ ip-address { mask | mask-length } [ sub ] ]
View
VLAN interface view, loopback interface view
Parameter
ip_address: IP address, in dotted decimal notation.
mask: Subnet mask, in dotted decimal notation.
mask-length: Length of a subnet mask.
1-3
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 1 IP Address Configuration Commands
sub: Secondary IP address of a VLAN or loopback interface.
Description
Use the ip address command to specify an IP address and mask for a VLAN or
loopback interface.
Use the undo ip address command to remove an IP address and mask of a VLAN or
loopback interface.
By default, a VLAN or loopback interface has no IP address.
Generally, it is enough to configure one IP address for an interface. However, you can
configure up to eight IP addresses for an interface so that it can be connected to
several subnets. Among these IP addresses, one is the primary IP address and all the
others are secondary ones. The relationship between the primary address and the
secondary addresses is as follows:
z
When you configure a primary IP address for an interface which already has a
primary IP address, the new address will replace the old one.
z
If you execute the undo ip address command without any parameter, the switch
deletes both primary and secondary IP addresses of the interface. The undo ip
address ip-address { mask | mask-length } command is used to delete the
primary IP address. The undo ip address ip-address { mask | mask-length } sub
command is used to delete secondary IP addresses.
Note that a VLAN interface cannot be configured with a secondary IP address if the
interface has been configured to obtain an IP address by BOOTP or DHCP.
Related command: display ip interface.
Example
# Specify the IP address and subnet mask of VLAN interface 1 to 129.12.0.1 and
255.255.255.0 respectively.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 1
[3Com-Vlan-interface1] ip address 129.12.0.1 255.255.255.0
1-4
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Chapter 2 IP Performance Configuration
Commands
2.1 IP Performance Configuration Commands
2.1.1 display fib
Syntax
display fib fib-rule
View
Any view
Parameter
fib-rule: Specifies FIB entries that conform to specific rules. It can be a combination of
multiple rules. The following table describes the combinations.
Table 2-1 Display combination of specified FIB entries
Description
Form of fib-rule
Display FIB entries of the specified
slot
slot-number
Display FIB entries matching the
specified destination IP address/mask
pair and all the FIB entries matching
the specified IP address/mask (in the
natural mask range) pair
ip-address1 [ { mask1 | mask-length1 }
[ ip-address2 { mask2 | mask-length2 } |
longer ] | longer ]
Display FIB statistics
statistics
Display the FIB entries which are
output from the buffer according to the
regular expression and are related to
the specific character string
| { begin | exclude | include } text
Display the FIB entries matching a
specific ACL
acl { number | name }
Display the FIB entries matching the
specific prefix list
ip-prefix listname
2-1
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Description
Use the display fib command to view the summary of the forwarding information base
(FIB). Each line indicates an FIB entry. The information includes: destination
address/mask length, next hop, current flag, timestamp, and output interface. For the
ACL configuration, refer to the ACL module of this manual.
Example
# View all the FIB summary.
<3Com>display fib
Destination/Mask
Nexthop
Flag TimeStamp
211.71.75.0/24
1.1.1.2
GSU t[250763]
Interface
Vlan-interface2
1.1.2.1/32
127.0.0.1
GHU t[37]
InLoopBack0
127.0.0.1/32
127.0.0.1
GHU t[37]
InLoopBack0
127.0.0.0/8
127.0.0.1
U
t[37]
InLoopBack0
1.1.1.1/32
127.0.0.1
GHU t[37]
InLoopBack0
1.1.1.0/24
1.1.1.1
U
t[37]
Vlan-interface2
Table 2-2 Description on the fields of the display fib command
Field
Description
Destination/Mask
Destination address/mask length
Nexthop
Next hop address
Flags:
U: A route is up and available.
G: Gateway route
H: Local host route
Flag
B: Blackhole route
D: Dynamic route
S: Static route
R: Rejected route
E: Multi-path equal-cost route
L: Route generated by ARP or ESIS
TimeStamp
Timestamp
Interface
Forwarding interface
# View ACL 2001.
<3Com> display acl config 2001
Basic ACL 2001, 1 rule
rule 0 permit source 211.71.75.0 0.0.0.255 (0 times matched)
# View the FIB entries filtered by ACL 2001.
2-2
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
<3Com>display fib acl 2001
Route Entry matched by access-list 2001
Summary Counts :1
Destination/Mask
Nexthop
Flag TimeStamp
211.71.75.0/24
1.1.1.2
GSU t[250763]
Interface
Vlan-interface2
# View all the lines from the line containing the string 1.1.1.1.
<3Com> display fib | begin 1.1.1.1
1.1.1.1/32
127.0.0.1
GHU t[37]
1.1.1.0/24
1.1.1.1
U
t[37]
InLoopBack0
Vlan-interface2
# View the total number of FIB entries.
<3Com> display fib statistics
Route Entry Count : 30
2.1.2 display icmp statistics
Syntax
display icmp statistics
View
Any view
Parameter
None
Description
Use the display icmp statistics command to view the statistics about ICMP packets.
Related command: display ip interface and reset ip statistics.
Example
# View the statistics about ICMP packets.
<3Com> display icmp statistics
Input: bad formats
echo
0
bad checksum
5
0
destination unreachable 0
source quench 0
redirects
0
echo reply
10
parameter problem
0
timestamp
0
information request
0
mask requests 0
mask replies
0
time exceeded 0
Output:echo
10
destination unreachable 0
source quench 0
echo reply
redirects
5
parameter problem
2-3
0
0
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
timestamp
Chapter 2 IP Performance Configuration
Commands
0
information reply
mask requests 0
0
mask replies
0
time exceeded 0
Table 2-3 Description on the fields of the display icmp statistics command
Field
Description
bad formats
Number of input packets in bad formats
bad checksum
Number of input packets with bad checksum
echo
Number of input/output echo request packets
destination unreachable
Number of input/output packets with unreachable
destination
source quench
Number of input/output source quench packets
redirects
Number of input/output redirected packets
echo reply
Number of input/output echo reply packets
parameter problem
Number of input/output packets with parameter
problem
timestamp
Number of input/output timestamp packets
information request
Number of input information request packets
mask requests
Number of input/output mask request packets
mask replies
Number of input/output mask reply packets
information reply
Number of output information reply packets
time exceeded
Number of time exceeded packets
2.1.3 display ip socket
Syntax
display ip socket [ socktype sock-type ] [ task-id socket-id ]
View
Any view
Parameter
sock-type: Type of a socket, ranging from 1 to 3. These values correspond to
SOCK_STREAM (TCP socket), SOCK_DGRAM (UDP socket or socket based on the
link layer), and SOCK_RAW (RAW IP socket).
task-id: ID of a task, with the value ranging from 1 to 100.
socket-id: ID of a socket, with the value ranging from 0 to 3072.
2-4
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Description
Use the display ip socket command to display the information of the current socket.
Example
# Display the information about the socket of the TCP type.
<3Com> display ip socket socktype 1
SOCK_STREAM:
Task = VTYD(18), socketid = 1, Proto = 6,
LA = 0.0.0.0:23, FA = 0.0.0.0:0,
sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0,
socket option = SO_ACCEPTCONN SO_KEEPALIVE SO_SENDVPNID SO_SETKEEPALIVE,
socket state = SS_PRIV SS_ASYNC
Task = VTYD(18), socketid = 2, Proto = 6,
LA = 10.153.17.99:23, FA = 10.153.17.56:1161,
sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0,
socket option = SO_KEEPALIVE SO_OOBINLINE SO_SENDVPNID SO_SETKEEPALIVE,
socket state = SS_ISCONNECTED SS_PRIV SS_ASYNC
Task = VTYD(18), socketid = 3, Proto = 6,
LA = 10.153.17.99:23, FA = 10.153.17.82:1121,
sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0,
socket option = SO_KEEPALIVE SO_OOBINLINE SO_SENDVPNID SO_SETKEEPALIVE,
socket state = SS_ISCONNECTED SS_PRIV SS_ASYNC
Table 2-4 Description on the fields of the display ip socket command
Field
Description
SOCK_STREAM
Type of a socket. Three types are available:
SOCK_STREAM (TCP socket), SOCK_DGRAM
(UDP socket or socket supporting link layer access),
and SOCK_RAW (RAW IP socket).
Task
Task ID
socketid
Socket ID
Proto
Protocol number used by the socket
sndbuf
Sending buffer size of the socket
rcvbuf
Receiving buffer size of the socket
sb_cc
Current data size in the sending buffer. The value
makes sense only for the socket of TCP type,
because only TCP is able to cache data.
rb_cc
Current data size in the receiving buffer
2-5
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Field
Description
socket option
Option of a socket
socket state
State of a socket
2.1.4 display ip statistics
Syntax
display ip statistics
View
Any view
Parameter
None
Description
Use the display ip statistics command to view the statistics about IP packets.
Related command: display ip interface and reset ip statistics.
Example
# View the statistics about IP packets.
<3Com> display ip statistics
Input:
sum
7120
local
112
bad protocol
0
bad format
0
bad checksum
0
bad options
0
Output: forwarding
dropped
0
local
0
no route
27
2
compress fails 0
Fragment:input
0
dropped
0
fragmented
0
Reassembling:sum
output
0
couldn't fragment 0
0
timeouts
0
Table 2-5 Description on the fields of the display ip statistics command
Field
Input:
Description
sum
Sum of input packets
Local
Number of received packets whose
destination address is the local device
bad protocol
Number of packets with wrong protocol
2-6
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Field
Description
number
Output:
Fragment:
Reassembling:
bad format
Number of packets in bad format
bad checksum
Number of packets with bad checksum
bad options
Number of packets with wrong options
forwarding
Number of forwarded packets
local
Number of packets sent by the local
device
dropped
Number of
transmission
no route
Number of packets that cannot be routed
compress fails
Number of packets
compressed
input
Number of input fragments
output
Number of output fragments
dropped
Number of dropped fragments
fragmented
Number of packets that are fragmented
couldn't fragment
Number of
fragmented
sum
Number of reassembled packets
timeouts
Number of timeout fragment packets
dropped
packets
packets
that
that
during
cannot
cannot
be
be
2.1.5 display tcp statistics
Syntax
display tcp statistics
View
Any view
Parameter
None
Description
Use the display tcp statistics command to view the statistics about TCP packets.
Related command: display tcp status and reset tcp statistics.
2-7
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Example
# View the statistics about TCP packets.
<3Com> display tcp statistics
Received packets:
Total: 753
packets in sequence: 412 (11032 bytes)
window probe packets: 0, window update packets: 0
checksum error: 0, offset error: 0, short error: 0
duplicate packets: 4 (88 bytes), partially duplicate packets: 5 (7 bytes)
out-of-order packets: 0 (0 bytes)
packets of data after window: 0 (0 bytes)
packets received after close: 0
ACK packets: 481 (8776 bytes)
duplicate ACK packets: 7, too much ACK packets: 0
Sent packets:
Total: 665
urgent packets: 0
control packets: 5 (including 1 RST)
window probe packets: 0, window update packets: 2
data packets: 618 (8770 bytes) data packets retransmitted: 0 (0 bytes)
ACK-only packets: 40 (28 delayed)
Retransmitted timeout: 0, connections dropped in retransmitted timeout: 0
Keepalive timeout: 0, keepalive probe: 0, Keepalive timeout, so connections
disconnected : 0
Initiated connections: 0, accepted connections: 0, established connections:
0
Closed connections: 0 (dropped: 0, initiated dropped: 0)
Packets dropped with MD5 authentication: 0
Packets permitted with MD5 authentication: 0
Table 2-6 Description on the fields of the display tcp statistics command
Field
Received packets
Description
Total
Total number of received packets
packets in sequence
Number of packets in sequence
window probe packets/
window
update
packets
Number
of
window
probe
packets/number of window update
packets
2-8
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Field
Sent packets
Description
checksum error/ offset
error/ short error
Number of checksum errors/number
of offset errors/number of short
errors
duplicate
partially
packets
Number of duplicate packets/number
of partially duplicate packets
packets/
duplicate
out-of-order packets
Number of out-of-order packets
packets of data after
window
Number of packets out of window
packets received after
close
Number of received packets after
close
ACK packets
Number of ACK packets
duplicate ACK packets/
too much ACK packets
Number
of
duplicate
ACK
packets/number of ACK packets for
data not sent.
Total
Total number of sent packets
urgent packets
Number of urgent packets
control
packets
(including 1 RST)
Number of control packets, including
one retransmitted packet
window probe packets/
window
update
packets
Number
of
window
probe
packets/number of window update
packets
data packets/ data
packets retransmitted
Number of data packets/number of
retransmitted packets
ACK-only packets
Number of ACK packets (28 delay
ACK packets)
Retransmitted
timeout/
connections
dropped in retransmitted timeout
Times of retransmission timer
timeout/number
of
dropped
connections because retransmission
times exceed the limit
Keepalive timeout/
Keepalive
timeout,
disconnected
Times
of
keepalive
timer
timeout/number
of
transmitted
keepalive probe packets/number of
dropped
connections
due
to
keepalive probe failure
keepalive probe/
so
connections
Initiated
connections/
accepted
connections/ established connections
Number
of
initiated
connections/number of accepted
connections/number of established
connections
Closed connections (dropped:\ initiated
dropped: )
Number of closed
(number
of
connections\number
connection attempts)
2-9
connections
dropped
of
failed
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Field
Description
Packets dropped with MD5 authentication
Number of dropped packets with
MD5 authentication
Packets permitted with MD5 authentication
Number of permitted packets with
MD5 authentication
2.1.6 display tcp status
Syntax
display tcp status
View
Any view
Parameter
None
Description
Use the display tcp status command to view the state of all the TCP connections so
that you can monitor TCP connections in real time.
Example
# View the state of all the TCP connections.
<3Com> display tcp status
TCPCB
Local Add:port
Foreign Add:port
State
03e37dc4
0.0.0.0:4001
0.0.0.0:0
Listening
04217174
100.0.0.204:23
100.0.0.253:65508
Established
Table 2-7 Description on the fields of the display tcp status command
Field
Description
TCPCB
Address of the TCP control block
Local Add:port
Local IP address; port number
Foreign Add:port
Remote IP address; port number
State
TCP connection state
2-10
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
2.1.7 display udp statistics
Syntax
display udp statistics
View
Any view
Parameter
None
Description
Use the display udp statistics command to view the statistics about UDP packets.
Related command: reset udp statistics.
Example
# View the statistics about UDP packets.
<3Com>display udp statistics
Received packets:
Total: 26320
checksum error: 0
shorter than header: 0, data length larger than packet: 0
no socket on port: 0
total broadcast or multicast packets : 25006
no socket broadcast or multicast packets: 24989
not delivered, input socket full: 0
input packets missing pcb cache: 1314
Sent packets:
Total: 7187
Table 2-8 Description on the fields of the display udp statistics command
Field
Received Total
packets:
checksum error
shorter than header,
Description
Total number of received UDP packets
Number of packets with checksum errors
Number of packets whose lengths are shorter
than their headers
data length larger than Number of packets whose lengths are larger
packet
than the packets
no socket on port
Number of packets dropped because the
socket corresponding to the port number is not
found
2-11
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Field
Description
total
broadcast
multicast packets
or Total number of transmitted broadcast or
multicast packets
no socket broadcast or Total number of transmitted broadcast or
multicast packets
multicast packets whose sockets are not found
not
delivered,
socket full
input packets
pcb cache
Sent
packet:
input Number of not delivered packets because the
socket cache is full
missing
Total
Number of packets missing pcb cache
Total number of transmitted UDP packets
2.1.8 ip
Syntax
ip { ttl-expires | unreachables }
undo ip { ttl-expires | unreachables }
View
System view
Parameter
ttl-expires: Configure whether to send TTL timeout packets to CPU.
unreachables: Configure whether to send unreachable packets to CPU.
Description
Use the ip { ttl-expires | unreachables } command to configure to send TTL timeout
packets and unreachable packets to CPU.
Use the undo ip { ttl-expires | unreachables } command to cancel the configuration.
By default, unreachable packets are not sent to the CPU, while TTL timeout packets
are sent to the CPU.
Example
# Configure to send unreachable packets to CPU.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ip unreachables
2-12
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
2.1.9 ip forward-broadcast
Syntax
ip forward-broadcast
undo ip forward-broadcast
View
System view
Parameter
None
Description
Use the ip forward-broadcast command to forward layer 3 broadcast packets.
Use the undo ip forward-broadcast command to forbid forwarding layer 3 broadcast
packets.
By default, the switch does not forward layer 3 broadcast packets
Example
# Configure to forward layer 3 broadcast packets.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ip forward-broadcast
2.1.10 reset ip statistics
Syntax
reset ip statistics
View
User view
Parameter
None
Description
Use the reset ip statistics command to clear the statistics information about IP
packets.
Related command: display ip interface and display ip statistics.
2-13
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Example
# Clear the statistics information about IP packets.
<3Com> reset ip statistics
2.1.11 reset tcp statistics
Syntax
reset tcp statistics
View
User view
Parameter
None
Description
Use the reset tcp statistics command to clear the statistics information about TCP
packets.
Related command: display tcp statistics.
Example
# Clear the statistics information about TCP packets.
<3Com> reset tcp statistics
2.1.12 reset udp statistics
Syntax
reset udp statistics
View
User view
Parameter
None
Description
Use the reset udp statistics command to clear the statistics information about UDP
packets.
Example
# Clear the statistics information about UDP packets.
2-14
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
<3Com> reset udp statistics
2.1.13 tcp timer fin-timeout
Syntax
tcp timer fin-timeout time-value
undo tcp timer fin-timeout
View
System view
Parameter
time-value: TCP finwait timer value, in seconds, with the value ranging from 76 to
3600.
Description
Use the tcp timer fin-timeout command to configure the TCP finwait timer.
Use the undo tcp timer fin-timeout command to restore the default value of the TCP
finwait timer.
The default value is 675 seconds.
When the TCP connection state changes from FIN_WAIT_1 to FIN_WAIT_2, the
finwait timer is enabled. If the switch does not receive FIN packets before finwait timer
time outs, the TCP connection will be terminated.
Related command: tcp timer syn-timeout and tcp window.
Example
# Configure the default value of the TCP finwait timer to 800 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] tcp timer fin-timeout 800
2.1.14 tcp timer syn-timeout
Syntax
tcp timer syn-timeout time-value
undo tcp timer syn-timeout
View
System view
2-15
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Parameter
time-value: TCP synwait timer value, in seconds, with the value ranging from 2 to 600.
Description
Use the tcp timer syn-timeout command to configure the TCP synwait timer.
Use the undo tcp timer syn-timeout command to restore the default value of the
TCP synwait timer.
The default value is 75 seconds.
When sending the SYN packet, TCP starts the synwait timer. If the response packet is
not received before synwait times out, the TCP connection will be terminated.
Related command: tcp timer fin-timeout and tcp window.
Example
# Configure the default value of the TCP synwait timer to 80 seconds.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] tcp timer syn-timeout 80
2.1.15 tcp window
Syntax
tcp window window-size
undo tcp window
View
System view
Parameter
window-size: The size of the transmission and receiving buffers measured in kilobytes
(KB), whose value ranges from 1 to 32.
Description
Use the tcp window command to configure the size of the transmission and receiving
buffers of the connection-oriented socket.
Use the undo tcp window command to restore the default size of the transmission
and receiving buffers of the connection-oriented socket.
By
default,
the
size
of
the
transmission
and
receiving
buffers
connection-oriented socket is 8 KB.
Related command: tcp timer fin-timeout and tcp timer syn-timeout.
2-16
of
the
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 2 IP Performance Configuration
Commands
Example
# Configure the size of the transmission and receiving buffers to 3KB.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] tcp window 3
2-17
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Chapter 3 IPX Configuration Commands
3.1 IPX Configuration Commands
3.1.1 display ipx interface
Syntax
display ipx interface [Vlan-interface vlan-id ]
View
Any view
Parameter
vlan-id: Specifies a VLAN interface by specifying its VLAN ID.
Description
Use the display ipx interface command to view the IPX information of the specified
VLAN interface.
If no vlan-id is specified, the IPX information of all the IPX-enabled VLAN interfaces
will be displayed.
Example
# View the IPX information of VLAN interface 1.
<3Com> display ipx interface Vlan-interface 1
Vlan-interface1 is down
IPX address is 1.0020-9c68-448e [down]
SAP is enabled
Split horizon is enabled
Update change only is disabled
Forwarding of IPX type 20 propagation packet is disabled
Delay of this IPX interface, in ticks is 1
SAP GNS response is enabled
RIP packet maximum size is 432 bytes
SAP packet maximum size is 480 bytes
IPX encapsulation is Netware 802.3
0 received, 0 sent
0 bytes received, 0 bytes sent
0 RIP received, 0 RIP sent, 0 RIP discarded
0 RIP specific requests received, 0 RIP specific responses sent
3-1
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
0 RIP general requests received, 0 RIP general responses sent
0 SAP received, 0 SAP sent, 0 SAP discarded
0 SAP requests received, 0 SAP responses sent
Table 3-1 Description on the fields of the display ipx interface command
Field
Description
Vlan-interface1 is down
State of the current VLAN interface
IPX address
IPX network number and node address of the
current VLAN interface
[down]
State of the IPX protocol
SAP
Indicates whether SAP is enabled on the
current VLAN interface
Split horizon
Indicates whether split horizon is enabled on
the current VLAN interface
Update change only
Indicates whether triggered update is enabled
on the current VLAN interface
Forwarding of IPX
propagation packet
type
20
Indicates whether the IPX packets whose
broadcast type is 20 are forwarded through
the current VLAN interface
Delay of this IPX interface
Delay of the current VLAN interface
SAP GNS response
Indicates whether SAP GNS reply is enabled
on the current VLAN interface
RIP packet maximum size
Maximum length of the RIP update packets
that the current VLAN interface can send
SAP packet maximum size
Maximum length of the SAP update packets
that the current VLAN interface can send
IPX encapsulation
IPX encapsulation format of the current VLAN
interface
0 received, 0 sent
0 bytes received, 0 bytes sent
0 RIP received, 0 RIP sent, 0
RIP discarded
0 RIP specific requests
received, 0 RIP specific responses
sent
0 RIP general requests
received, 0 RIP general responses
sent
0 SAP received, 0 SAP sent, 0
SAP discarded
0 SAP requests received, 0
SAP responses sent
3-2
The number of IPX packets and bytes sent
and received by the current VLAN interface;
the number of received, sent, and dropped
IPX RIP packets; the number of received
special request packets and response
packets; the number of received general
request packets and response packets; the
number of received, transmitted, and dropped
IPX SAP packets; the number of received IPX
SAP packets and response packets
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
3.1.2 display ipx routing-table
Syntax
display ipx routing-table [ network [ verbose ] | protocol { default | direct | rip |
static } [ inactive | verbose ] | statistics | verbose ]
View
Any view
Parameter
network: Displays IPX routing information by specifying a destination network number,
which comprises eight hexadecimal numbers and is in the range of 1 to 0xFFFFFFFE.
protocol: Displays the IPX routing information of the specified route type.
default: Displays the information of all the default routes.
direct: Displays information of all the direct routes.
rip: Displays all the IPX RIP routing information.
static: Displays all the IPX static routing information.
inactive: Displays the information of the inactive routes.
verbose: Displays the detailed IPX routing information, including the active and
inactive routes.
statistics: Displays the IPX routing statistics.
Description
Use the display ipx routing-table command to view the IPX routing information.
If no parameters are specified, the information of all the active IPX routes will be
displayed.
Example
# View the information of the active IPX routes.
<3Com> display ipx routing-table
Routing tables:
Summary count: 2
Dest_Ntwk_ID Proto Pre Ticks Hops Nexthop
Interface
0x1
Direct 0
1
0
0.0000-0000-0000 Vlan-interface1
0x2
Static 60 1
1
1.000e-0001-0000 Vlan-interface1
3-3
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Table 3-2 Description on the fields of the display ipx routing-table command
Field
Description
Dest_Ntwk_ID
Destination network number of the route
Proto
Protocol type of the route
Pre
Route preference
Ticks
Tick count of the route
Hops
Hop count of the route
Nexthop
Next hop of the route
Interface
Outgoing interface of the route
# Display the detailed IPX routing information, including the active and inactive routes.
<3Com> display ipx routing-table verbose
Routing tables:
Destinations: 2
Routes: 3
Destination Network ID: 0x1
Protocol: Direct
Preference: 0
Ticks: 1
Hops: 0
Nexthop: 0.0000-0000-0000
Time: 0
Interface: 1.0020-9c68-448e(Vlan-interface1)
State:
Protocol: Static
Preference: -60
Ticks: 1
Hops: 1
Nexthop: 2.000e-0001-0000
Time: 0
Interface: 2.0020-9c68-448f(Vlan-interface2)
State:
Destination Network ID: 0x2
Protocol: Static
Preference: 60
Ticks: 1
Hops: 1
Nexthop: 1.000e-0001-0000
Time: 0
Interface: 1.0020-9c68-448e(Vlan-interface1)
State:
Table 3-3 Description on the fields of the display ipx routing-table verbose command
Field
Time
Description
Route aging time; it is 0 for the direct and static routes, meaning
they never time out.
3-4
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Field
Description
The state of the route. It can be active, inactive, or delete. Active
indicates that this route is an active route. Inactive indicates that
this route is an inactive route. Delete indicate that this route has
been deleted, but it is not released.
State
# View the IPX routing statistics.
<3Com> display ipx routing-table statistics
Routing tables:
Proto/State
route
active
added
deleted
freed
Direct
1
1
2
1
1
Static
2
1
2
0
0
RIP
0
0
0
0
0
Default
0
0
0
0
0
Total
3
2
4
1
1
Table 3-4 Description on the fields of the display ipx routing-table statistics command
Field
Description
Proto/State
Routing protocol
Route
Number of routes, including active and inactive routes
Active
Number of active routes
Added
Number of added routes
Deleted
Number of deleted, but not released routes
Freed
Number of released routes
3.1.3 display ipx service-table
Syntax
display ipx service-table [ inactive | name name | network network | order
{ network | type } | type service-type ] [ verbose ]
View
Any view
Parameter
inactive: Displays the information of the inactive services.
name name: Displays the name information of the specified server. It is a string of 1 to
47 characters.
3-5
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
network network: Displays the network number information of the specified server.
The network number comprises eight hexadecimal numbers and is in the range of 0x1
to 0xFFFFFFFF. The leading 0s can be omitted when you input a network number.
order { network | type }: Displays the service information by network number or by
service type.
type service-type: Displays the service information with a specified service type. It
comprises four hexadecimal numbers, ranging from 0 to FFFF. 0 indicates all the
service types.
verbose: Displays the detailed service information.
Description
Use the display ipx service-table command to view the contents of the IPX service
information table.
Example
# View the contents of the IPX service information table.
[3Com] display ipx service-table
Abbreviation: S - Static, Pref - Preference(Decimal), NetId - Network number,
NodeId - Node address, hop - Hops(Decimal), Recv-If - Interface from which the
service is received
Number of Static Entries: 2
Number of Dynamic Entries: 0
Name
Type
NetId
S Prn1
0005
000d
S Prn2
0005
0008
# View the details about the IPX service information table.
[3Com] display ipx service-table verbose
Abbreviation: S - Static, Pref - Preference(Decimal), NetId - Network number,
NodeId - Node address, hop - Hops(Decimal), Recv-If - Interface from which the
service is received
Number of Static Entries: 2
Number of Dynamic Entries: 0
Name
Type
NetId NodeId
Sock Pref Hops
S Prn1
0005
000d
000a-000a-000a
0452 500
02
Vlan-interface1
S Prn2
0005
0008
000a-000a-000a
0452 500
03
Vlan-interface1
3-6
Recv-If
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Table 3-5 Description on the fields of the display ipx service-table command
Field
Description
Name
Server name
Type
Service type
NetId
Network number
NodeId
Node number
Sock
Socket
Pref
Preference
Hops
Hop count
Recv-If
Name of the interface receiving services
3.1.4 display ipx statistics
Syntax
display ipx statistics
View
Any view
Parameter
None
Description
Use the display ipx statistics command to view the IPX statistics.
Example
# View the IPX packet statistics.
<3Com> display ipx statistics
Received: 0 total, 0 packets pitched
0 packets size errors, 0 format errors
0 bad hops(>16), 0 discarded(hops=16)
0 other errors, 0 local destination
0 can not be dealt with
Sent:
0 forwarded, 0 generated
0 no route, 0 discarded
RIP:
0 sent, 0 received
0 responses sent, 0 responses received
0 requests received, 0 requests dealt
3-7
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
0 requests sent, 0 periodic updates
SAP:
0 general requests received
0 specific requests received
0 GNS requests received
0 general responses sent
0 specific responses sent
0 GNS responses sent
0 periodic updates, 0 errors
PING:
0 requests sent, 0 requests received
0 responses sent, 0 responses received
0 responses in time, 0 responses time out
Table 3-6 Description on the fields of the display ipx statistics command
Field
Description
Received: 0 total, 0 packets pitched
0 packets size errors, 0 format
errors
0
bad
discarded(hops=16)
0
other
hops(>16),
errors,
0
0
local
destination
0 can not be dealed
Sent:
0 forwarded, 0 generated
0 no route, 0 discarded
RIP:
0 sent, 0 received
0 responses sent, 0 responses
received
0 requests received, 0 requests
dealt
0 requests sent, 0 periodic
updates
3-8
Statistics of received packets: the
total number of received packets, the
number of filled packets, the number
of packets with incorrect length, the
number of incorrectly encapsulated
packets, the number of packets
whose hop count exceeds 16, the
number of packets whose hop count
is equal to 16, the number of other
incorrect packets, the number of
packets whose destination is the
local switch, and the number of
packets that cannot be handled
Statistics of transmitted packets: the
number of forwarded packets, the
number of packets transmitted from
the local switch, the number of
packets that fail to find routes, and
the number of dropped packets
Statistics of IPX RIP packets: the
total number of received, transmitted
IPX RIP packets, the number of
transmitted/received
response
packets,
the
number
of
received/transmitted/handled
packets, and the number of the
periodic update packets
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Field
SAP:
Description
0 general requests received
Statistics of SAP packets: the
number of received general request
packets, the number of special
request packets, the number of latest
request packets, the number of
transmitted periodic update packets,
and the number of received error
packets
0 specific requests received
0 GNS requests received
0 general responses sent
0 specific responses sent
0 GNS responses sent
0 periodic updates, 0 errors
PING:
received
0 requests sent, 0 requests
0 responses sent, 0 responses
received
0 responses
responses time out
in
time,
0
Statistics of Ping packets: the
number
of
transmitted/received
request packets, the number of
transmitted/received
response
packets, the number of prompt
response packets, and the number of
timeout response packets
3.1.5 ipx enable
Syntax
ipx enable
undo ipx enable
View
System view
Parameter
None
Description
Use the ipx enable command to enable IPX.
Use the undo ipx enable command to disabled IPX and delete all the IPX
configurations.
Note that after the undo ipx enable command is executed, the IPX configurations
cannot be recovered with the ipx enable command.
Example
# Enable IPX.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]ipx enable
3-9
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
3.1.6 ipx encapsulation
Syntax
ipx encapsulation [ dot2 | dot3 | ethernet-2 | snap ]
undo ipx encapsulation
View
VLAN interface view
Parameter
dot2: Sets the encapsulation format to Ethernet_802.2.
dot3: Sets the encapsulation format to Ethernet_802.3.
ethernet-2: Sets the encapsulation format to Ethernet_II.
snap: Sets the encapsulation format to Ethernet_SNAP.
Description
Use the ipx encapsulation command to configure an IPX frame encapsulation format
on the current VLAN interface.
Use the undo ipx encapsulation command to restore the encapsulation format to the
default format.
By default, the IPX frame encapsulation format is Ethernet_802.3 (dot3).
Example
# Set the IPX frame encapsulation format to Ethernet_II on VLAN interface 2.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2] ipx encapsulation ethernet-2
3.1.7 ipx netbios-propagation
Syntax
ipx netbios-propagation
undo ipx netbios-propagation
View
VLAN interface view
Parameter
None
3-10
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Description
Use the ipx netbios-propagation command to enable the current VLAN interface to
forward type 20 broadcast packets.
Use the undo ipx netbios-propagation command to disable the current VLAN
interface from forwarding type 20 broadcast packets.
By default, type 20 broadcast packets are not forwarded.
Example
# Allow the current interface to forward type 20 broadcast packets.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2] ipx netbios-propagation
3.1.8 ipx network
Syntax
ipx network network
undo ipx network
View
VLAN interface view
Parameter
network: Hexadecimal IPX network number in the range 0x1 to 0xFFFFFFFD. The
leading 0s can be omitted when you input a network number.
Description
Use the ipx network command to assign an IPX network number to the VLAN
interface.
Use the undo ipx network command to delete the IPX network number of the VLAN
interface.
By default, no network number is assigned to VLAN interfaces; therefore, IPX is
disabled on all the VLAN interfaces even after it is enabled globally.
Example
# Assign the network number 675 to VLAN interface 2.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
3-11
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
[3Com-Vlan-interface2]ipx network 675
3.1.9 ipx rip import-route static
Syntax
ipx rip import-route static
undo ipx rip import-route static
View
System view
Parameter
None
Description
Use the ipx rip import-route static command to enable RIP to import static routes.
The imported routes are included in the update packets of RIP.
Use the undo ipx rip import-route static command to disable RIP from importing
static routes.
By default, IPX RIP does not import static routes.
Note that IPX RIP imports only active static routes; inactive static routes are neither
imported nor forwarded.
Example
# Import static routes into IPX RIP.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ipx rip import-route static
3.1.10 ipx rip mtu
Syntax
ipx rip mtu bytes
undo ipx rip mtu
View
VLAN interface view
Parameter
bytes: The maximum size of IPX RIP update packets, in bytes. It is in the range of 432
to 1500.
3-12
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Description
Use the ipx rip mtu command to configure the IPX RIP update packet size.
Use the undo ipx rip mtu command to restore the default size.
By default, the default size of IPX RIP update packets is 432 bytes.
Example
# Set the maximum RIP update packet size to 500 bytes on VLAN interface 2.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2]ipx rip mtu 500
3.1.11 ipx rip multiplier
Syntax
ipx rip multiplier multiplier
undo ipx rip multiplier
View
System view
Parameter
multiplier: A multiplier of the update interval, decides the aging period of the RIP
routing entries together with the update interval. It is in the range 1 to 1000. Multiplying
the update interval by the multiplier, you can get the actual aging period.
Description
Use the ipx rip multiplier command to configure the aging period of the IPX RIP
routing entries.
Use the undo ipx rip multiplier command to restore the default value. The aging
period of IPX RIP is a multiple of the IPX RIP update interval. You can set multiple
update intervals as an aging period.
By default, the aging period of the IPX RIP routing entries is three times the RIP
updating interval.
Related command: ipx rip timer update
Example
# Set the RIP aging period of the routing entries to five times the update interval.
<3Com>system-view
System View: return to User View with Ctrl+Z.
3-13
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
[3Com] ipx rip multiplier 5
3.1.12 ipx rip timer update
Syntax
ipx rip timer update seconds
undo ipx rip timer update
View
System view
Parameter
seconds: RIP update interval, in seconds. It is in the range of 10 to 60,000.
Description
Use the ipx rip timer update command to configure a RIP update interval.
Use the undo ipx rip timer update command to restore the default value.
By default, the update interval of IPX RIP is 60 seconds.
Related command: ipx rip multiplier
Example
# Set the RIP update interval to 30 seconds.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ipx rip timer update 30
3.1.13 ipx route load-balance-path
Syntax
ipx route load-balance-path paths
undo ipx route load-balance-path
View
System view
Parameter
paths: The maximum number of equivalent routes to the same destination. It is in the
range of 1 to 64.
3-14
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Description
Use the ipx route load-balance-path command to configure the maximum number of
equivalent routes to the same destination.
Use the undo ipx route load-balance-path command to restore the default value.
By default, the maximum number of equivalent routes to the same destination is 1.
The maximum number of equivalent routes is the maximum number of active
equivalent routes to the same destination in the current system. If the new number is
less than the number of the current active routes, the system deactivates those
excessive routes.
Example
# Set the maximum number of equivalent routes to the same destination to 30.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]ipx route load-balance-path 30
3.1.14 ipx route max-reserve-path
Syntax
ipx route max-reserve-path paths
undo ipx route max-reserve-path
View
System view
Parameter
paths: The maximum number of dynamic routes saved in the device to the same
destination. It is in the range of 1 to 255.
Description
Use the ipx route max-reserve-path command to configure the maximum number of
dynamic routes saved in the device to the same destination.
Use the undo ipx route max-reserve-path command to restore the default value.
By default, the maximum number of dynamic routes to the same destination is 4.
When the number of dynamic routes saved in the device to the same destination
exceeds the specified maximum value, the new dynamic routes are dropped directly
without being added into the routing table. When the configured new value is less than
the old one, the switch, however, does not delete the excessive route entries. These
route entries either time out or are manually deleted.
3-15
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Example
# Set the maximum number of dynamic routes saved in the device to the same
destination to 200.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ipx route max-reserve-path 200
3.1.15 ipx route-static
Syntax
ipx route-static network network.node [ preference value ] [ tick ticks hop hops ]
undo ipx route-static { network [ network.node ] | all }
View
System view
Parameter
network: Destination network number of an IPX static route. It comprises eight
hexadecimal numbers and is in the range of 1 to 0xFFFFFFFE. IPX static routes
whose destination network number is 0xFFFFFFFE are default routes.
network.node: Next hop address of the IPX static route. network defines the network
number; node defines the node address using 12 hexadecimal numbers that are
separated into three parts using “-“, each part in the range of 1 to 0xFFFF.
preference value: Static route preference in the range of 1 to 255. A smaller value
indicates a higher preference. By default, the preference values of the static routes,
direct routes, and dynamic RIP IPX routes are 60 (user-configurable), 0, and 100.
ticks ticks: Time that a packet must take to reach the destination network, with 1 tick =
1/18 seconds. The value ranges from 1 to 65534. The default value is 1.When the tick
value of a VLAN interface is modified, the tick value of the static route also changes.
You must configure both the tick value and the hop count.
hop hops: Number of the switches on the way to the destination network. It is in the
range 1 to 15 and defaults to 1. You must configure both the hop count and tick value.
all: All the IPX static routes.
Description
Use the ipx route-static command to configure a static IPX route.
Use the undo ipx route-static command to delete the static IPX route.
The IPX static routes whose destination network number is 0xFFFFFFFE are default
routes.
3-16
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Example
# Configure an IPX static route, with the destination network number being 0x5a, next
hop being 675.0-0c91-f61f, tick value being 10 and hop count being 2.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ipx route-static 5a 675.0-0c91-f61f tick 10 hop 2
3.1.16 ipx sap disable
Syntax
ipx sap disable
undo ipx sap disable
View
VLAN interface view
Parameter
None
Description
Use the ipx sap disable command to disable SAP on the current VLAN interface.
Use the undo ipx sap disable command to enable SAP on the current VLAN
interface.
By default, SAP is enabled as soon as IPX is enabled on the VLAN interface.
Example
# Disable SAP on VLAN interface 1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2] ipx sap disable
3.1.17 ipx sap gns-disable-reply
Syntax
ipx sap gns-disable-reply
undo ipx sap gns-disable-reply
View
VLAN interface view
3-17
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Parameter
None
Description
Use the ipx sap gns-disable-reply command to disable IPX GNS reply on the current
VLAN interface.
Use the undo ipx sap gns-disable-reply command to enable IPX GNS reply on the
current VLAN interface.
By default, GNS reply is enabled on the current VLAN interface.
Example
# Disable GNS reply on VLAN interface 2.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2] ipx sap gns-disable-reply
3.1.18 ipx sap gns-load-balance
Syntax
ipx sap gns-load-balance
undo ipx sap gns-load-balance
View
System view
Parameter
None
Description
Use the ipx sap gns-load-balance command to configure the switch to respond to
GNS requests through Round-Robin polling.
Use the undo ipx sap gns-load-balance command to configure the switch to respond
to GNS requests with information of the nearest server.
By default, the switch responds to SAP GNS requests with the information of a server
that is picked out in turn from all the known servers. This prevents a server from
getting overloaded.
Related command: ipx sap gns-disable-reply
3-18
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Example
# Respond to GNS requests with the information of the nearest server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] undo ipx sap gns-load-balance
3.1.19 ipx sap max-reserve-servers
Syntax
ipx sap max-reserve-servers length
undo ipx sap max-reserve-servers
View
System view
Parameter
length: The maximum length of the service information reserve queue for one service
type. It is in the range of 1 to 2048.
Description
Use the ipx sap max-reserve-servers command to configure the maximum length of
the service information reserve queue for one service type.
Use the undo ipx sap max-reserve-servers command to restore the default value.
By default, the maximum length of the service information reserve queue for one
service type is 2,048.
Example
# Set the maximum length of the service information reserve queue for one service
type to 1024.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ipx sap max-reserve-servers 1024
3.1.20 ipx sap mtu
Syntax
ipx sap mtu bytes
undo ipx sap mtu
3-19
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
View
VLAN interface view
Parameter
bytes: The maximum SAP packet size, in bytes. It is in the range of 480 to 1500.
Description
Use the ipx sap mtu command to configure the maximum size of SAP update
packets.
Use the undo ipx sap mtu command to restore the default value.
By default, the default size of SAP update packets is 480 bytes.
Example
# Set the maximum size of SAP update packets to 674 bytes, allowing 10 service
entries on VLAN interface 2.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2] ipx sap mtu 674
3.1.21 ipx sap multiplier
Syntax
ipx sap multiplier multiplier
undo ipx sap multiplier
View
System view
Parameter
multiplier: A multiplier of the update interval, decides the aging period of the SAP
routing entries together with the update interval. It is in the range of 1 to 1000.
Multiplying the update interval by the multiplier, you can get the actual aging period.
Description
Use the ipx sap multiplier command to configure the aging period of the SAP routing
entries.
Use the undo ipx sap multiplier command to restore the default value.
By default, the aging period of the SAP service information entries is 3.
Related command: ipx sap timer update
3-20
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Example
# Set the aging period of the SAP service entries to five times the update interval.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ipx sap multiplier 5
3.1.22 ipx sap timer update
Syntax
ipx sap timer update seconds
undo ipx sap timer update
View
System view
Parameter
seconds: SAP update interval. It is in the range of 10 to 60,000.
Description
Use the ipx sap timer update command to configure a SAP update interval.
Use the undo ipx sap timer update command to restore the default value.
By default, the SAP update interval is 60 seconds.
Note that this command is invalid if the triggered updates feature is applied on the
VLAN interface.
Related command: ipx sap multiplier and ipx update-change-only.
Example
# Set the SAP update interval to 300 seconds.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ipx sap timer update 300
3.1.23 ipx service
Syntax
ipx service service-type name network.node socket hop hops [ preference
preference ]
undo ipx service { service-type [ name [ network.node ] ] [ preference preference ] |
all }
3-21
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
View
System view
Parameter
service-type: A 4-byte hexadecimal number ranging from 0 to FFFF. 0 indicates all the
service types.
name: Specifies the server providing the specified service, a string of 1 to 47
characters.
network.node: Network number and node value of the server. The network number
comprises eight hexadecimal numbers and is in the range of 0x1 to 0xFFFFFFFD. A
node address identifies a node in the network; it is 48 bits long and comprises 12
hexadecimal numbers that are separated into three parts by ”-”. The leading 0s can be
omitted when you input a network number.
socket: Comprises four hexadecimal numbers and is in the range 0x1 to 0xFFFF.
hop hops: Number of hops to the server, written in decimal and in the range of 1 to 15.
The hop count equal to or exceeding 16 indicates that the service is unreachable.
preference: Service preference value. The value ranges from 1 to 255. A smaller
number indicates a higher preference. By default, the preference value of the static
service entries is 60 (configurable); the preference value of the dynamic service
entries is fixed to 500.
all: Deletes all the static service entries.
Description
Use the ipx service command to add a static service entry to the service information
table.
Use the undo ipx service command to delete a static service entry from the service
information table.
By default, no static service entry is found in the service information table.
Example
# Add a static service entry, setting service type to 4, server name to FileServer, server
network number to 130, node number to 0000-0a0b-abcd, hop count to 1 and server
preference to 60.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ipx service 4 FileServer 130.0000-0a0b-abcd 451 hop 1 preference 60
3-22
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
3.1.24 ipx split-horizon
Syntax
ipx split-horizon
undo ipx split-horizon
View
VLAN interface view
Parameter
None
Description
Use the ipx split-horizon command to enable split horizon on the current VLAN
interface.
Use the undo ipx split-horizon command to disable split horizon on the current VLAN
interface.
By default, split horizon is enabled.
Example
# Enable split horizon on VLAN interface 2.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2] ipx split-horizon
3.1.25 ipx tick
Syntax
ipx tick ticks
undo ipx tick
View
VLAN interface view
Parameter
ticks: Delay, in ticks; ranging from 0 to 30000. One tick is equal to 1/18 seconds.
Description
Use the ipx tick command to configure an IPX packet forwarding delay on a VLAN
interface.
3-23
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
Use the undo ipx tick command to restore the default value.
By default, the forwarding delay on the VLAN interface is one tick.
Example
# Configure VLAN interface 2 to experience a delay of five ticks before forwarding IPX
packets.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2] ipx tick 5
3.1.26 ipx update-change-only
Syntax
ipx update-change-only
undo ipx update-change-only
View
VLAN interface view
Parameter
None
Description
Use the ipx update-change-only command to enable triggered update on the current
VLAN interface.
Use the undo ipx update-change-only command to disable triggered update on the
current VLAN interface.
By default, triggered update of IPX is disabled.
Example
# Enable triggered update of IPX on VLAN interface 2.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2] ipx update-change-only
3.1.27 reset ipx routing-table statistics protocol
Syntax
reset ipx routing-table statistics protocol { all | default | direct | rip | static }
3-24
3Com Switch 7750 Series
Command Reference Guide — IP / IPX
Chapter 3 IPX Configuration Commands
View
User view
Parameter
all: Clears the statistics of all the IPX routes.
default: Clears the statistics of the default IPX routes.
direct: Clears the statistics of the direct IPX routes.
rip: Clears the statistics of the IPX RIP routes.
static: Clears the statistics of the static IPX routes.
Description
Use the reset ipx routing-table statistics protocol command to clear the statistics
on the IPX routes of a specific route type.
Related command: display ipx routing-table statistics.
Example
# Clear the statistics of the IPX static routes.
<3Com> reset ipx routing-table statistics protocol static
3.1.28 reset ipx statistics
Syntax
reset ipx statistics
View
User view
Parameter
None
Description
Use the reset ipx statistics command to clear the IPX statistics.
Example
# Clear the IPX statistics.
<3Com> reset ipx statistics
3-25
3Com Switch 7750 Series
Command Reference Guide — GVRP Commands
Table of Contents
Table of Contents
Chapter 1 GVRP Configuration Commands ............................................................................... 1-1
1.1 GARP Configuration Commands....................................................................................... 1-1
1.1.1 display garp statistics .............................................................................................. 1-1
1.1.2 display garp timer .................................................................................................... 1-2
1.1.3 garp timer ................................................................................................................ 1-2
1.1.4 garp timer leaveall................................................................................................... 1-4
1.1.5 reset garp statistics ................................................................................................. 1-5
1.2 GVRP Configuration Commands....................................................................................... 1-6
1.2.1 display gvrp statistics .............................................................................................. 1-6
1.2.2 display gvrp status .................................................................................................. 1-7
1.2.3 gvrp ......................................................................................................................... 1-7
1.2.4 gvrp registration....................................................................................................... 1-8
i
3Com Switch 7750 Series
Command Reference Guide — GVRP Commands
Chapter 1 GVRP Configuration Commands
Chapter 1 GVRP Configuration Commands
1.1 GARP Configuration Commands
1.1.1 display garp statistics
Syntax
display garp statistics [ interface interface-list ]
View
Any view
Parameter
interface-list: List of Ethernet ports. You can specify multiple Ethernet ports by providing
this argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index lists for this argument.
Description
Use the display garp statistics command to display the GARP statistics of specified
ports or all ports.
This command displays the following information:
z
Number of the GMRP packets received
z
Number of the GVRP packets received
z
Number of the GMRP packets transmitted
z
Number of the GVRP packets transmitted
z
Number of the packets discarded
Example
# Display the GARP statistics of port Ethernet1/0/1.
<3Com> display garp statistics interface Ethernet1/0/1
GARP statistics on port Ethernet1/0/1
Number Of GMRP Frames Received
: 0
Number Of GVRP Frames Received
: 0
Number Of GMRP Frames Transmitted
: 0
Number Of GVRP Frames Transmitted
: 0
Number Of Frames Discarded
: 0
1-1
3Com Switch 7750 Series
Command Reference Guide — GVRP Commands
Chapter 1 GVRP Configuration Commands
1.1.2 display garp timer
Syntax
display garp timer [ interface interface-list ]
View
Any view
Parameter
interface-list: List of Ethernet ports. You can specify multiple Ethernet ports by providing
this argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index lists for this argument.
Description
Use the display garp timer command to display the settings of the GARP timers on
specified ports or all ports.
This command displays the settings of the following timers:
z
Join timer
z
Leave timer
z
LeaveAll timer
z
Hold timer
Related command: garp timer, garp timer leaveall.
Example
# Display the settings of the GARP timers on port Ethernet1/0/1.
<3Com> display garp timer interface Ethernet1/0/1
GARP timers on port Ethernet1/0/1
Garp Join Time
: 20 centiseconds
Garp Leave Time
: 60 centiseconds
Garp LeaveAll Time
: 1000 centiseconds
Garp Hold Time
: 10 centiseconds
1.1.3 garp timer
Syntax
garp timer { hold | join | leave } timer-value
undo garp timer { hold | join | leave }
1-2
3Com Switch 7750 Series
Command Reference Guide — GVRP Commands
Chapter 1 GVRP Configuration Commands
View
Ethernet port view
Parameter
hold: Sets the GARP Hold timer. When a GARP entity receives a piece of registration
information, it does not send out a Join message immediately. Instead, to save the
bandwidth resources, it starts the Hold timer, puts all registration information it receives
before the timer times out into one Join message and sends out the message after the
timer times out.
join: Sets the GARP Join timer. To transmit the Join messages reliably to other entities,
a GARP entity sends each Join message two times. The Join timer is used to define the
interval between the two sending operations of each Join message.
leave: Sets the GARP Leave timer. When a GARP entity expects to deregister a piece
of attribute information, it sends out a Leave message. Any GARP entity receiving this
message starts its Leave timer, and deregisters the attribute information if it does not
receives a Join message again before the timer times out.
timer-value: Timeout time (in centiseconds) of the GARP timer (Hold, Join or Leave) to
be set. This argument needs to be a multiple of 5. By default, it is 10, 20, and 60 for
Hold, Join and Leave timers respectively.
Description
Use the garp timer command to set a GARP timer (that is, the Hold timer, the Join timer,
or the Leaver timer) for an Ethernet port.
Use the undo garp timer command to restore the default setting of a GARP timer.
The timeout ranges of the timers vary depending on the timeout values you set for other
timers. If you want to set the timeout time of a timer to a value out of the current range,
you can set the timeout time of the associated timer to another value to change the
timeout range of this timer.
The following table describes the relations between the timers:
Table 1-1 Relations between the timers
Timer
Hold
Lower threshold
Upper threshold
This upper threshold is less than or
equal to one-half of the timeout time
of the Join timer. You can change the
threshold by changing the timeout
time of the Join timer.
10 centiseconds
1-3
3Com Switch 7750 Series
Command Reference Guide — GVRP Commands
Timer
Chapter 1 GVRP Configuration Commands
Lower threshold
Upper threshold
Join
This lower threshold is
greater than or equal to twice
the timeout time of the Hold
timer. You can change the
threshold by changing the
timeout time of the Hold
timer.
This upper threshold is less than
one-half of the timeout time of the
Leave timer. You can change the
threshold by changing the timeout
time of the Leave timer.
Leave
This lower threshold is
greater than twice the timeout
time of the Join timer. You
can change the threshold by
changing the timeout time of
the Join timer.
This upper threshold is less than the
timeout time of the LeaveAll timer.
You can change the threshold by
changing the timeout time of the
LeaveAll timer.
LeaveAll
This lower threshold is
greater than the timeout time
of the Leave timer. You can
change
threshold
by
changing the timeout time of
the Leave timer.
32,765 centiseconds
Related command: display garp timer.
Example
# Set the GARP Join timer to 20 centiseconds for port Ethernet1/0/1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] garp timer join 20
1.1.4 garp timer leaveall
Syntax
garp timer leaveall timer-value
undo garp timer leaveall
View
System view
Parameter
timer-value: Setting (in centiseconds) of the GARP LeaveAll timer. You need to set this
argument with the Leave timer settings of other Ethernet ports as references. That is,
this argument needs to be larger than the Leave timer settings of any Ethernet ports.
1-4
3Com Switch 7750 Series
Command Reference Guide — GVRP Commands
Chapter 1 GVRP Configuration Commands
Also note that this argument needs to be a multiple of 5 and cannot be larger than
32,765.
By default, the LeaveAll timer is set to 1,000 centiseconds (that is, 10 seconds).
Description
Use the garp timer leaveall command to set the GARP LeaveAll timer.
Use the undo garp timer leaveall command to restore the default setting of the GARP
LeaveAll timer.
Once a GARP entity starts up, it starts the LeaveAll timer, and sends out a LeaveALL
message after the timer times out, so that other GARP entities can re-register all the
attribute information on this entity. After that, the entity restarts the LeaveAll timer to
begin a new cycle.
Related command: display garp timer.
Example
# Set the GARP LeaveAll timer to 100 centiseconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] garp timer leaveall 100
1.1.5 reset garp statistics
Syntax
reset garp statistics [ interface interface-list ]
View
User view
Parameter
interface-list: List of Ethernet ports. You can specify multiple Ethernet ports by providing
this argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index lists for this argument.
Description
Use the reset garp statistics command to clear the GARP statistics (such as the
information about the packets received/sent/discarded by GVRP/GMRP) on specified
or all ports.
Executing the reset garp statistics command without any parameter clears the GARP
statistics of all ports.
1-5
3Com Switch 7750 Series
Command Reference Guide — GVRP Commands
Chapter 1 GVRP Configuration Commands
Related command: display garp statistics.
Example
# Clear GARP statistics of all ports.
<3Com> reset garp statistics
1.2 GVRP Configuration Commands
1.2.1 display gvrp statistics
Syntax
display gvrp statistics [ interface interface-list ]
View
Any view
Parameter
interface-list: List of Ethernet ports. You can specify multiple Ethernet ports by providing
this argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index lists for this argument.
Description
Use the display gvrp statistics command to display the GVRP statistics of specified
or all trunk ports.
This command displays the following information:
z
GVRP status
z
Whether GVRP is running
z
Number of the GVRP entries that fail to be registered
z
Source MAC address of the previous GVRP PDU
z
GVRP registration type of a port
Example
# Display the GVRP statistics of port Ethernet1/0/1, assuming that the port is a trunk
port.
<3Com> display gvrp statistics interface Ethernet1/0/1
GVRP statistics on port Ethernet1/0/1
GVRP Status
: Enabled
GVRP Running
: Yes
GVRP Failed Registrations
: 0
1-6
3Com Switch 7750 Series
Command Reference Guide — GVRP Commands
Chapter 1 GVRP Configuration Commands
GVRP Last Pdu Origin
: 0000-0000-0000
GVRP Registration Type
: Normal
1.2.2 display gvrp status
Syntax
display gvrp status
View
Any view
Parameter
None
Description
Use the display gvrp status command to display the global GVRP status (enabled or
disabled).
Example
# Display the global GVRP status.
<3Com> display gvrp status
GVRP is enabled
The above information indicates that GVRP is enabled globally.
1.2.3 gvrp
Syntax
gvrp
undo gvrp
View
System view, Ethernet port view
Parameter
None
Description
Use the gvrp command to enable GVRP globally (in system view) or for a port (in
Ethernet port view).
Use the undo gvrp command to disable GVRP globally (in system view) or on a port (in
Ethernet port view).
1-7
3Com Switch 7750 Series
Command Reference Guide — GVRP Commands
Chapter 1 GVRP Configuration Commands
By default, GVRP is disabled both globally and on ports.
Note that:
z
To enable GVRP for a port, you need to enable GVRP globally first.
z
GVRP is disabled on any ports if GVRP is disabled globally. In this case, you
cannot enable GVRP for a port.
z
You can enable/disable GVRP only on trunk ports.
z
After you enable GVRP on a trunk port, you cannot change the port to other types.
Related command: display gvrp status.
Example
# Enable GVRP globally.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] gvrp
GVRP is enabled globally.
1.2.4 gvrp registration
Syntax
gvrp registration { fixed | forbidden | normal }
undo gvrp registration
View
Ethernet port view
Parameter
fixed: Allows to add or register the current port to the manually created VLAN, and
prohibits to register or deregister the current port to the dynamic VLAN.
forbidden: Deregisters all the VLANs except VLAN 1 on the current port, and inhibits
the creation and registration of any other VLAN on the current port.
normal: Allows both manual and dynamic creation, registration, and Deregistration of
VLANs on the current port.
Description
Use the gvrp registration command to configure the GVRP registration type on a port.
Use the undo gvrp registration command to restore the default GVRP registration
type on a port.
By default, the registration type is normal.
Note that these commands can be operated only on trunk ports.
1-8
3Com Switch 7750 Series
Command Reference Guide — GVRP Commands
Chapter 1 GVRP Configuration Commands
Related command: display gvrp statistics
Example
# Configure the GVRP registration type on the port Ethernet1/0/1 to fixed.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] gvrp registration fixed
1-9
3Com Switch 7750 Series
Command Reference Guide — Q-in-Q Commands
Table of Contents
Table of Contents
Chapter 1 Q-in-Q Configuration Commands .............................................................................. 1-1
1.1 Q-in-Q Configuration Commands ...................................................................................... 1-1
1.1.1 display port vlan-vpn ............................................................................................... 1-1
1.1.2 vlan-vpn enable ....................................................................................................... 1-1
1.1.3 vlan-vpn priority ....................................................................................................... 1-2
Chapter 2 Selective Q-in-Q Configuration Commands.............................................................. 2-1
2.1 Selective Q-in-Q Configuration Commands ...................................................................... 2-1
2.1.1 raw-vlan-id inbound................................................................................................. 2-1
2.1.2 vlan-vpn vid ............................................................................................................. 2-2
Chapter 3 Shared-VLAN Configuration Commands .................................................................. 3-1
3.1 Shared-VLAN Configuration Commands........................................................................... 3-1
3.1.1 display shared-vlan ................................................................................................. 3-1
3.1.2 shared-vlan mainboard ........................................................................................... 3-1
3.1.3 shared-vlan slot ....................................................................................................... 3-2
i
3Com Switch 7750 Series
Command Reference Guide — Q-in-Q Commands
Chapter 1 Q-in-Q Configuration Commands
Chapter 1 Q-in-Q Configuration Commands
1.1 Q-in-Q Configuration Commands
1.1.1 display port vlan-vpn
Syntax
display port vlan-vpn
View
Any view
Parameter
None
Description
Use the display port vlan-vpn command to display the Q-in-Q configuration of the
current system, including the current status of VLAN-VPN and the VLAN ID of
VLAN-VPN.
Example
# Display the Q-in-Q configuration of the current system.
<3Com> display port vlan-vpn
Ethernet3/0/4
VLAN-VPN status: enabled
VLAN-VPN VLAN: 1
1.1.2 vlan-vpn enable
Syntax
vlan-vpn enable
undo vlan-vpn
View
Ethernet port view
Parameter
None
1-1
3Com Switch 7750 Series
Command Reference Guide — Q-in-Q Commands
Chapter 1 Q-in-Q Configuration Commands
Description
Use the vlan-vpn enable command to enable the Q-in-Q function for a port.
Use the undo vlan-vpn command to disable the Q-in-Q function for a port.
By default, the Q-in-Q function is disabled.
With the Q-in-Q function enabled, a received packet is tagged with the default VLAN
tag of the receiving port no matter whether or not the packet already carries a VLAN tag.
If the packet already carries a VLAN tag, the packet becomes a dual-tagged packet.
Otherwise, the packet becomes a packet carrying the default VLAN tag of the port.
Caution:
z
The Q-in-Q function is unavailable if voice VLAN is enabled on the port.
z
After you enable the Q-in-Q function for a port, voice VLAN is not available on the
port.
Example
# Enable the Q-in-Q function for Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] vlan-vpn enable
1.1.3 vlan-vpn priority
Syntax
vlan-vpn priority inner-priority remark outer-priority
undo vlan-vpn priority inner-priority
View
Ethernet port view
Parameter
inner-priority: Inner tag priority, ranging from 0 to 7.
outer-priority: Outer tag priority, ranging from 0 to 7.
Description
Use the vlan-vpn priority command to configure an inner-outer tag priority mapping.
1-2
3Com Switch 7750 Series
Command Reference Guide — Q-in-Q Commands
Chapter 1 Q-in-Q Configuration Commands
Use the undo vlan-vpn priority command to restore the default configuration.
By default, inner-outer tag priority mapping is disabled.
Example
# Configure priority mappings between inner and outer VLAN tags on Ethernet 1/0/1 so
that packets with the inner tag priority of 3 is tagged with an outer tag with the priority of
5.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] vlan-vpn priority 3 remark 5
1-3
3Com Switch 7750 Series
Command Reference Guide — Q-in-Q Commands
Chapter 2 Selective Q-in-Q Configuration Commands
Chapter 2 Selective Q-in-Q Configuration
Commands
Note:
You can implement traffic-based selective Q-in-Q on an Switch 7750 Series switch by
using ACLs and QoS techniques. Refer to the QoS part of this manual for related
commands and operations.
2.1 Selective Q-in-Q Configuration Commands
2.1.1 raw-vlan-id inbound
Syntax
raw-vlan-id inbound vlan-id-list
undo raw-vlan-id inbound { all | vlan-id-list }
View
Q-in-Q view
Parameter
vlan-id-list: List of VLAN Ids. You need to provide this argument in the form of
vlan-id-list = { vlan-id [ to { vlan-id } ] } & <1-10>, where & <1-10> means that you can
provide up to ten VLAN Ids/VLAN ID lists
all: Specifies the packets of all the VLANs.
As for the vlan-id-list argument, the value of 1 to 4094 is not suipported due to ACL
limitations.
Description
Use the raw-vlan-id inbound command to specify a group of VLANs, single-tagged
inbound packets of which are to be tagged with specified outer VLAN tags.
Use the undo raw-vlan-id inbound command to remove the configuration.
Note that the raw-vlan-id inbound command needs to be coupled by the vlan-vpn vid
command.
2-1
3Com Switch 7750 Series
Command Reference Guide — Q-in-Q Commands
Chapter 2 Selective Q-in-Q Configuration Commands
Example
# Configure that the single-tagged inbound packets of VLAN 8 through VLAN 15 are
tagged with VLAN 20 tags on Ethernet1/0/1 port. Configure Ethernet 1/0/5 as the uplink
port and configure it to remove the outer VLAN tag.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] vlan-vpn vid 20 uplink Ethernet 1/0/5 untagged
[3Com-Ethernet1/0/1-vid-20] raw-vlan-id inbound 8 to 15
2.1.2 vlan-vpn vid
Syntax
vlan-vpn vid vlan-id uplink interface-type interface-number [ untagged ]
undo vlan-vpn vid vlan-id
View
Ethernet port view
Parameter
vid vlan-id: ID of the VLAN whose tag is to be inserted to matched packets as the outer
VLAN tag.
uplink interface-type interface-number: Specifies an uplink port for the packet where
an outer VLAN tag is to be encapsulated.
Untagged: Configure whether to retain a VLAN tag when a packet encapsulated with
vid is transmitted through the uplink port.
Description
Use the vlan-vpn vid command to specify the VLAN whose tag is to be inserted to
matched packets as the outer VLAN tag and the uplink port for these packets. You can
use the raw-vlan-id inbound command to specify the VLANs, the single-tagged
packets of which are to be tagged with outer VLAN tags when the packets reach a
Q-in-Q-enabled port.
Use the undo vlan-vpn vid command to remove the configuration.
When the uplink port and the port to which a VLAN tag is inserted are not on the same
board, if the board where the uplink port resides is pulled out, this configuration is
invisible. After you insert this board again, the configuration is recovered.
When the specified uplink port is available, the configuration of the raw-vlan-id
inbound command remains unchanged after you modify the uplink port or the
2-2
3Com Switch 7750 Series
Command Reference Guide — Q-in-Q Commands
Chapter 2 Selective Q-in-Q Configuration Commands
untagged attribute. When the uplink port is not available, if you modify this configuration,
the configuration of the raw-vlan-id inbound command is removed at the same time.
Caution:
Do not add a Q-in-Q-enabled port and its corresponding uplink port into the same link
aggregation group.
Note that the vlan-vpn vid command needs to be coupled by the raw-vlan-id inbound
command.
Example
# Configure to insert the outer tag VLAN 20 to the packets whose inner tag is VLAN 10
received on Ethernet1/0/1.Specify Ethernet1/0/5 as the uplink port. Configure the port
to remove the outer VLAN tag of the packets.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] vlan-vpn vid 20 uplink Ethernet 1/0/5 untagged
[3Com-Ethernet1/0/1-vid-20] raw-vlan-id inbound 10
2-3
3Com Switch 7750 Series
Command Reference Guide — Q-in-Q Commands
Chapter 3 Shared-VLAN Configuration Commands
Chapter 3 Shared-VLAN Configuration Commands
3.1 Shared-VLAN Configuration Commands
3.1.1 display shared-vlan
Syntax
display shared-vlan
View
Any view
Parameter
None
Description
Use the display shared-vlan command to display shared-VLAN configured on all the
boards in the system.
Example
# Display shared-VLAN configured on all the boards in the current system.
<3Com> display shared-vlan
shared-vlan 1 mainboard
shared-vlan 3 slot 4
The above-mentioned information describes that VLAN 1 on the SRPU and VLAN 3 on
the LPU in slot 4 are shared-VLANs in the system.
3.1.2 shared-vlan mainboard
Syntax
shared-vlan vlan-id mainboard
undo shared-vlan vlan-id mainboard
View
System view
Parameter
vlan-id: ID of a shared-VLAN, ranging from 1 to 4094.
3-1
3Com Switch 7750 Series
Command Reference Guide — Q-in-Q Commands
Chapter 3 Shared-VLAN Configuration Commands
Description
Use the shared-vlan mainboard command to configure shared-VLAN on an SRPU.
Use the undo shared-vlan mainboard command to remove the configuration.
By default, no shared-VLAN is configured on the SRPU.
Note:
z
If an active SRPU is equipped with the device, shared-VLAN takes effect on
active/standby SRPUs at the same time.
z
You must use a created VLAN as shared-VLAN; otherwise the system gives an
error prompt.
Caution:
Shared-VLAN can damage and disable RRPP. Therefore, do not enable both RRPP
and shared-VLAN on the switch.
Example
# Configure VLAN 10 as shared-VLAN on an SRPU.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] shared-vlan 10 mainboard
3.1.3 shared-vlan slot
Syntax
shared-vlan vlan-id slot slot-number
undo shared-vlan vlan-id slot slot-number
View
System view
Parameter
vlan-id: ID of a shared-VLAN, ranging from 1 to 4094.
Description
Use the shared-vlan slot command to configure shared-VLAN on an LPU.
3-2
3Com Switch 7750 Series
Command Reference Guide — Q-in-Q Commands
Chapter 3 Shared-VLAN Configuration Commands
Use the undo shared-vlan slot command to remove the configuration.
By default, no shared-VLAN is configured on the LPU.
Note:
You must use a created VLAN as shared-VLAN; otherwise the system gives an error
prompt.
Caution:
Shared-VLAN can damage and disable RRPP. Therefore, do not enable both RRPP
and shared-VLAN on the switch.
Example
# Configure VLAN 20 on the LPU in slot 3 as shared-VLAN.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] shared-vlan 20 slot 3
3-3
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Table of Contents
Table of Contents
Chapter 1 Port Basic Configuration Commands........................................................................ 1-1
1.1 Port Basic Configuration Commands................................................................................. 1-1
1.1.1 broadcast-suppression............................................................................................ 1-1
1.1.2 copy configuration ................................................................................................... 1-2
1.1.3 description ............................................................................................................... 1-3
1.1.4 display brief interface .............................................................................................. 1-4
1.1.5 display interface ...................................................................................................... 1-5
1.1.6 display loopback-detection...................................................................................... 1-8
1.1.7 display port .............................................................................................................. 1-9
1.1.8 display transceiver-information interface .............................................................. 1-10
1.1.9 duplex.................................................................................................................... 1-11
1.1.10 flow-control .......................................................................................................... 1-12
1.1.11 flow-control enable .............................................................................................. 1-12
1.1.12 flow interval ......................................................................................................... 1-13
1.1.13 hardspeedup ....................................................................................................... 1-14
1.1.14 interface............................................................................................................... 1-15
1.1.15 jumboframe enable ............................................................................................. 1-16
1.1.16 loopback-detection enable .................................................................................. 1-16
1.1.17 loopback-detection interval-time ......................................................................... 1-17
1.1.18 loopback-detection control .................................................................................. 1-18
1.1.19 loopback-detection per-vlan enable .................................................................... 1-19
1.1.20 mdi....................................................................................................................... 1-19
1.1.21 multicast-suppression ......................................................................................... 1-20
1.1.22 port access vlan .................................................................................................. 1-22
1.1.23 port hybrid pvid vlan ............................................................................................ 1-22
1.1.24 port hybrid vlan.................................................................................................... 1-23
1.1.25 port link-type........................................................................................................ 1-24
1.1.26 port monitor last................................................................................................... 1-25
1.1.27 port monitor last slot............................................................................................ 1-26
1.1.28 port trunk permit vlan .......................................................................................... 1-26
1.1.29 port trunk pvid vlan.............................................................................................. 1-27
1.1.30 reset counters interface....................................................................................... 1-28
1.1.31 shutdown ............................................................................................................. 1-29
1.1.32 speed................................................................................................................... 1-29
1.1.33 speedup............................................................................................................... 1-30
1.1.34 unicast-suppression ............................................................................................ 1-31
1.1.35 virtual-cable-test.................................................................................................. 1-32
i
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Chapter 1 Port Basic Configuration Commands
1.1 Port Basic Configuration Commands
1.1.1 broadcast-suppression
Syntax
broadcast-suppression { ratio | bandwidth bandwidth | pps pps }
undo broadcast-suppression
View
Ethernet port view
Parameter
ratio: Maximum ratio of the received broadcast traffic to the total bandwidth on an
Ethernet port. The value ranges from 1 to 100 and defaults to 100. The smaller the ratio
is, the less broadcast traffic is allowed.
bandwidth bandwidth: Specifies the maximum bandwidth of broadcast traffic received
on the Ethernet port. For a 100 Mbps port, the bandwidth argument is in the range of 1
to 100 in Mbps; for a gigabit port, the bandwidth argument is in the range of 1 to 1000 in
Mbps.
pps pps: Specifies the maximum number of broadcast packets allowed to be received
per second on an Ethernet port (in pps).
z
For a 100 Mbps Ethernet port, the pps argument is in the range of 0 to 148,810.
z
For a Gigabit Ethernet port, the pps argument is in the range of 1,488,100.
z
For a 10GE port, the pps argument is in the range of 0 to 14,881,000.
Description
Use the broadcast-suppression command to limit broadcast traffic allowed to be
received on each port (in system view) or on a specified port (in Ethernet port view).
Use the undo broadcast-suppression command to restore the default broadcast
suppression setting.
When incoming broadcast traffic exceeds the broadcast traffic threshold you set, the
system drops the packets exceeding the threshold to reduce the broadcast traffic ratio
to the reasonable range, so as to keep normal network service.
By default, broadcast suppression is disabled.
1-1
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Note:
z
Broadcast suppression is set in different ways for different LPUs of the switch 7750
series: For type-A LPUs, broadcast suppression must be set in VLAN view; for
non-type-A LPUs, broadcast suppression must be set in Ethernet port view.
z
Type-A LPUs include 3C16860, 3C16861, 3C16858, and 3C16859.
A port supports one way of broadcast suppression at the same time. If broadcast
suppression has been configured for a port for multiple times, only the latest
configuration takes effect.
Example
# Allow incoming broadcast traffic to occupy at most 20% of the bandwidth on the port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet 1/0/1
[3Com-Ethernet1/0/1] broadcast-suppression 20
# Set the maximum number of broadcast packets that can be received per second by
the Ethernet1/0/1 port to 1000 pps.
[3Com-GigabitEthernet1/0/1] broadcast-suppression pps 1000
1.1.2 copy configuration
Syntax
copy configuration source { interface-type interface-number | aggregation-group
source-agg-id } destination { interface-list [ aggregation-group destination-agg-id ] |
aggregation-group destination-agg-id }
View
System view
Parameter
interface-type: Port type.
interface-number: Port number.
source-agg-id: Source aggregation group number, in the range of 1 to 384. The port
with the smallest port number in the aggregation group is used as the source port.
interface-list: Destination port list, interface-list =interface-type interface-number [ to
interface-type interface-number ] &<1-10. &<1-10> means that you can input up to 10
ports/port ranges.
destination-agg-id: Destination aggregation group number, in the range of 1 to 384.
1-2
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Description
Use the copy configuration command to copy the configuration on a port to some
other ports to keep consistent configuration on them.
Note:
Any aggregation group port you input in the destination port list will be removed from
the list and the copy command will not take effect on the port. If you want an
aggregation group port to have the same configuration with the source port, you can
specify the aggregation group of the port as the destination (with the destination-agg-id
argument).
Example
# Copy the configuration of Ethernet3/01 to Ethernet3/0/2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] copy configuration source Ethernet3/0/1 destination Ethernet3/0/2
The operation will be invalid for some special port(s) in the destination port
list, such as aggregation port.
Copying VLAN configuration...
Copying Protocol based VLAN configuration...
Copying LACP configuration...
Copying QOS configuration...
Copying STP configuration...
Copying speed/duplex configuration...
Port configuration copy complete
1.1.3 description
Syntax
description text
undo description
View
Ethernet port view
1-3
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Parameter
text: Port description, a string of up to 80 characters.
Description
Use the description command to set a port description string.
Use the undo description command to remove the port description string.
By default, no description is defined for a port.
Example
# Set description string "lanswitch-interface" for the Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet1/0/1
[3Com-GigabitEthernet1/0/1] description lanswitch-interface
1.1.4 display brief interface
Syntax
display brief interface [ interface-type interface-number ] [ | { begin | include |
exclude } regular-expression ]
View
Any view
Parameter
interface-type: Port type.
interface-number: Port number.
|: Specifies to use a regular expression to describe the configuration information entries
to be displayed.
begin: Each entry must begin with a specified character string.
include: Each entry must include a specified character string.
exclude: Each entry must not include a specified character string.
regular-expression: Regular expression, a string of 1 to 256 characters.
Description
Use the display brief interface command to display the brief configuration information
about one or all interfaces, including: interface type, link state, link rate, duplex mode,
link type, default VLAN ID and port description string (only the first 33 characters are
displayed).
1-4
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
This command is similar to the display interface command, but the information it
displays is briefer.
Note:
Currently, for the port types other than Ethernet port, this command only displays the
link state, and shows "--" in all other configuration information fields.
Related command: display interface.
Example
# Display the brief configuration information about the GigabitEthernet1/0/1 port.
<3Com> display brief interface GigabitEthernet1/0/1
Interface:
Eth
- Ethernet
Loop - LoopBack
GE
- GigabitEthernet TENGE - tenGigabitEthernet
Vlan - Vlan-interface
Cas
- Cascade
Speed/Duplex:
A - auto-negotiation
Interface
Link
Speed
Duplex Type
PVID Description
------------------------------------------------------------------------GE3/0/1
UP
A1000M Afull
hybrid 1
abc123
Table 1-1 Description on the fields of the display brief interface command
Field
Description
Interface
Port type
Link
Link state: UP or DOWN
Speed
Link rate
Duplex
Duplex mode
Type
Link type: access, hybrid or trunk
PVID
Default VLAN ID
Description
Port description string (only the first 33
characters are displayed)
1.1.5 display interface
Syntax
display interface [ interface-type | interface-type interface-number ]
1-5
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
View
Any view
Parameter
interface-type: Port type.
interface-number: Port number.
Description
Use the display interface command to display port configuration.
When using this command:
If you specify neither port type nor port number, the command displays information
z
about all ports.
If you specify only port type, the command displays information about all ports of
z
the specified type.
If you specify both port type and port number, the command displays information
z
about the specified port.
Example
# Display the configuration information of the Ethernet1/0/1 port.
<3Com> display interface Ethernet1/0/1
Ethernet1/0/1 current state : DOWN
IP
Sending
Frames'
Format
is
PKTFMT_ETHNT_2,
Hardware
address
00e0-fc2c-3f11
The Maximum Transmit Unit is 1500
Media type is twisted pair, loopback not set
Port hardware type is 100_BASE_TX
Unknown-speed mode, unknown-duplex mode
Link speed type is autonegotiation, link duplex type is autonegotiation
Flow-control is not enabled
The Maximum Frame Length is 1536
Allow jumbo frame to pass
Port monitor last value: 1
PVID: 1
Mdi type: auto
Port link-type: access
Tagged
VLAN ID : none
Untagged VLAN ID : 1
Last 300 seconds input:
Last 300 seconds output:
Input(total):
0 packets/sec 0 bytes/sec
0 packets/sec 0 bytes/sec
1150 packets, 149854 bytes
542 broadcasts, 55 multicasts, - pauses
1-6
is
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Input(normal):
Chapter 1 Port Basic Configuration Commands
- packets, - bytes
- broadcasts, - multicasts, - pauses
Input:
- input errors, 0 runts, - giants,
0 frame,
0 throttles, 0 CRC
- overruns, - aborts, - ignored, - parity errors
Output(total): 1288 packets, 116919 bytes
0 broadcasts, 886 multicasts, 0 pauses
Output(normal): - packets, - bytes
- broadcasts, - multicasts, - pauses
Output: 0 output errors,
- underruns, - buffer failures
0 aborts, 0 deferred, 0 collisions, 0 late collisions
- lost carrier, - no carrier
Table 1-2 Description on the fields of the display interface command
Field
Description
Ethernet1/0/1 current state
Enable/disable status of the current
Ethernet port
IP Sending Frames' Format
Ethernet frame format
Hardware address
Port hardware address
The Maximum Transmit Unit
The maximum transmit unit (MTU)
Media type
Media type
Port hardware type
Port hardware type
Flow-control is enabled
Flow-control status of the port
The Maximum Frame Length
Maximum frame length allowed on the
port
Allow jumbo frame to pass
Whether Jumbo frame is allowed on the
port.
Port monitor last value: 5
Delay of reporting down state to the
system for a port
PVID
Default VLAN ID of the port
Mdi type
Network cable type
Port link-type
Port link type
Tagged VLAN ID
Identify the VLANs whose packets will
be forwarded with tags on the port.
Untagged VLAN ID
Identify the VLANs whose packets will
be forwarded without tags on the port.
Last 300 seconds input: 0 packets/sec 0
bytes/sec
Last 300 seconds output: 0 packets/sec
0 bytes/sec
1-7
Rate and number of incoming and
outgoing packets in the last 300 seconds
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Field
Input(total):
bytes
Chapter 1 Port Basic Configuration Commands
Description
1150 packets, 149854
542 broadcasts, 55 multicasts, pauses
Input(normal): - packets, - bytes
- broadcasts, - multicasts, - pauses
Input: - input errors, 0 runts, - giants, 0
throttles, 0 CRC
Statistics on the incoming packets and
errors on the port
The “-” indicates that the statistical item
is not supported.
0 frame, - overruns, - aborts, ignored, - parity errors
Output(total): 1288 packets, 116919
bytes
0 broadcasts, 886 multicasts, 0
pauses
Output(normal): - packets, - bytes
- broadcasts, - multicasts, - pauses
Output: 0 output errors, - underruns, buffer failures
Statistics on the outgoing packets and
errors on the port
The “-” indicates that the statistical item
is not supported.
0 aborts, 0 deferred, 0 collisions, 0
late collisions
- lost carrier, - no carrier
1.1.6 display loopback-detection
Syntax
display loopback-detection [ port-loopbacked ] [ | { begin | include | exclude }
regular-expression ]
View
Any view
Parameter
port-loopbacked: Specifies to display the information of ports where loopback occurs.
|: Specifies to use a regular expression to display the details in the configuration
information of an interface.
begin: Specifies the interface information to begin with a specific character/string.
include: Specifies the interface information to include a specific character/string.
exclude: Specifies the interface information to exclude a specific character/string.
regular-expression: Regular expression, a string containing 1 to 256 characters.
1-8
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Description
Use the display loopback-detection command to display the information related to
the loopback detection function on the port.
Example
# Display the information about loopback detection on the port and “e” is not included in
the interface name.
<3Com> display loopback-detection | exclude e
Loopback-detection interval time is 30 seconds
Interface
detect
control
per-vlan
loopback-status
-------------------------------------------------------------------------RprGE1/0/1
N
N
N
not-loop
RprGE1/0/1.1
N
N
N
not-loop
RprGE1/0/1.2
N
N
N
not-loop
Table 1-3 Description on the fields of the display loopback-detection command
Field
Description
Loopback-detection interval time
Interval
of
detection
Interface
Interface name
detect
Whether loopback detection is enabled
control
Processing mode for the port where
loopback is detected
per-vlan
Whether to perform loopback detection
on all the VLANs on the port
loopback status
Whether loopback occurs on the current
port
1.1.7 display port
Syntax
display port { hybrid | trunk }
View
Any view
Parameter
hybrid: Displays hybrid ports.
trunk: Displays trunk ports.
1-9
performing
loopback
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Description
Use the display port command to display whether there are hybrid ports or trunk ports
in the current system. If there is such port, the port name and the ID of the VLAN
permitted on the port are displayed.
Example
# Display the trunk ports in the current system.
<3Com> display port trunk
Interface
VLAN passing
Ethernet3/0/3
1
Ethernet3/0/11
1-2, 4-5, 10
1.1.8 display transceiver-information interface
Syntax
display transceiver-information interface interface-type interface-number
View
Any view
Parameter
interface-type: Port type
interface-number: Port number
Description
Use the display port display transceiver-information interface command to display
information about a specified optical port.
Example
# Display the information about the optical interface GigabitEthernet1/0/1.
<3Com> display transceiver-information interface GigabitEthernet 1/0/1
Hardware Type
:
SM
Interface Type
: SFP
Wave Length(nm)
:
Vendor Name
: OCP
Serial Number
: 2786837
1310
Transfer Distance(m)
9um
Fiber
: 69000
50um
Fiber
: 0
62.5um Fiber
: 0
Copper Line
: 0
1-10
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Table 1-4 describes the fields of the display transceiver-information interface
command.
Table 1-4 Description on the fields of the display transceiver-information interface
command
Field
Description
Hardware Type
Hardware type: single-mode (SM) or
multi-mode (MM)
Interface Type
Port type, including SFP, XFP and GBIC
Wave Length(nm)
Wavelength in nm
Vendor Name
Name of the vendor
Serial Number
Serial number
Transfer Distance(m)
Transfer distance in m
1.1.9 duplex
Syntax
duplex { auto | full | half }
undo duplex
View
Ethernet port view
Parameter
auto: Sets the port to auto-negotiation mode.
full: Sets the port to full duplex mode.
half: Sets the port to half duplex mode.
Description
Use the duplex command to set the duplex mode of the current port.
Use the undo duplex command to restore the default duplex mode, that is,
auto-negotiation mode.
By default, the duplex mode of a port is in auto-negotiation mode.
Related command: speed.
Example
# Set the duplex mode of GigabitEthernet1/0/1 to full-duplex mode.
<3Com> system-view
1-11
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet1/0/1
[3Com-GigabitEthernet1/0/1] duplex full
1.1.10 flow-control
Syntax
flow-control
undo flow-control
View
Ethernet port view
Parameter
None
Description
Use the flow-control command to enable flow control on the port so as to avoid packet
loss during congestion.
Use the undo flow-control command to disable flow control on the port.
By default, flow control is disabled on a port.
Note:
Enable flow control on the port following the two steps:
z
Enable flow control globally;
z
Enable flow control on the port in Ethernet port view.
Example
# Enable flow control on the GigabitEthernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet1/0/1
[3Com-Ethernet1/0/1] flow-control
1.1.11 flow-control enable
Syntax
flow-control enable
1-12
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
undo flow-control disable
View
System view
Parameter
None
Description
Use the flow-control enable command to enable flow control globally.
Use the flow-control disable command to disable flow control globally.
By default, flow control is disabled globally.
Example
# Enable flow control globally.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] flow-control enable
1.1.12 flow interval
Syntax
flow-interval interval
undo flow-interval
View
Ethernet port view
Parameter
Interval: Interval (in seconds) to perform statistics on port information. This argument
ranges from 5 to 300 (in step of 5) and is 300 by default.
Description
Use the flow-interval command to set the interval to perform statistics on port
information.
Use the undo flow-interval command to restore the default interval.
By default, this interval is 300 seconds.
When you use the display interface interface-type interface-number command to
display the information of a port, the system performs statistical analysis on the traffic
flow passing through the port during the specified interval and displays the average
1-13
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
rates in the interval. For example, if you set the interval to 100 seconds, the displayed
information is as follows:
Last 100 seconds input:
Last 100 seconds output:
0 packets/sec 0 bytes/sec
0 packets/sec 0 bytes/sec
Related command: display interface.
Example
# Set the interval to perform statistics on the Ethernet1/0/1 port to 100 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface ethernet 1/0/1
[3Com-Ethernet1/0/1] flow-interval 100
1.1.13 hardspeedup
Syntax
hardspeedup enable
hardspeedup disable
View
System view
Parameter
None
Description
Use the hardspeedup enable command to enable command to enable the hardware
speedup function inside the port.
Use the hardspeedup disable command to disable the hardware speedup function
inside the port.
By default, the hardware speedup function inside the port is enabled.
Note:
z
The commands above are applicable to type-A LPUs only, including 3C16860,
3C16861, 3C16858, and 3C16859.
z
The commands above are diagnostic, so you cannot use them at discretion.
Example
# Enable the hardware speedup function inside the port.
1-14
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hardspeedup enable
1.1.14 interface
Syntax
interface interface-type interface-number
View
System view
Parameter
interface-type: Port type, which can be Aux, Ethernet, GigabitEthernet, LoopBack,
M-Ethernet, NULL, Tunnel or Vlan-interface.
interface-number: Port number, in the format of LPU slot number/subcard slot
number/port number.
Table 1-5 Range of LPU slot number/subcard slot number
Description
Device
Range of LPU
number
Subcard slot
number
S6502
0 to 1
0
S6503
0 to 3
0
S6506
0 to 6
0
S6506R
0 to 7
0
Range of port number
Depending
on
the
number of ports on the
LPU you select
Description
Use the interface command to enter Ethernet port view. To configure parameters for a
port, you must enter the port view first.
Example
# Enter GigabitEthernet1/0/1 port view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet1/0/1
[3Com-GigabitEthernet1/0/1]
1-15
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
1.1.15 jumboframe enable
Syntax
jumboframe enable [ jumboframe-value ]
undo jumboframe enable
View
Ethernet port view
Parameter
jumboframe-value: Size of the permitted jumbo frame, in the range of 1,536 to 9,216 in
byte.
Description
Use the jumboframe enable command to allow jumbo frames to pass through the
current Ethernet port.
Use the undo jumboframe enable command to inhibit jumbo frames from passing
through the current Ethernet port.
By default, jumbo frames that are larger than 1,518 bytes and smaller than 1,536 bytes
are allowed to pass through the Ethernet port.
Example
# Allow jumbo frames smaller than 1,536 bytes to pass through GigabitEthernet1/0/1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet1/0/1
[3Com-GigabitEthernet1/0/1] jumboframe enable
1.1.16 loopback-detection enable
Syntax
loopback-detection enable
undo loopback-detection enable
View
Ethernet port view
Parameter
None
1-16
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Description
Use the loopback-detection enable command to enable the loopback detection
feature on the port.
Use the undo loopback-detection enable command to disable the loopback
detection feature on the port.
By default, the loopback detection feature is disabled on the port.
Related command: display loopback-detection.
Example
# Enable the loopback detection feature.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] loopback-detection enable
1.1.17 loopback-detection interval-time
Syntax
loopback-detection interval-time time
undo loopback-detection interval-time
View
System view
Parameter
time: Interval for detecting external loopback on a port, in the range of 5 to 300 (in
seconds). It is 30 seconds by default.
Description
Use the loopback-detection interval-time command to set the interval for detecting
external loopback on a port.
Use the undo loopback-detection interval-time command to restore the default
interval.
Related command: display loopback-detection.
Example
# Set the interval for detecting external loopback on a port to 10 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] loopback-detection interval-time 10
1-17
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
1.1.18 loopback-detection control
Syntax
loopback-detection control { block | nolearning | shutdown }
undo loopback-detection control
View
Ethernet port view
Parameter
block: Specifies to block the port where loop is detected, that is, the port cannot receive
or send any packets except BPDU packets. The system will periodically detect whether
loopback still occurs on the port. If yes, the port will be blocked continuously. If not, and
no other protocols (such as STP, LACP, DLDP) change the state of the port, the port will
be restored to the state of sending and receiving packets normally.
nolearning: Specifies the port to continue forwarding packets after loopback is
detected on it. However, the port will stop learning new MAC addresses. The system
will periodically detect whether loopback still occurs on the port. If yes, the port keeps in
the current state. If not, the port will be restored to the state of sending and receiving
packets normally, and additionally the MAC address learning function will be also
restored for the port.
shutdown: Specifies to disable the port after loopback is detected on the port.
Description
Use the loopback-detection control command to set the processing mode for the port
where loopback is detected.
Use the undo loopback-detection control command to cancel the defined
processing mode for the port where loopback is detected.
By default, no processing mode is set for the port where loopback is detected.
Example
# Specify the processing mode for the port where loopback is detected as nolearning.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet 1/0/1
[3Com-GigabitEthernet1/0/1] loopback-detection control nolearning
1-18
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
1.1.19 loopback-detection per-vlan enable
Syntax
loopback-detection per-vlan enable
undo loopback-detection per-vlan enable
View
Ethernet port view
Parameter
None
Description
Use the loopback-detection per-vlan enable command to enable loopback detection
for all the VLANs on the current trunk port or hybrid port.
Use the undo loopback-detection per-vlan enable command to enable loopback
detection for only the default VLAN on the current port.
By default, loopback detection is enabled for only the default VLAN of a trunk port or
hybrid port.
Note that this command is not available to access ports.
Example
# Enable loopback detection for all the VLANs on the trunk port GIgabitEthernet1/0/1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet 1/0/1
[3Com-GigabitEthernet1/0/1] port link-type trunk
[3Com-GigabitEthernet1/0/1] loopback-detection per-vlan enable
1.1.20 mdi
Syntax
mdi { across | auto | normal }
undo mdi
View
Ethernet port view
Parameter
across: Specifies the network cable to be crossover network cable.
1-19
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
auto: Identifies the network cable type (crossover or straight through) automatically.
normal: Specifies the network cable to be straight through network cable.
Description
Use the mdi command to set the network types that can be identified by Ethernet ports.
Use the undo mdi command to restore the default network cable type that can be
identified by Ethernet ports.
By default, the port identifies the network type automatically.
Caution:
The Switch 7750 series supports the auto mode only. If another mode is specified, the
system prompts “Operation not supported”.
Example
# Specify Ethernet1/0/1 to identify the network cable type automatically.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] mdi auto
1.1.21 multicast-suppression
Syntax
multicast-suppression { ratio | bandwidth { mbps-value | kbps kbps-value } | pps
max-pps }
undo multicast-suppression
View
Ethernet port view
Parameter
ratio: Maximum ratio of received multicast traffic to the total bandwidth on the Ethernet
port. The value ranges from 1 to 100 (in step of 1) and defaults to 100. The smaller the
ratio is, the less multicast traffic is allowed to be received.
mbps-value: Maximum bandwidth (in Mbps) for receiving multicast traffic on an
Ethernet port. The range of the mbps-value argument depends on the port type:
1-20
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
z
1 to 100 for 100 Mbps Ethernet ports;
z
1 to 1,000 Mbps for Gigabit Ethernet ports;
z
1 to 10,000 Mbps for 10 GE ports.
kbps kbps-value: Specifies the maximum bandwidth (in Kbps) for receiving multicast
traffic, in the range of 64 to 1,024,000 in the step of 64.
max-pps: Maximum number of multicast packets allowed to be received per second on
the Ethernet port (in pps). The range of the max-pps argument depends on the port
type.
z
1 to 148,810 for 100 Mbps Ethernet ports;
z
1 to 1,488,100 for Gigabit Ethernet ports;
z
1 to 262,143 for 10 GE ports.
Description
Use the multicast-suppression command to limit multicast traffic allowed to be
received on the current port.
Use the undo multicast-suppression command to restore the default multicast
suppression setting on the current port.
When incoming multicast traffic on the port exceeds the multicast traffic threshold you
set, the system drops the packets exceeding the threshold to reduce the multicast
traffic ratio to the reasonable range, so as to keep normal network service.
By default, the switch does not suppress multicast traffic.
Caution:
Note that type-A LPUs (including 3C16860, 3C16861, 3C16858, and 3C16859) do not
support enabling multicast suppression on a port.
Example
# Allow the incoming multicast traffic on the Ethernet1/0/1 port to occupy at most 20%
of the bandwidth on the port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface ethernet 1/0/1
[3Com-Ethernet1/0/1] multicast-suppression 20
# Set the maximum number of multicast packets that can be forwarded per second by
the Ethernet1/0/1 port to 1000 pps.
[3Com-Ethernet1/0/1] multicast-suppression pps 1000
1-21
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
1.1.22 port access vlan
Syntax
port access vlan vlan-id
undo port access vlan
View
Ethernet port view
Parameter
vlan-id: VLAN ID defined in IEEE802.1Q, in the range of 2 to 4,094.
Description
Use the port access vlan command to add the access port into the specified VLAN.
Use the undo port access vlan command to remove the access port from the
specified VLAN.
You must specify the ID of an existing VLAN in the command.
Example
# Add Ethernet1/0/1 into VLAN 3 (VLAN 3 is an existing VLAN).
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] port access vlan 3
1.1.23 port hybrid pvid vlan
Syntax
port hybrid pvid vlan vlan-id
undo port hybrid pvid
View
Ethernet port view
Parameter
vlan-id: VLAN ID defined in IEEE802.1Q, in the range of 1 to 4094. It is 1 by default.
Description
Use the port hybrid pvid vlan command to set the default VLAN ID for the hybrid port.
1-22
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Use the undo port hybrid pvid command to restore the default VLAN ID of the hybrid
port.
Set the default VLAN ID of the local hybrid port to the same value as that of the hybrid
port on the peer switch. Otherwise, packets cannot be forwarded properly.
Related command: port link-type.
Example
# Set the default VLAN ID of the hybrid port Ethernet1/0/1 to 100.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] port hybrid pvid vlan 100
1.1.24 port hybrid vlan
Syntax
port hybrid vlan vlan-id-list { tagged | untagged }
undo port hybrid vlan vlan-id-list
View
Ethernet port view
Parameter
vlan-id-list: VLAN range to which the hybrid port will be added. vlan-id-list = [ vlan-id1
[ to vlan-id2 ] ]&<1-10>, where, vlan-id is in the range of 1 to 4094 and can be discrete,
and &<1-10> means you can input up to ten VLAN IDs/ID ranges.
tagged: Keeps VLAN tags when the packets of the specified VLANs are forwarded.
untagged: Keeps no VLAN tags when the packets of the specified VLANs are
forwarded.
Description
Use the port hybrid vlan command to add the hybrid port into specified VLANs.
Use the undo port hybrid vlan command to remove the hybrid port from specified
existing VLANs.
A hybrid port can belong to multiple VLANs. When you use the command several times,
all VLAN specified in the commands will be allowed to pass the port.
The VLAN specified by the vlan-id argument must be existing. Otherwise, this
command is invalid.
Related command: port link-type.
1-23
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Example
# Add the hybrid port Ethernet1/0/1 to VLAN 2, VLAN 4 and VLAN 50 through VLAN
100, with tags assigned to their packets.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] port hybrid vlan 2 4 50 to 100 tagged
1.1.25 port link-type
Syntax
port link-type { access | hybrid | trunk }
undo port link-type
View
Ethernet port view
Parameter
access: Sets the port as an access port.
hybrid: Sets the port as a hybrid port.
trunk: Sets the port as a trunk port.
Description
Use the port link-type command to set the link type of the current Ethernet port.
Use the undo port link-type command to restore the default link type.
The three types of ports can co-exist on the same Ethernet switch. However, a trunk
port cannot be directly switched to a hybrid port, and vice versa. To set a trunk/hybrid
port to another type (different from access), you must first set the port to an access port
and then set the access port to the required type. For example, a trunk port cannot be
directly set to a hybrid port. You must set the trunk port to an access port and then set it
to a hybrid port.
By default, the link type of any port is access.
Example
# Set Ethernet1/0/1 as a trunk port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] port link-type trunk
1-24
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
1.1.26 port monitor last
Syntax
port monitor last [ value ]
undo port monitor last
View
Ethernet port view
Parameter
value: Delay of reporting down state to the system, in the range of 0 to 60. When this
argument is set to 0, the port will report its state as soon as it is brought down. The
bigger this argument is, the longer delay it takes for a port to report its down state to the
system.
Description
Use the port monitor last command to set the delay of reporting down state to the
system for the current port.
Use the undo port monitor last command to restore the delay of reporting down state
to the system for the current port to the default value, which is related to the
configuration performed in system view:
z
If you have configured the global delay in stem view (refer to 1.1.27 port monitor
last slot for details), the default delay will be the global delay.
z
If no global delay is configured, the default delay is 1.
Note:
The delay of reporting down state to the system can be configured in either system view
or Ethernet port view. If the delay is configured in both system view and Ethernet port
view simultaneously, the configuration performed in Ethernet port view is given priority.
After the setting, you can use the display interface command to display the
information about the field “Port monitor last value”.
Example
# Set the delay of reporting down state to the system to 5 for Ethernet1/0/1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] port monitor last 5
1-25
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
1.1.27 port monitor last slot
Syntax
port monitor last [ slot slot-number ] value
undo port monitor last [ slot slot-number ]
View
System view
Parameter
slot-number: Number of the slot where the board resides.
value: Delay of reporting down state to the system, in the range of 0 to 60. When this
argument is set to 0, the port will report its state as soon as it is brought down. The
bigger this argument is, the longer delay it takes for a port to report its down state to the
system.
Description
Use the port monitor last command to set the delay of reporting down state to the
system for the ports of all the LPUs or the specified LPU.
Use the undo port monitor last command to restore the delay to the default value.
By default, the delay of reporting down state to the system is 1.
After the setting, you can use the display interface command to display the
information about the field “Port monitor last value”.
Example
# Set the delay of report down state to the system to 10 for the ports on the LPU in slot
5.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] port monitor last slot 5 10
1.1.28 port trunk permit vlan
Syntax
port trunk permit vlan { vlan-id-list | all }
undo port trunk permit vlan { vlan-id-list | all }
View
Ethernet port view
1-26
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Parameter
vlan-id-list: VLAN range to which the trunk port will be added. vlan-id-list = [ vlan-id1 [ to
vlan-id2 ] ]&<1-10>, where, vlan-id is in the range of 1 to 4094 and can be discrete, and
&<1-10> means you can input up to ten VLAN IDs/ID ranges.
all: Adds the trunk port into all VLANs.
Description
Use the port trunk permit vlan command to add the trunk port into the specified
VLAN.
Use the undo port trunk permit vlan command to remove the hybrid port from the
specified VLAN.
A trunk port can belong to multiple VLANs. When you use the command several times,
all VLAN specified in the commands will be allowed to pass the port.
Related command: port link-type.
Example
# Add the trunk port Ethernet1/0/1 to VLAN 2, VLAN 4 and VLAN 50 through VLAN
100.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] port trunk permit vlan 2 4 50 to 100
Please wait...
Done.
# Remove Ethernet1/0/1 form VLAN1.
[3Com-Ethernet1/0/1] undo port trunk permit vlan 1
Please wait...
Done.
1.1.29 port trunk pvid vlan
Syntax
port trunk pvid vlan vlan-id
undo port trunk pvid
View
Ethernet port view
Parameter
vlan-id: VLAN ID defined in IEEE802.1Q, in the range of 1 to 4094. It is 1 by default.
1-27
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Description
Use the port trunk pvid vlan command to set the default VLAN ID for the trunk port.
Use the undo port trunk pvid command to restore the default setting.
To guarantee the proper packet transmission, the default VLAN ID of the local trunk port
must be identical with that of the trunk port on the peer switch connected with the local
trunk port.
Related command: port link-type.
Example
# Set the default VLAN ID of the trunk port Ethernet1/0/1 to 100.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] port trunk pvid vlan 100
1.1.30 reset counters interface
Syntax
reset counters interface [ interface-type | interface-type interface-number ]
View
User view
Parameter
interface-type: Port type.
interface-number: Port number.
Description
Use the reset counters interface command to clear the statistics of the port, preparing
for a new statistics collection.
z
If you specify neither port type nor port number, the command clears statistics of
all ports.
z
If specify only port type, the command clears statistics of all ports of this type.
z
If specify both port type and port number, the command clears statistics of the
specified port.
Example
# Clear the statistics of Ethernet1/0/1.
<3Com> reset counters interface ethernet1/0/1
1-28
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
1.1.31 shutdown
Syntax
shutdown
undo shutdown
View
Ethernet port view
Parameter
None
Description
Use the shutdown command to disable an Ethernet port.
Use the undo shutdown command to enable an Ethernet port.
By default, an Ethernet port is enabled.
Example
# Enable Ethernet1/0/1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] undo shutdown
1.1.32 speed
Syntax
speed { 10 | 100 | 1000 | 10000 | auto }
undo speed
View
Ethernet port view
Parameter
10: Specifies the port speed to 10 Mbps.
100: Specifies the port speed to 100 Mbps.
1000: Specifies the port speed to 1000 Mbps.
auto: Specifies the port speed to the auto-negotiation mode.
1-29
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Note:
For ports of different types, the parameter prompts after you enter the speed command
are also different.
Description
Use the speed command to set the port speed.
Use the undo speed command to restore the port speed to the default setting.
By default, the port speed is in the auto-negotiation mode.
Example
# Set the speed of Ethernet1/0/1 to 10 Mbps.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] speed 10
1.1.33 speedup
Syntax
speedup enable
speedup disable
View
System view
Parameter
None
Description
Use the speedup enable command to enable the hardware speedup function outside
the port.
Use the speedup disable command to disable the hardware speedup function outside
the port.
By default, the hardware speedup function outside the port is disabled.
1-30
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Note:
z
The commands above are applicable to type-A LPUs only, including 3C16860,
3C16861, 3C16858, and 3C16859.
z
The commands above are diagnostic, so you cannot use them at discretion.
Example
# Enable the hardware speedup function outside the port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] speedup enable
1.1.34 unicast-suppression
Syntax
unicast-suppression { ratio | bandwidth { mbps-value | kbps kbps-value } | pps
max-pps }
undo unicast-suppression
View
Ethernet port view
Parameter
ratio: Maximum ratio of the received unknown unicast traffic to the total bandwidth on
an Ethernet port. The value ranges from 1 to 100 in the step of 1 and defaults to 100.
The smaller the ratio is, the less unknown unicast traffic is allowed.
mbps-value: Maximum bandwidth (in Mbps) for receiving unknown unicast traffic on an
Ethernet port. The range of the mbps-value argument depends on the port type:
z
1 to 100 for 100 Mbps Ethernet ports;
z
1 to 1000 for 1000 Mbps Ethernet ports;
z
1 to 10,000 Mbps for 10 GE ports.
kbps kbps-value: Specifies the maximum bandwidth (in Kbps) for receiving unknown
unicast traffic, in the range of 64 to 1,024,000 in the step of 64.
max-pps: Maximum number of unknown unicast packets allowed to be received per
second on the Ethernet port (in pps). The range of the max-pps argument depends on
the port type.
z
0 to 100 for 148810 Mbps Ethernet ports;
z
0 to 1000 for 1488100 Mbps Ethernet ports;
z
0 to 14881000 Mbps for 10 GE ports.
1-31
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Description
Use the unicast-suppression command to set the size of unknown unicast traffic
allowed to be received on the current port.
Use the undo unicast-suppression command to restore the size of unknown unicast
traffic allowed to be received on the current port.
When incoming unknown unicast traffic on the port exceeds the threshold you set, the
system drops the packets exceeding the threshold to reduce the unknown unicast
traffic ratio to the reasonable range, so as to keep normal network service.
This function is disabled by default.
Caution:
Type-A LPUs (including 3C16860, 3C16861, 3C16858, and 3C16859) do not support
enabling unknown unicast suppression on a port.
Example
# Allow the incoming unknown unicast traffic on the Ethernet1/0/1 port to occupy at
most 20% of the bandwidth on the port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface ethernet 1/0/1
[3Com-Ethernet1/0/1] unicast-suppression 20
# Set the maximum number of unknown unicast packets that can be forwarded per
second by Ethernet1/0/1 to 1,000 pps.
[3Com-Ethernet1/0/1] unicast-suppression pps 1000
1.1.35 virtual-cable-test
Syntax
virtual-cable-test
View
Ethernet port view
Parameter
None
1-32
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Chapter 1 Port Basic Configuration Commands
Description
Use the virtual-cable-test command to enable the system to test the cable connected
to a specific port and to display the results. The system can test these attributes of the
cable:
z
Cable status, including normal, abnormal, abnormal-open, abnormal-short and
failure
z
Cable length
Note:
z
If the cable is in normal state, the displayed information is “-”.
z
If the cable is in any other state, the displayed length value is the length from the
port to the faulty point.
z
Pair impedance mismatch
z
Pair skew
z
Pair swap
z
Pair polarity
z
Insertion loss
z
Return loss
z
Near-end crosstalk
By default, the system does not test the cable connected to the Ethernet port.
Note:
z
The combo port does not support the virtual-cable-test command.
z
The error for cable length tested through the virtual-cable-test command is ±5m.
Example
# Enable the system to test the cable connected to Ethernet1/0/1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet0/1] virtual-cable-test
Cable status: abnormal(open), 7 metres
Pair Impedance mismatch: yes
Pair skew: 4294967294 ns
Pair swap: swap
1-33
3Com Switch 7750 Series
Command Reference Guide — Basic Port Commands
Pair polarity: normal
Insertion loss: 7 db
Return loss: 7 db
Near-end crosstalk: 7 db
1-34
Chapter 1 Port Basic Configuration Commands
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Table of Contents
Table of Contents
Chapter 1 Link Aggregation Configuration Commands............................................................ 1-1
1.1 Link Aggregation Configuration Commands...................................................................... 1-1
1.1.1 display lacp system-id ............................................................................................. 1-1
1.1.2 display link-aggregation interface............................................................................ 1-1
1.1.3 display link-aggregation summary........................................................................... 1-3
1.1.4 display link-aggregation verbose............................................................................. 1-4
1.1.5 hash......................................................................................................................... 1-6
1.1.6 lacp enable .............................................................................................................. 1-7
1.1.7 lacp port-priority....................................................................................................... 1-7
1.1.8 lacp system-priority ................................................................................................. 1-8
1.1.9 link-aggregation....................................................................................................... 1-9
1.1.10 link-aggregation group description ........................................................................ 1-9
1.1.11 link-aggregation group mode .............................................................................. 1-10
1.1.12 port link-aggregation group ................................................................................. 1-11
1.1.13 reset lacp statistics.............................................................................................. 1-11
i
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Chapter 1 Link Aggregation Configuration Commands
Chapter 1 Link Aggregation Configuration
Commands
1.1 Link Aggregation Configuration Commands
1.1.1 display lacp system-id
Syntax
display lacp system-id
View
Any view
Parameter
None
Description
Use the display lacp system-id command to display the device ID of the local system,
including the system priority and the MAC address.
Example
# Display the device ID of the local system.
<3Com> display lacp system-id
Actor System ID: 0x8000, 00e0-fc00-0100
Table 1-1 Description on the fields of the display lacp system-id command
Field
Actor System ID
Description
Device ID of the local system, including the system
priority and the system MAC address
1.1.2 display link-aggregation interface
Syntax
display
link-aggregation
interface
interface-type interface-number ]
1-1
interface-type
interface-number
[
to
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Chapter 1 Link Aggregation Configuration Commands
View
Any view
Parameter
interface interface-type interface-number [ to
interface-type interface-number ]:
Specifies a port range.
z
If the to keyword is not specified, only one port is specified;
z
If the to keyword is specified, multiple contiguous ports are specified;
z
The interface-type argument represents the port type and the interface-num
argument represents the port number.
Description
Use the display link-aggregation interface command to display the link aggregation
details about a specified port or port range, including:
z
Link aggregation group ID of the specified port or port range
z
Port priority, operation key and LACP status flag of the local end,
z
Device ID, port number, port priority, operation key and protocol status flag and
LACP packet statistics of the remote end
Note that, for a manual aggregation group, value 0 is displayed for all the above items
of the remote end (which does not indicate the real information of the remote end),
since information about the remote end cannot be obtained for a manual aggregation
group.
Example
# Display the link aggregation details on the specified port.
<3Com> display link-aggregation interface ethernet1/0/1
Ethernet1/0/1:
Attached AggID: 20
Local:
Port-Priority: 32768, Oper key: 2, Flag: 0x3d
Remote:
System ID: 0x8000, 000e-84a6-fb00
Port Number: 2, Port-Priority: 32768 , Oper-key: 10, Flag: 0x3d
Received LACP Packets: 8 packet(s), Illegal: 0 packet(s)
Sent LACP Packets: 9 packet(s)
1-2
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Chapter 1 Link Aggregation Configuration Commands
Table 1-2 Description on the fields of the display link-aggregation interface
command
Field
Description
ID of the aggregation group to which the
specified port belongs
Attached AggID
Local:
Port-Priority: 32768, Oper key: 1,
Flag: 0x00
Remote:
System ID: 0x0, 0000-0000-0000
Port Number: 0, Port-Priority: 0,
Oper-key: 0, Flag: 0x00
Received LACP Packets: 0 packet(s),
Illegal: 0 packet(s)
Sent LACP Packets: 0 packet(s)
Port priority, operation key and LACP
status flag of the local end
Device ID, port number, port priority,
operation key and LACP status flag of the
remote end
Statistics about LACP packets, including:
the number of received LACP packets,
the number of illegal LACP packets and
the number of send LACP packets
1.1.3 display link-aggregation summary
Syntax
display link-aggregation summary
View
Any view
Parameter
None
Description
Use the display link-aggregation summary command to display summary
information of all aggregation groups, including device ID of the local end, aggregation
group ID, aggregation group type, device ID of the remote end, number of the selected
ports, number of the unselected ports, load sharing type and master port number.
Example
# Display summary information of all aggregation groups.
<3Com> display link-aggregation summary
Aggregation Group Type: D -- Dynamic, S -- Static, M -- Manual
Loadsharing Type: Shar – Loadsharing, NonS – Non-Loadsharing
Actor ID: 0x8000, 00e0-fcff-ff04
1-3
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
AL
AL
ID
Type
Chapter 1 Link Aggregation Configuration Commands
Partner ID
Select Standby Share
Master
Ports Ports
Port
Type
------------------------------------------------------------------1
D
0x8000,00e0-fcff-ff01 1
0
NonS
Ethernet4/0/1
10
M
none
0
NonS
Ethernet4/0/2
20
S
0x8000,00e0-fcff-ff01 1
0
NonS
Ethernet4/0/3
1
Table 1-3 Description on the fields of the display link-aggregation summary
command
Field
Description
Actor ID
Local device ID
AL ID
Aggregation group ID
AL Type
Aggregation group type: D (dynamic), S (static), or M (manual)
Partner ID
ID of the remote device
Select Ports
Number of the selected ports
Standby Ports
Number of standby ports
Share Type
Load sharing type: Shar (load-sharing), or NonS
(non-load-sharing)
Master Port
Number of the master port
1.1.4 display link-aggregation verbose
Syntax
display link-aggregation verbose [ agg-id ]
View
Any view
Parameter
agg-id: ID of the aggregation group to be displayed, which must be the ID of the
existing aggregation group, in the range of 1 to 384.
Description
Use the display link-aggregation verbose command to display the details about a
specified aggregation group, including:
z
Aggregation group ID, aggregation group type, load sharing type, aggregation
group description string;
1-4
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
z
Chapter 1 Link Aggregation Configuration Commands
Local end details: device ID, port number, port status, port priority, LACP flag,
operation key and connection status;
z
Remote end details: local port, remote port index, remote port priority, operation
key, and device ID.
Note that, for a manual aggregation group, value 0 is displayed for all the above items
of the remote end (which does not indicate the real information of the remote end),
since information about the remote end cannot be obtained for a manual aggregation
group.
Example
# Display the details about aggregation group 1.
<3Com> display link-aggregation verbose 1
Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing
Aggregation ID: 1, AggregationType: Static,
Loadsharing Type: NonS
Aggregation Description:
System ID: 0x8000, 000f-e218-d0d0
Port Status: S -- Selected, T -- sTandby
Local:
Port
Status Priority Flag Oper-Key Link-Status
-------------------------------------------------------------------------GigabitEthernet3/0/1
S
32768
0x7d 1
Up
GigabitEthernet3/0/2
T
32768
0x45 2
Down
Remote:
Actor
Partner Priority Flag Oper-Key SystemID
-------------------------------------------------------------------------GigabitEthernet3/0/1
0
32768
0x38
0
0
32768
0x30
0
0x8000,0000-0000-0000
GigabitEthernet3/0/2
0x8000,0000-0000-0000
Table 1-4 Description on the fields of the display link-aggregation verbose
command
Field
Description
Aggregation ID
Aggregation group ID
AggregationType
Aggregation group type, including dynamic
aggregation, static aggregation and manual
aggregation
Loadsharing Type
Loadsharing type, including Loadsharing and
Non-Loadsharing
Aggregation Description
Aggregation group description string
System ID
Local device ID
1-5
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Chapter 1 Link Aggregation Configuration Commands
Field
Description
Port state
Port state
Local
Other information about the local end, including
port number, port state, port priority, LACP flag,
operation key and connection status
Remote
Detailed information about the remote end,
including: local port number, remote port index,
port priority, flag bit, operation key and device ID
1.1.5 hash
Syntax
hash { dstip | dstmac | ip | l4port | mac | srcip | srcmac } { ioboard slot slot-number
| mainboard }
undo hash { dstip | dstmac | ip | l4port | mac | srcip | srcmac } { ioboard slot
slot-number | mainboard }
View
System view
Parameter
dstip: Specifies a destination IP address as the HASH algorithm parameter.
dstmac: Specifies a destination MAC address as the HASH algorithm parameter.
ip: Specifies the value obtained from the XOR operation performed between the
source IP address and the destination IP address as the HASH algorithm parameter.
l4port: Specifies the port number of TCP or UDP as the HASH algorithm parameter.
mac: Specifies the value obtained from the XOR operation performed between the
source MAC address and the destination MAC address as the HASH algorithm
parameter.
srcip: Specifies to use a source IP address as the parameter of the HASH algorithm.
srcmac: Specifies a source MAC address as the HASH algorithm parameter.
ioboard: Enables configured parameter to be valid for LPUs only.
slot slot-num: Specifies a slot number of the LPU.
mainboard: Enables configured parameter to be valid for SRPUs only.
Description
Use the hash command to configure parameters used by the HASH algorithm in link
aggregation.
1-6
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Chapter 1 Link Aggregation Configuration Commands
Use the undo hash command to cancel the configuration.
By default, the parameter used by the HASH algorithm in link aggregation is ip.
Example
# For LPU 2, use the destination IP address as the parameter of the HASH algorithm.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hash dstip ioboard solt 2
1.1.6 lacp enable
Syntax
lacp enable
undo lacp enable
View
Ethernet port view
Parameter
None
Description
Use the lacp enable command to enable the LACP protocol.
Use the undo lacp enable command to disable the LACP protocol.
Example
# Enable the LACP protocol on Ethernet1/0/1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] lacp enable
1.1.7 lacp port-priority
Syntax
lacp port-priority port-priority-value
undo lacp port-priority
View
Ethernet port view
1-7
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Chapter 1 Link Aggregation Configuration Commands
Parameter
port-priority-value: Port priority, ranging from 0 to 65,535 and defaulting to 32,768.
Description
Use the lacp port-priority command to set the priority of the current port.
Use the undo lacp port-priority command to restore the default port priority.
Example
# Set the port priority to 64.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] lacp port-priority 64
1.1.8 lacp system-priority
Syntax
lacp system-priority system-priority-value
undo lacp system-priority
View
System view
Parameter
system-priority-value: System priority, ranging from 0 to 65,535 and defaulting to
32,768.
Description
Use the lacp system-priority command to set the system priority.
Use the undo lacp system-priority command to restore the default system priority.
Example
# Set the system priority to 64.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] lacp system-priority 64
1-8
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Chapter 1 Link Aggregation Configuration Commands
1.1.9 link-aggregation
Syntax
link-aggregation interface-type interface-number to interface-type interface-number
[ both ]
View
System view
Parameter
interface-type: Port type.
interface-num: Port number.
to: Specifies a series of contiguous ports.
both: Performs load sharing for both inbound traffic and outbound traffic on all
member ports in the aggregation group.
Description
Use the link-aggregation command to add a series of ports to a new manual
aggregation group, to which the system assigns a new group number. The
link-aggregation group agg-id mode command and the port link-aggregation
group command can be used together to implement the function of the
link-aggregation command.
By default:
z
For IP packets, the system performs load sharing based on IP addresses;
z
For non-IP packets, the system performs load sharing based on MAC addresses.
Example
# Set up an aggregation group with Ethernet1/0/1 to Ethernet1/0/4 and perform load
sharing for both inbound and outbound traffic of the aggregation group.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] link-aggregation ethernet1/0/1 to ethernet1/0/4 both
1.1.10 link-aggregation group description
Syntax
link-aggregation group agg-id description agg-name
undo link-aggregation group agg-id description
1-9
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Chapter 1 Link Aggregation Configuration Commands
View
System view
Parameter
agg-id: Aggregation group ID, in the range of 1 to 384.
agg-name: Aggregation group name, a string of 1 to 32 characters.
Description
Use the link-aggregation group description command to set a description for an
aggregation group.
Use the undo link-aggregation group description command to remove the
description of the aggregation group.
Example
# Set the description "office" for aggregation group 22.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] link-aggregation group 22 description office
1.1.11 link-aggregation group mode
Syntax
link-aggregation group agg-id mode { manual | static }
undo link-aggregation group agg-id
View
System view
Parameter
agg-id: Aggregation group ID, in the range of 1 to 384.
manual: Creates a manual aggregation group.
static: Creates a static aggregation group.
Description
Use the link-aggregation group mode command to create a manual or static
aggregation group.
Use the undo link-aggregation group command to remove an aggregation group.
Example
# Create manual aggregation group 22
1-10
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Chapter 1 Link Aggregation Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] link-aggregation group 22 mode manual
1.1.12 port link-aggregation group
Syntax
port link-aggregation group agg-id
undo port link-aggregation group
View
Ethernet port view
Parameter
agg-id: Aggregation group ID, in the range of 1 to 384.
Description
Use the port link-aggregation group command to add the current Ethernet port to a
manual or static aggregation group.
Use the undo port link-aggregation group command to remove the current Ethernet
port from the aggregation group.
Example
# Add Ethernet1/0/1 to aggregation group 22.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] port link-aggregation group 22
1.1.13 reset lacp statistics
Syntax
reset lacp statistics [ interface interface-type interface-number [ to interface-type
interface-number ] ]
View
User view
Parameter
interface interface-type interface-number [ to
Specifies a port range.
1-11
interface-type interface-number ]:
3Com Switch 7750 Series
Command Reference Guide — Link Aggregation
Chapter 1 Link Aggregation Configuration Commands
z
If the to keyword is not specified, only one port is specified;
z
If the to keyword is specified, multiple contiguous ports are specified;
z
The interface-type argument represents the port type and the interface-num
argument represents the port number.
Description
Use the reset lacp statistics command to clear LACP statistics on specified port(s),
or on all ports if no port is specified.
Example
# Clear LACP statistics on all Ethernet ports.
<3Com> reset lacp statistics
1-12
3Com Switch 7750 Series
Command Reference Guide – Port Isolation
Table of Contents
Table of Contents
Chapter 1 Port Isolation Configuration Commands .................................................................. 1-1
1.1 Port Isolation Configuration Commands............................................................................ 1-1
1.1.1 description ............................................................................................................... 1-1
1.1.2 display isolate port .................................................................................................. 1-1
1.1.3 port .......................................................................................................................... 1-2
1.1.4 port isolate............................................................................................................... 1-3
1.1.5 port-isolate group .................................................................................................... 1-4
i
3Com Switch 7750 Series
Command Reference Guide – Port Isolation
Chapter 1 Port Isolation Configuration Commands
Chapter 1 Port Isolation Configuration Commands
1.1 Port Isolation Configuration Commands
1.1.1 description
Syntax
description text
undo description
View
Isolation group view
Parameter
text: Description string for an isolation group, in the range of 1 character to 80
characters.
Description
Use the description command to specify the description string for the current isolation
group.
Use the undo description command to remove the description string for the current
isolation group.
By default, no description string is specified for the isolation group.
Example
# Specify home as the description string for isolation group 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] port-isolate group 1
[3Com-port-isolate-group1] description home
1.1.2 display isolate port
Syntax
display isolate port [ group group-id ]
View
Any view
1-1
3Com Switch 7750 Series
Command Reference Guide – Port Isolation
Chapter 1 Port Isolation Configuration Commands
Parameter
group-id: ID of an isolation group, in the range of 1 to 64.
Description
Use the display isolate port command to display the configuration of the created
isolation group, including:
z
ID of the isolation group
z
Description string for the isolation group
z
Ports that the isolation group contains
Example
# Display the configuration of isolation group 1.
<3Com> display isolate port group 1
Isolate group ID: 1
Description: home
Isolated port(s) in group 1:
GigabitEthernet1/0/3 GigabitEthernet1/0/1 GigabitEthernet1/0/2
1.1.3 port
Syntax
port interface-list
undo port interface-list
View
Isolation group view
Parameter
interface-list: List of destination ports, expressed in the form of interface-list =
interface-type interface-number [ to interface-type interface-number ] &<1-10>., where:
z
The interface-type argument represents the bound port type;
z
The interface-number argument represents the bound port number;
z
The to keyword specifies a group of contiguous ports. The port number after the to
keyword must be no smaller than the port number before the to keyword.
z
&<1-10> means that you can provide the port index for up to 10 times.
Description
Use the port command to add the specified ports to the isolation group.
Use the undo port command to remove the specified ports from the isolation group.
By default, an isolation group contains no Ethernet port.
1-2
3Com Switch 7750 Series
Command Reference Guide – Port Isolation
Chapter 1 Port Isolation Configuration Commands
This command functions the same as the 1.1.4 port isolate command except that
Ethernet ports must be specified in this command.
Example
# Add GigabitEthernet1/0/1 to isolation group 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] port-isolate group 1
[3Com-port-isolate-group1] port GigabitEthernet1/0/1
1.1.4 port isolate
Syntax
port isolate group-id
undo port isolate
View
Ethernet port view
Parameter
group-id: ID of an isolation group, in the range of 1 to 64.
Description
Use the port isolate command to add the current Ethernet port to the created isolation
group.
Use the undo port isolate command to remove the current Ethernet port from the
isolation group.
By default, an isolation group contains no port.
This command functions the same as the 1.1.3 port command except that Ethernet
ports need not be specified in this command.
Note:
An Ethernet port belongs to only one port isolation group. If you add an Ethernet port to
different isolation groups, the port belongs to only the latest isolation group to which the
port is added.
Example
# Add GigabitEthernet1/0/1 port to isolation group 1.
1-3
3Com Switch 7750 Series
Command Reference Guide – Port Isolation
Chapter 1 Port Isolation Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface gigabitethernet1/0/1
[3Com-GigabitEthernet1/0/1] port isolate group 1
1.1.5 port-isolate group
Syntax
port-isolate group group-id
undo port-isolate group group-id
View
System view
Parameter
group-id: ID of an isolation group, in the range of 1 to 64.
Description
Use the port-isolate group command to create an isolation group.
Use the undo port-isolate command to remove the specified isolation group.
By default, an isolation contains no Ethernet ports.
Example
# Create isolation group 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] port-isolate group 1
[3Com-port-isolate-group1]
1-4
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Table of Contents
Table of Contents
Chapter 1 Port Security Commands............................................................................................ 1-1
1.1 Port Security Commands................................................................................................... 1-1
1.1.1 display port-security ................................................................................................ 1-1
1.1.2 port-security enable................................................................................................. 1-3
1.1.3 port-security intrusion-mode.................................................................................... 1-4
1.1.4 port-security authorization ignore............................................................................ 1-6
1.1.5 port-security max-mac-count................................................................................... 1-7
1.1.6 port-security ntk-mode ............................................................................................ 1-7
1.1.7 port-security oui....................................................................................................... 1-9
1.1.8 port-security port-mode ......................................................................................... 1-10
1.1.9 port-security timer disableport............................................................................... 1-13
1.1.10 port-security trap ................................................................................................. 1-14
Chapter 2 Port Binding Commands............................................................................................. 2-1
2.1 Port Binding Commands.................................................................................................... 2-1
2.1.1 am user-bind interface ............................................................................................ 2-1
2.1.2 am user-bind ........................................................................................................... 2-2
2.1.3 display am user-bind ............................................................................................... 2-3
i
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
Chapter 1 Port Security Commands
1.1 Port Security Commands
1.1.1 display port-security
Syntax
display port-security [ interface interface-list ]
View
Any view
Parameter
interface-list: Ethernet port list, which can contain multiple Ethernet ports. The
interface-list argument is in the format of { interface-type interface-number [ to
interface-type interface-number ] } & <1-10>, where interface-type represents the port
type, interface-number represents the port number, and & <1-10> means that you can
provide up to 10 port indexes/port index ranges in this argument.
Description
Use the display port-security command to display information about port security
configuration (including global configuration, and configuration on specified or all
ports).
By checking the output of this command, you can verify the current configuration.
Caution:
z
This command will display global and all ports' security configuration information if
the interface-list argument is not specified.
z
This command will display global and particular port's security configuration
information if the interface-list argument is specified.
Example
# Display global and all ports' security configuration information.
<3Com> display port-security
Equipment port-security is enabled
1-1
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
AddressLearn trap is Enabled
Intrusion trap is Enabled
Dot1x logon trap is Enabled
Dot1x logoff trap is Enabled
Dot1x logfailure trap is Enabled
RALM logon trap is Enabled
RALM logoff trap is Enabled
RALM logfailure trap is Enabled
Vlan id assigned is NULL
Disableport Timeout: 20 s
OUI value:
Index is 5,
OUI value is 00efec
GigabitEthernet1/0/1 is link-down
Port mode is Userlogin
NeedtoKnow mode is needtoknowonly
Intrusion mode is disableport
Max mac-address num is 100
Stored mac-address num is 0
Authorization is permit
(Any display that follows is omitted.)
Table 1-1 Description on the fields of the display port-security command
Field
Description
Equipment port security is enabled
Port security is enabled on the switch.
AddressLearn trap is Enabled
The sending of address-learning trap
messages is enabled.
Intrusion trap is Enabled
The sending of intrusion-detection trap
messages is enabled.
Dot1x logon trap is Enabled
The
sending
of
802.1x
user
authentication success trap messages is
enabled.
Dot1x logoff trap is Enabled
The sending of 802.1x user logoff trap
messages is enabled.
Dot1x logfailure trap is Enabled
The
sending
of
802.1x
user
authentication failure trap messages is
enabled.
RALM logon trap is Enabled
The sending of RALM authentication
success trap messages is enabled.
RALM logoff trap is Enabled
The sending of RALM logoff trap
messages is enabled.
RALM logfailure trap is Enabled
The sending of RALM authentication
failure trap messages is enabled.
1-2
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Field
Chapter 1 Port Security Commands
Description
Vlan id assigned is NULL
The delivered VLAN ID is null.
Disableport Timeout: 20 s
The temporary port-disabling time is 20
seconds.
OUI value
The next line displays OUI value.
GigabitEthernet1/0/1 is link-down
The
link
status
of
the
GigabitEthernet 1/0/1 is "down".
Port mode is Userlogin
The security mode of the port is
Userlogin.
NeedtoKnow mode is needtoknowonly
The NTK mode is ntkonly.
Intrusion mode is disableport
The intrusion
disableport.
Max mac-address num is 100
The maximum number of MAC
addresses allowed on the port is 100.
Stored mac-address num is 0
No MAC address is stored.
Authorization is permit
Authorization information delivered by
the RADIUS server will be applied to the
port.
detection
1.1.2 port-security enable
Syntax
port-security enable
undo port-security enable
View
System view
Parameter
None
Description
Use the port-security enable command to enable port security.
Use the undo port-security enable command to disable port security.
By default, port security is disabled.
1-3
mode
port
is
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
Caution:
To avoid confliction, the following restrictions on 802.1x authentication and MAC
address authentication occur after port security is enabled:
z
The access control mode (set by the dot1x port-control command) automatically
z
The dot1x, dot1x port-method, dot1x port-control and mac-authentication
changes to auto.
commands cannot be used.
Example
# Enter system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
# Enable port security.
[3Com] port-security enable
Ethernet1/0/1
Notice:
The
port-control
of
802.1x
will
be
restricted
to
auto
when
port-security is enabled.
Please wait... Done.
1.1.3 port-security intrusion-mode
Syntax
port-security intrusion-mode { disableport | disableport-temporarily | blockmac }
undo port-security intrusion-mode
View
Ethernet port view
Parameter
disableport: Specifies to permanently disable the port.
disableport-temporarily: Specifies to temporarily disable the port, and enable the port
after a pre-set time.
blockmac: Specifies to discard the packets with illegal source MAC addresses.
1-4
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
Note:
If intrusion protection mode is set to disableport-temporarily on the port, the time set
by the port-security timer disableport command determines how long the system
temporarily disables the port when intrusion protection is triggered on the port.
Description
Use the port-security intrusion-mode command to set the action to be taken by the
device when intrusion protection is triggered on the port.
Use the undo port-security intrusion-mode command to cancel the action setting.
By default, no action is set.
Note:
By checking the source MAC addresses in inbound data frames or the username and
password in 802.1x authentication requests on a port, intrusion protection detects
illegal packets (packets with illegal MAC address) or events and takes a pre-set action
accordingly.
The
actions
you
can
set
include:
disconnecting
the
port
temporarily/permanently and blocking packets with invalid MAC addresses.
The following cases can trigger intrusion protection on a port:
z
A packet with unknown source MAC address is received on the port while MAC
address learning is disabled on the port.
z
A packet with unknown source MAC address is received on the port while the
amount of security MAC addresses on the port has reached the preset maximum
number.
z
The user fails the 802.1x or MAC address authentication.
After executing the intrusion-mode blockmac command, you can only use the
display port-security command to view blocked MAC addresses, which you cannot
configure as static MAC addresses.
Example
# Enter system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
# Enable port security.
[3Com] port-security enable
# Enter GigabitEthernet1/0/1 port view.
1-5
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
[3Com] interface GigabitEthernet1/0/1
# Configure the switch to disable GigabitEthernet1/0/1 when intrusion protection is
triggered on the port.
[3Com-GigabitEthernet1/0/1] port-security intrusion-mode disableport
1.1.4 port-security authorization ignore
Syntax
port-security authorization ignore
undo port-security authorization ignore
View
Ethernet port view
Parameter
None
Description
Use the port-security authorization ignore command to configure the port to ignore
the authorization information delivered by the RADIUS server.
Use the undo port-security authorization ignore command to restore the default
configuration.
By default, the port uses (does not ignore) the authorization information delivered by
the RADIUS server.
z
With the port-security authorization ignore command executed, issuing the
display port-security interface command will display "Authorization is ignore" in
the output information.
z
With the undo port-security authorization ignore command executed, issuing
the display port-security interface command will display "Authorization is
permit" in the output information.
Example
# Configure GigabitEthernet1/0/2 to ignore the authorization information delivered from
the RADIUS server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet1/0/2
[3Com-GigabitEthernet1/0/2] port-security authorization ignore
1-6
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
1.1.5 port-security max-mac-count
Syntax
port-security max-mac-count count-value
undo port-security max-mac-count
View
Ethernet port view
Parameter
count-value: Maximum number of MAC addresses allowed on the port, in the range of 1
to 16,384.
Description
Use the port-security max-mac-count command to set the maximum number of MAC
addresses allowed on the port. The number is the sum of the following:
z
Number of MAC addresses that pass 802.1x authentication
z
Number of MAC addresses that pass MAC address authentication
z
Number of security MAC addresses
Use the undo port-security max-mac-count command to cancel this limit.
By default, there is no limit on the number of MAC addresses allowed on the port.
Example
# Enter system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
# Enable port security.
[3Com] port-security enable
# Enter GigabitEthernet1/0/1 port view.
[3Com] interface GigabitEthernet1/0/1
# Set the maximum number of MAC addresses allowed on the port to 100.
[3Com-GigabitEthernet1/0/1] port-security max-mac-count 100
1.1.6 port-security ntk-mode
Syntax
port-security ntk-mode { ntkonly | ntk-withbroadcasts | ntk-withmulticasts }
undo port-security ntk-mode
1-7
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
View
Ethernet port view
Parameter
ntkonly:
Allows
the
port
to
transmit
only
unicast
packets
with
successfully-authenticated destination MAC addresses.
ntk-withbroadcasts: Allows the port to transmit broadcast packets and unicast
packets with successfully-authenticated destination MAC addresses.
ntk-withmulticasts: Allows the port to transmit multicast packets, broadcast packets
and unicast packets with successfully-authenticated destination MAC addresses.
Description
Use the port-security ntk-mode command to set the packet transmission mode the
port adopts when the NTK feature is triggered.
Use the undo port-security ntk-mode command to cancel the setting of packet
transmission mode.
By default, no transmission mode is set on the port.
Table 1-2 shows the trigger conditions of the NTK feature.
Note:
By checking the destination MAC addresses of the data frames to be sent from a port,
the NTK feature ensures that only successfully authenticated devices can obtain data
frames from the port, thus preventing illegal devices from intercepting network data.
Example
# Enter system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
# Enable port security.
[3Com] port-security enable
# Enter GigabitEthernet1/0/1 port view.
[3Com] interface GigabitEthernet1/0/1
# Set the packet transmission mode of the NTK feature to ntk-withbroadcasts on the
current port.
[3Com-GigabitEthernet1/0/1] port-security ntk-mode ntk-withbroadcasts
1-8
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
1.1.7 port-security oui
Syntax
port-security oui OUI-value index index-value
undo port-security oui index id-value
View
System view
Parameter
OUI-value: OUI value. You can input a full MAC address (in hexadecimal format) for
this argument and the system will calculate the OUI value from your input.
index-value: OUI index, ranging from 1 to 16.
Note:
z
The organizationally unique identifiers (OUIs) are assigned by IEEE to different
manufacturers. Each OUI uniquely identifies an equipment manufacturer in the
world and is the higher 24 bits of MAC address.
z
You need only to input a full MAC address in hexadecimal format for the OUI-value
argument in this command, and the system will automatically convert the address
from hexadecimal format to binary format and then take the higher 24 bits of the
resulting binary data as the OUI value.
Description
Use the port-security oui command to set an OUI value for authentication.
Use the undo port-security oui command to cancel the OUI value setting.
Caution:
The OUI value set by this command takes effect only when the security mode of the
port is set to userlogin-withoui by the port-security port-mode command.
Related command: port-security port-mode.
1-9
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
Example
# Set an OUI value by specifying the MAC address 00ef-ec00-0000, with an OUI index
of 5.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] port-security oui 00ef-ec00-0000 index 5
1.1.8 port-security port-mode
Syntax
port-security port-mode mode
undo port-security port-mode
View
Ethernet port view
Parameter
mode: Security mode of the port. See Table 1-2 for the values of this argument.
Description
Use the port-security port-mode command to set the security mode of the port.
Use the undo port-security port-mode command to restore the port to the normal
operating mode.
Port security defines various security modes that allow devices to learn legal source
MAC addresses, in order for you to implement different network security management
as needed. With port security, packets whose source MAC addresses cannot be
learned by your switch in a security mode, or packets that fail to pass 802.1x
authentication are considered illegal.
Table 1-2 describes the available security modes:
1-10
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
Table 1-2 Description of port security modes
Security
mode
Description
In this mode, the port is disabled from learning
MAC addresses.
secure
userlogin
Only those packets whose source MAC addresses
are static MAC addresses configured can pass
through the port.
In this mode, port-based 802.1x authentication is
performed for access users.
1-11
Feature
In the secure
mode, the device
will trigger NTK
and
intrusion
protection upon
detecting
an
illegal packet.
In this mode,
neither NTK nor
intrusion
protection will be
triggered.
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Security
mode
Chapter 1 Port Security Commands
Description
Feature
The port is enabled only after an access user
passes the 802.1x authentication. When the port is
enabled, only the packets of the successfully
authenticated user can pass through the port.
userloginsecure
userloginwithoui
In this mode, only one 802.1x-authenticated user
is allowed to access the port.
When the port changes from the normal mode to
this security mode, the system automatically
removes the existing dynamic MAC address
entries and authenticated MAC address entries on
the port.
This mode is similar to the userlogin-secure
mode, except that, besides the packets of the
single 802.1x-authenticated user, the packets
whose source MAC addresses have a particular
OUI are also allowed to pass through the port.
When the port changes from the normal mode to
this security mode, the system automatically
removes the existing dynamic/authenticated MAC
address entries on the port.
mac-authe
ntication
In this mode, MAC address–based authentication
is performed for access users.
userloginsecure-ormac
In this mode, the two kinds of authentication in
mac-authentication
and
userlogin-secure
modes can be performed simultaneously. If both
kinds
of
authentication
succeed,
the
userlogin-secure mode takes precedence over
the mac-authentication mode.
userloginsecure-els
e-mac
In this mode, first the MAC-based authentication is
performed. If this authentication succeeds, the
mac-authentication mode is adopted, or else, the
authentication in userlogin-secure mode is
performed.
userloginsecure-ext
This mode is similar to the userlogin-secure
mode, except that there can be more than one
802.1x-authenticated user on the port.
userloginsecure-ormac-ext
This
mode
is
similar
to
the
userlogin-secure-or-mac mode, except that
there can be more than one 802.1x-authenticated
user on the port.
userloginsecure-els
e-mac ext
This
mode
is
similar
to
the
mac-else-userlogin-secure mode, except that
there can be more than one 802.1x-authenticated
user on the port.
1-12
In any of these
modes,
the
device will trigger
NTK
and
intrusion
protection upon
detecting
an
illegal packet.
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
Note:
When
a
port
works
in
the
userlogin-secure-else-mac-ext
mode
or
the
userlogin-secure-else-mac mode, for the same packet, intrusion protection can be
triggered only after both MAC authentication and 802.1x authentication fail.
By default, no security mode is set on the port.
Example
# Enter system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
# Enable port security.
[3Com] port-security enable
# Enter GigabitEthernet1/0/1 port view.
[3Com] interface GigabitEthernet1/0/1
# Set the security mode on GigabitEthernet1/0/1 to userlogin.
[3Com-GigabitEthernet1/0/1] port-security port-mode userlogin
1.1.9 port-security timer disableport
Syntax
port-security timer disableport timer
undo port-security timer disableport
View
System view
Parameter
timer: This argument ranges from 20 to 300 and defaults to 20 (in seconds).
Description
Use the port-security timer disableport command to set the time during which the
system temporarily disables a port.
Use undo port-security timer disableport command restore the default time.
1-13
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
Note:
After the port-security intrusion-mode disableport-temporarily command is
executed on a port, the time set by the port-security timer disableport timer
command determines how long the port can be temporarily disabled.
Example
# Set the time during which the system temporarily disables a port to 50 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] port-security timer disableport 50
1.1.10 port-security trap
Syntax
port-security trap { addresslearned | intrusion | dot1xlogon | dot1xlogoff |
dot1xlogfailure | ralmlogon | ralmlogoff | ralmlogfailure }*
undo port-security trap { addresslearned | intrusion | dot1xlogon | dot1xlogoff |
dot1xlogfailure | ralmlogon | ralmlogoff | ralmlogfailure }*
View
System view
Parameter
addresslearned: Enables/disables the sending of MAC address learning trap
messages.
intrusion: Enables/disables the sending of intrusion packet discovery trap messages.
dot1xlogon: Enables/disables the sending of 802.1x user logon trap messages.
dot1xlogoff: Enables/disables the sending of 802.1x user logoff trap messages.
dot1xlogfailure: Enables/disables the sending of 802.1x user authentication failure
trap messages.
ralmlogon: Enables/disables the sending of RALM user logon trap messages.
ralmlogoff: Enables/disables the sending of RALM user logoff trap messages.
ralmlogfailure: Enables/disables the sending of RALM user authentication failure trap
messages.
1-14
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 1 Port Security Commands
Note:
RADIUS
authenticated
login
using
MAC-address
(RALM)
refers
to
MAC
address–based RADIUS authentication.
Description
Use the port-security trap command to enable the sending of specified type(s) of trap
messages.
Use the undo port-security trap command to disable the sending of specified type(s)
of trap messages.
By default, the system disables the sending of any types of trap messages.
Note:
This command is based on the device tracking feature, which enables the switch to
send trap messages when special data packets (generated by illegal intrusion,
abnormal user logon/logoff, or other special activities) are passing through a port, so as
to help the network administrator to monitor special activities.
When you use the display port-security command to display global information, the
system will display which types of trap messages are allowed to send.
Related command: display port-security.
Example
# Allow the sending of intrusion packet discovery trap messages.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] port-security trap intrusion
1-15
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 2 Port Binding Commands
Chapter 2 Port Binding Commands
2.1 Port Binding Commands
2.1.1 am user-bind interface
Syntax
am user-bind mac-addr mac-address ip-addr ip-address interface interface-type
interface-number
undo
am
user-bind
mac-addr mac-address ip-addr ip-address
interface
interface-type interface-number
View
System view
Parameter
mac-address: MAC address to be bound.
ip-address: IP address to be bound.
interface-type: Type of the port to be bound to.
interface-number: Number of the port to be bound to.
Description
Use the am user-bind interface command to bind the MAC and IP addresses of a
legal user to a specified port.
Use the undo am user-bind interface command to cancel the binding.
After such a binding operation, only the user whose device MAC address is identical
with the bound MAC address can use the bound IP address to access the network
through the port.
Note:
An IP address can be bound with only one MAC address, and vice versa.
Example
# Bind the MAC address 00e0-fc00-5101 and IP address 10.153.1.1 (supposing they
are MAC and IP addresses of a legal user) to Ethernet1/0/1 port.
2-1
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 2 Port Binding Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] am user-bind mac-addr 00e0-fc00-5101 ip-addr 10.153.1.1 interface
GigabitEthernet1/0/1
2.1.2 am user-bind
Syntax
am user-bind mac-addr mac-address ip-addr ip-address
undo am user-bind mac-addr mac-address ip-addr ip-address
View
Ethernet port view
Parameter
mac-address: MAC address to be bound.
ip-address: IP address to be bound.
Description
Use the am user-bind command to bind the MAC and IP addresses of a legal user to
the current port.
Use the undo am user-bind command to cancel the binding.
After such a binding operation, only the user whose device MAC address is identical
with the bound MAC address can use the bound IP address to access the network
through the port.
Note:
An IP address can be bound with only one MAC address, and vice versa.
Example
# Bind the MAC address 00e0-fc00-5102 and IP address 10.153.1.2 (supposing they
are MAC and IP addresses of a legal user) to Ethernet1/0/2 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/2
[3Com-Ethernet1/0/2] am user-bind mac-addr 00e0-fc00-5102 ip-addr 10.153.1.2
2-2
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Chapter 2 Port Binding Commands
2.1.3 display am user-bind
Syntax
display am user-bind [ interface interface-type interface-number | mac-addr
mac-addr | ip-addr ip-addr ]
View
Any view
Parameter
interface: Displays binding information on a specified port.
interface-type: Port type.
interface-number: Port number.
mac-addr mac-addr: Displays only the binding information of a specified MAC
address.
ip-addr ip-addr: Displays only the binding information of a specified IP address.
Description
Use the display am user-bind command to display port binding information.
Example
# Display the current system port binding information.
<3Com> display am user-bind
Following User address bind have been configured:
Mac
IP
Port
00e0-fc00-5101
10.153.1.1
Ethernet1/0/1
00e0-fc00-5102
10.153.1.2
Ethernet1/0/2
Unit 1:Total 2 found, 2 listed.
Total: 2 found.
The above output displays that two port binding settings exist on unit 1:
z
MAC address 00e0-fc00-5101 and IP address 10.153.1.1 are bound to
Ethernet1/0/1.
z
MAC address 00e0-fc00-5102 and IP address 10.153.1.2 are bound to
Ethernet1/0/2.
2-3
3Com Switch 7750 Series
Command Reference Guide – DLDP
Table of Contents
Table of Contents
Chapter 1 DLDP Configuration Commands................................................................................ 1-1
1.1 DLDP Configuration Commands ....................................................................................... 1-1
1.1.1 display dldp ............................................................................................................. 1-1
1.1.2 dldp.......................................................................................................................... 1-2
1.1.3 dldp authentication-mode........................................................................................ 1-3
1.1.4 dldp interval ............................................................................................................. 1-4
1.1.5 dldp reset................................................................................................................. 1-5
1.1.6 dldp unidirectional-shutdown................................................................................... 1-6
1.1.7 dldp work-mode....................................................................................................... 1-6
i
3Com Switch 7750 Series
Command Reference Guide – DLDP
Chapter 1 DLDP Configuration Commands
Chapter 1 DLDP Configuration Commands
1.1 DLDP Configuration Commands
1.1.1 display dldp
Syntax
display dldp [ interface-type interface-number ]
View
Any view
Parameter
interface-type: Port type.
interface-number: Port number.
Description
Use the display dldp command to display the configuration information, status
information and neighbor tables of the DLDP-enabled port.
z
The configuration information of the DLDP-enabled port includes the interval,
authentication mode, password, DLDP operating mode, and DLDP handling mode
after a unidirectional link is detected.
z
The status information includes the neighbor status, local port status and link
status.
z
The neighbor table includes the MAC address, port ID, neighbor status and aging
time items.
Example
# Display information about all the DHLP-enabled ports.
<3Com> display dldp
dldp interval 10
dldp work-mode enhance
dldp authentication-mode none
dldp unidirectional-shutdown manual
The port number with DLDP is 2.
interface GigabitEthernet2/0/1
dldp port state : inactive
1-1
3Com Switch 7750 Series
Command Reference Guide – DLDP
Chapter 1 DLDP Configuration Commands
dldp link state : down
The neighbor number of the port is 0.
interface GigabitEthernet2/0/2
dldp port state : advertisement
dldp link state : up
The neighbor number of the port is 1.
neighbor mac address : 00e0-fc27-750d
neighbor port index : 98
neighbor state : two way
neighbor aged time : 24
1.1.2 dldp
Syntax
dldp { enable | disable }
View
System view, Ethernet port view
Parameter
None
Description
In system view:
Use the dldp enable command to enable DLDP globally on all optical ports of the
switch.
Use the dldp disable command to disable DLDP globally on all optical ports of the
switch.
In Ethernet port view:
Use the dldp enable command to enable DLDP on the current port.
Use the dldp disable command to disable DLDP on the current port.
The commands apply to both non-optical ports and optical ports.
By default, DLDP is disabled.
1-2
3Com Switch 7750 Series
Command Reference Guide – DLDP
Chapter 1 DLDP Configuration Commands
Note:
When you use the dldp enable/dldp disable commands in system view to
enable/disable DLDP globally on all optical ports of the switch, these commands are
only valid for the existing optical ports on the device, however, they are not valid for
those added subsequently.
Example
# Enable DLDP globally on all optical ports of the switch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dldp enable
DLDP is enabled on all fiber ports.
1.1.3 dldp authentication-mode
Syntax
dldp authentication-mode { none | simple simple-password | md5 md5-password }
undo dldp authentication-mode
View
System view
Parameter
none: Performs no authentication with the peer port.
simple: Sets the authentication mode with the peer port to plain text.
simple-password: Password for authentication with the peer port, a plaintext string in
the range of 1 character to 16 characters.
md5: Specifies the mode of authentication with the peer port to MD5.
Description
Use the dldp authentication-mode command to set the DLDP authentication mode
and password for the ports of the local and peer devices.
Use the undo dldp authentication-mode to cancel the DLDP authentication mode
and password for the ports of the local and peer devices.
By default, authentication mode is none, that is, authentication is not performed.
Note that:
1-3
3Com Switch 7750 Series
Command Reference Guide – DLDP
Chapter 1 DLDP Configuration Commands
When you configure the DLDP authentication mode and authentication password,
make sure the same DLDP authentication mode and password are set for the ports
connecting the local and peer devices. Otherwise, DLDP authentication fails. DLDP
cannot work when DLDP authentication fails.
Related command: dldp unidirectional-shutdown.
Example
# Enable DLDP on the ports connecting two devices. Plaintext authentication is
performed with the password password1.
z
Configure 3Com A:
<3ComA> system-view
System View: return to User View with Ctrl+Z.
[3ComA] dldp authentication-mode simple password1
z
Configure 3Com B:
<3ComB> system-view
System View: return to User View with Ctrl+Z.
[3ComB] dldp authentication-mode simple password1
1.1.4 dldp interval
Syntax
dldp interval integer
undo dldp interval
View
System view
Parameter
Integer: Interval of sending DLDP packets, in the range of 5 seconds to 100 seconds. It
is 10 seconds by default.
Description
Use the dldp interval command to set the interval of sending advertisement packets
when all the DLDP-enabled ports are in the Advertisement status.
Use the undo dldp interval command to restore the interval to the default value 10
seconds.
By default, the interval of sending advertisement packets is 10 seconds.
Note that:
z
The interval you define is applicable to all DLDP-enabled ports.
z
The interval must be shorter than one-third of the STP convergence time. If too
long an interval is set, an STP loop may occur before DLDP shuts down
1-4
3Com Switch 7750 Series
Command Reference Guide – DLDP
Chapter 1 DLDP Configuration Commands
unidirectional links. On the contrary, if too short an interval is set, network traffic
increases, and port bandwidth is reduced. Generally, the STP convergence time is
30 seconds.
Example
# Set the interval of sending advertisement packets to 20 seconds for all the
DLDP-enabled ports.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dldp interval 20
1.1.5 dldp reset
Syntax
dldp reset
View
System view, Ethernet port view
Parameter
None
Description
In system view:
Use the dldp reset command to reset the DLDP status of all the ports disabled by
DLDP.
In Ethernet port view:
Use the dldp reset command to reset the DLDP status of the current port disabled by
DLDP.
After the dldp reset command is executed, the DLDP status of these ports changes
from disable to active and DLDP restarts to probe the link status of the fiber cables or
copper twisted pairs.
Related command: dldp, and dldp unidirectional-shutdown.
Example
# Reset the DLDP status of all the ports disabled by DLDP.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dldp reset
1-5
3Com Switch 7750 Series
Command Reference Guide – DLDP
Chapter 1 DLDP Configuration Commands
1.1.6 dldp unidirectional-shutdown
Syntax
dldp unidirectional-shutdown { auto | manual }
undo dldp unidirectional-shutdown
View
System view
Parameter
auto: Disables the corresponding port automatically when DLDP detects a
unidirectional link.
manual: Prompts the user to disable the corresponding port manually instead of
disabling the port automatically when DLDP detects an unidirectional link. It stops the
DLDP packet sending/receiving on the port at the same time.
Description
Use the dldp unidirectional-shutdown command to set the DLDP handling mode
when a unidirectional link is found.
Use the dldp unidirectional-shutdown command to restore the default setting.
By default, the handling mode of DLDP after unidirectional links are detected is auto.
Related command: dldp work-mode.
Example
# Configure DLDP to automatically disable the corresponding port when a
unidirectional link is found.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dldp unidirectional-shutdown auto
1.1.7 dldp work-mode
Syntax
dldp work-mode { enhance | normal }
undo dldp work-mode
View
System view
1-6
3Com Switch 7750 Series
Command Reference Guide – DLDP
Chapter 1 DLDP Configuration Commands
Parameter
enhance: Configures DLDP to work in enhanced mode. In this mode, DLDP probes
actively whether neighbors exist when neighbor tables are aging.
normal: Configures DLDP to work in normal mode. In this mode, DLDP does not probe
actively whether neighbors exist when neighbor tables are aging.
Description
Use the dldp work-mode command to set the DLDP operating mode.
Use the undo dldp work-mode command to restore the default DLDP operating
mode.
By default, DLDP works in normal mode.
Example
# Configure DLDP to work in enhanced mode.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dldp work-mode enhance
1-7
3Com Switch 7750 Series
Command Reference Guide – MAC Address Table
Table of Contents
Table of Contents
Chapter 1 MAC Address Table Configuration Commands ....................................................... 1-1
1.1 MAC Address Table Configuration Commands................................................................. 1-1
1.1.1 bridgemactocpu....................................................................................................... 1-1
1.1.2 display mac-address aging-time ............................................................................. 1-2
1.1.3 display mac-address ............................................................................................... 1-2
1.1.4 mac-address............................................................................................................ 1-4
1.1.5 mac-address learning synchronization ................................................................... 1-6
1.1.6 mac-address mac-learning disable ......................................................................... 1-6
1.1.7 mac-address max-mac-count.................................................................................. 1-7
1.1.8 mac-address timer .................................................................................................. 1-8
i
3Com Switch 7750 Series
Command Reference Guide – MAC Address Table
Chapter 1 MAC Address Table Configuration
Commands
Chapter 1 MAC Address Table Configuration
Commands
Note:
This chapter describes the management of static and dynamic MAC address entries.
For information on the management of multicast MAC address entries, refer to the
section related to multicast protocol in the 3Com Switch 7750 Series Command
Reference Guide.
1.1 MAC Address Table Configuration Commands
1.1.1 bridgemactocpu
Syntax
bridgemactocpu { enable | disable }
View
System view
Parameter
enable: Enables the packets to be passed to the CPU for processing.
disable: Disables the packets from being passed to the CPU for processing.
Description
Use the bridgemactocpu command to set whether the packets with destination MAC
address as the bridge MAC address of the switch will be passed to the CPU for
processing.
By default, the packets with destination MAC address as the bridge MAC address of the
switch are not passed to the CPU for processing.
Example
# Enable the packets with destination MAC address as the bridge MAC address of the
switch to be passed to the CPU for processing.
<3Com> system-view
1-1
3Com Switch 7750 Series
Command Reference Guide – MAC Address Table
Chapter 1 MAC Address Table Configuration
Commands
System View: return to User View with Ctrl+Z.
[3Com] bridgemactocpu enable
1.1.2 display mac-address aging-time
Syntax
display mac-address aging-time
View
Any view
Parameter
None
Description
Use the display mac-address aging-time command to display the aging time for the
dynamic MAC address entries in the MAC address table.
Related command: mac-address, mac-address timer, display mac-address.
Example
# Display the aging time for the dynamic MAC address entries.
<3Com> display mac-address aging-time
Mac address aging time: 300s
The output information indicates that the aging time for the dynamic MAC address
entries is 300 seconds.
<3Com> display mac-address aging-time
Mac address aging time: no-aging
The output information indicates that dynamic MAC address entries do not age out.
1.1.3 display mac-address
Syntax
display mac-address [ display-option ]
View
Any view
Parameter
display-option: Option used to display specific MAC address table information, as
described in Table 1-1.
1-2
3Com Switch 7750 Series
Command Reference Guide – MAC Address Table
Chapter 1 MAC Address Table Configuration
Commands
Table 1-1 Description on the display-option argument
Value
Description
mac-address [ vlan vlan-id ]
Displays information about a specified
MAC address entry.
{ static | dynamic } [ interface
interface-type interface-number ] [ vlan
vlan-id ] [ count ]
Displays information about dynamic or
static address entries.
interface
interface-type
interface-number [ vlan vlan-id ] [ count ]
Displays information about the MAC
address entries concerning a specified
port.
vlan vlan-id [ count ]
Displays information about the MAC
address entries concerning a specified
VLAN.
count
Displays the total number of the MAC
address entries maintained by the
switch.
mac-address: MAC address.
static: Displays static MAC address entries. (A static MAC address entry does not age.)
dynamic: Displays dynamic MAC address entries. (A dynamic MAC address entry
ages with time.)
interface-type: Port type.
interface-number: Port number.
vlan-id: VLAN ID. This argument ranges from 1 to 4094.
count: Displays only the total number of the MAC address entries.
Description
Use the display mac-address command to display information about MAC address
entries in a MAC address table, including: MAC address, VLAN and port corresponding
to the MAC address, the type (static or dynamic) of a MAC address entry, aging time
and so on.
Example
# Display the information about the MAC address 00e0-fc01-0101.
<3Com> display mac-address 00e0-fc01-0101
MAC ADDR
0014-222c-9d6a
VLAN ID
1
STATE
PORT INDEX
Learned
Ethernet3/0/11
AGING TIME(s)
267
# Display the MAC address entries for the port Ethernet1/0/4.
<3Com> display mac-address interface Ethernet 1/0/4
MAC ADDR
VLAN ID
STATE
PORT INDEX
1-3
AGING TIME(s)
3Com Switch 7750 Series
Command Reference Guide – MAC Address Table
Chapter 1 MAC Address Table Configuration
Commands
00e0-0112-9a86
2
Config static
Ethernet3/0/11
NOAGED
000c-760a-172d
1
Learned
Ethernet1/0/4
240
000d-88f6-44c1
1
Learned
Ethernet1/0/4
278
000d-88f7-9f7d
1
Learned
Ethernet1/0/4
278
000d-88f7-b090
1
Learned
Ethernet1/0/4
128
000d-88f7-b094
1
Learned
Ethernet1/0/4
278
000d-88f8-4e88
1
Learned
Ethernet1/0/4
203
---
7 mac address(es) found on port Ethernet1/0/4 ---
# Display the total number of MAC address entries found in VLAN 2.
<3Com> display mac-address vlan 2 count
9 mac address(es) found in vlan 2
Table 1-2 Description on the fields of the display mac-address command
Field
Description
MAC ADDR
MAC address
VLAN ID
ID of the VLAN to which the network
device identified by the MAC address
belongs
STATE
The state of the MAC address. The
value of this field can be “Static”,
“Learned”, and so on.
PORT INDEX
Port index (including port type and port
number)
AGING TIME(s)
Indicates whether a MAC address entry
is aging
1.1.4 mac-address
Syntax
mac-address
{
static
|
dynamic
}
mac-address
interface
interface-type
interface-number vlan vlan-id
undo mac-address [ mac-address-attribute ]
View
System view, port view
Parameter
static: Specifies that the MAC address entry to be added/updated is of static type.
1-4
3Com Switch 7750 Series
Command Reference Guide – MAC Address Table
Chapter 1 MAC Address Table Configuration
Commands
dynamic: Specifies that the MAC address entry to be added/updated is of dynamic
type.
mac-address: MAC address.
interface-type: Port type.
interface-number: Port number.
vlan-id: VLAN ID. This argument ranges from 1 to 4094.
mac-address-attribute: String used to specify the MAC address entries to be removed,
as described in Table 1-3.
Table 1-3 Description on the mac-address-attribute argument
Value
Description
{ static | dynamic } interface
interface-type interface-number
Removes the static or dynamic MAC
address entries concerning a specified port.
{ static | dynamic } vlan vlan-id
Removes the static or dynamic MAC
address entries concerning a specified
VLAN.
{ static | dynamic } mac-address
[
interface
interface-type
interface-number ] vlan vlan-id
Removes a specified static or dynamic MAC
address entry.
interface
interface-number
Removes all the MAC address entries
concerning a specified port.
interface-type
Removes all the MAC address entries
concerning a specified VLAN.
vlan vlan-id
mac-address
interface-type
vlan vlan-id
[
interface
interface-number ]
Removes a specified MAC address entry.
Description
Use the mac-address command to add/modify a MAC address entry.
Use the undo mac-address command to remove one or more MAC address entries.
If the MAC address you input in the mac-address command already exists in the MAC
address table, the system will modify the attributes of the corresponding MAC address
entry according to your settings in the command.
You can remove all MAC address entries (unicast MAC addresses only) concerning a
specific port, or remove a specific type of MAC address entries, such as the addresses
learnt by the system and dynamic or static MAC address entries configured.
Example
# Configure a static MAC address entry with the following settings:
1-5
3Com Switch 7750 Series
Command Reference Guide – MAC Address Table
Chapter 1 MAC Address Table Configuration
Commands
z
MAC address: 00e0-fc01-0101
z
Outbound port: Ethernet1/0/1 port
z
Ethernet1/0/1 port belongs to VLAN 2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mac-address static 00e0-fc01-0101 interface Ethernet 1/0/1 vlan 2
1.1.5 mac-address learning synchronization
Syntax
mac-address learning synchronization
undo mac-address learning synchronization
View
System view
Parameter
None
Description
Use the mac-address learning synchronization command to enable MAC address
learning synchronization between board chips.
Use the undo mac-address mac-learning disable command to disable MAC address
learning synchronization between board chips.
By default, MAC address learning synchronization between board chips is disabled.
Example
# Enable MAC address learning synchronization between board chips.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mac-address learning synchronization
1.1.6 mac-address mac-learning disable
Syntax
mac-address mac-learning disable
undo mac-address mac-learning disable
View
Ethernet port view
1-6
3Com Switch 7750 Series
Command Reference Guide – MAC Address Table
Chapter 1 MAC Address Table Configuration
Commands
Parameter
None
Description
Use the mac-address mac-learning disable command to disable the current port
from learning MAC addresses.
Use the undo mac-address mac-learning disable command to re-enable the current
port to learn MAC addresses.
By default, the port is enabled to learn MAC addresses.
Note:
z
Do not use the mac-address mac-learning disable command together with any
802.1X-related command in Ethernet port view.
z
Do not use the mac-address mac-learning disable command together with the
mac-address max-mac-count command.
Example
# Disable the port Ethernet1/0/1 from learning MAC addresses.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] mac-address mac-learning disable
1.1.7 mac-address max-mac-count
Syntax
mac-address max-mac-count count
undo mac-address max-mac-count
View
Ethernet port view
Parameter
count: Maximum number of MAC addresses a port can learn. This argument ranges
from 0 to 16384. A value of 0 disables the port from learning MAC addresses.
Description
Use the mac-address max-mac-count command to set the maximum number of MAC
addresses an Ethernet port can learn.
1-7
3Com Switch 7750 Series
Command Reference Guide – MAC Address Table
Chapter 1 MAC Address Table Configuration
Commands
Use the undo mac-address max-mac-count command to cancel the limitation on the
number of MAC addresses an Ethernet port can learn.
By default, the number of MAC addresses an Ethernet port can learn is unlimited.
When you use the mac-address max-mac-count command, the port stops learning
MAC addresses after the number of MAC addresses it learned reaches the value of the
count argument you provided. You can use the undo mac-address max-mac-count
command to cancel this limit so that the port can learn up to 16384 MAC addresses. By
default, the port learns up to 16384 MAC addresses
Related command: mac-address, mac-address timer.
Example
# Set the maximum number of MAC addresses Ethernet1/0/3 port can learn to 600.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/3
[3Com-Ethernet1/0/3] mac-address max-mac-count 600
1.1.8 mac-address timer
Syntax
mac-address timer { aging age | no-aging }
undo mac-address timer aging
View
System view
Parameter
aging age: Specifies the aging time (in seconds) for layer 2 dynamic MAC address
entries. The age argument ranges from 10 to 1000000 and defaults to 300.
no-aging: Specifies not to age dynamic MAC address entries.
Description
Use the mac-address timer command to set the aging time for dynamic MAC address
entries.
Use the undo mac-address timer command to restore the default aging time.
Set the aging time for dynamic MAC address entries as required but ensure that the
aging time does not decrease the layer 2 packet forwarding performance of the switch.
z
If the aging time is too short, the MAC address entries that are still valid may be
removed. Upon receiving a packet destined for a MAC address that is already
1-8
3Com Switch 7750 Series
Command Reference Guide – MAC Address Table
Chapter 1 MAC Address Table Configuration
Commands
removed, the switch broadcasts the packet through all its ports in the VLAN which
the packet belongs to. This decreases the operating performance of the switch.
z
If the aging time is too long, MAC address entries may still exist even if they turn
invalid. This causes the switch to be unable to update its MAC address table in
time. In this case, the MAC address table cannot reflect the position changes of
network devices in time.
Example
# Set the aging time for MAC address entries to 500 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mac-address timer aging 500
1-9
3Com Switch 7750 Series
Command Reference Guide – MSTP
Table of Contents
Table of Contents
Chapter 1 MSTP Configuration Commands ............................................................................... 1-1
1.1 MSTP Configuration Commands ....................................................................................... 1-1
1.1.1 active region-configuration ...................................................................................... 1-1
1.1.2 check region-configuration ...................................................................................... 1-2
1.1.3 display stp ............................................................................................................... 1-3
1.1.4 display stp region-configuration .............................................................................. 1-5
1.1.5 instance ................................................................................................................... 1-6
1.1.6 region-name ............................................................................................................ 1-7
1.1.7 reset stp................................................................................................................... 1-8
1.1.8 revision-level ........................................................................................................... 1-8
1.1.9 stp............................................................................................................................ 1-9
1.1.10 stp bpdu-protection ............................................................................................. 1-10
1.1.11 stp bridge-diameter ............................................................................................. 1-11
1.1.12 stp config-digest-snooping .................................................................................. 1-12
1.1.13 stp cost ................................................................................................................ 1-13
1.1.14 stp edged-port ..................................................................................................... 1-14
1.1.15 stp interface......................................................................................................... 1-15
1.1.16 stp interface config-digest-snooping ................................................................... 1-16
1.1.17 stp interface cost ................................................................................................. 1-18
1.1.18 stp interface edged-port ...................................................................................... 1-19
1.1.19 stp interface loop-protection................................................................................ 1-20
1.1.20 stp interface mcheck ........................................................................................... 1-21
1.1.21 stp interface no-agreement-check....................................................................... 1-22
1.1.22 stp interface point-to-point................................................................................... 1-23
1.1.23 stp interface port priority...................................................................................... 1-25
1.1.24 stp interface root-protection ................................................................................ 1-26
1.1.25 stp interface transmit-limit ................................................................................... 1-27
1.1.26 stp loop-protection............................................................................................... 1-28
1.1.27 stp max-hops....................................................................................................... 1-29
1.1.28 stp mcheck .......................................................................................................... 1-30
1.1.29 stp mode.............................................................................................................. 1-30
1.1.30 stp no-agreement-check ..................................................................................... 1-31
1.1.31 stp pathcost-standard.......................................................................................... 1-32
1.1.32 stp point-to-point ................................................................................................. 1-34
1.1.33 stp port priority..................................................................................................... 1-35
1.1.34 stp priority............................................................................................................ 1-36
1.1.35 stp region-configuration....................................................................................... 1-37
1.1.36 stp root primary ................................................................................................... 1-38
i
3Com Switch 7750 Series
Command Reference Guide – MSTP
Table of Contents
1.1.37 stp root secondary............................................................................................... 1-39
1.1.38 stp root-protection ............................................................................................... 1-40
1.1.39 stp tc-protection................................................................................................... 1-41
1.1.40 stp timer forward-delay........................................................................................ 1-42
1.1.41 stp timer hello ...................................................................................................... 1-43
1.1.42 stp timer max-age ............................................................................................... 1-44
1.1.43 stp timer-factor .................................................................................................... 1-45
1.1.44 stp transmit-limit .................................................................................................. 1-46
1.1.45 vlan-mapping modulo.......................................................................................... 1-47
1.1.46 vlan-vpn tunnel .................................................................................................... 1-48
ii
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Chapter 1 MSTP Configuration Commands
1.1 MSTP Configuration Commands
1.1.1 active region-configuration
Syntax
active region-configuration
View
MST region view
Parameter
None
Description
Use the active region-configuration command to activate the settings of an MST
(multiple spanning tree) region.
Configuring MST region-related parameters (especially the VLAN mapping table) result
in spanning trees being regenerated. To reduce network topology jitter caused by the
configuration, MSTP (multiple spanning tree protocol) does not regenerate spanning
trees immediately after the configuration; it does this only after you activate the new
MST region-related settings or enable MSTP, and then the new settings can really take
effect.
This command causes the switch to operate with the new MST region-related settings
you configured and spanning trees to be regenerated.
Related command: instance, region-name, revision-level, vlan-mapping modulo,
and check region-configuration.
Example
# Activate the MST region-related settings.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp region-configuration
[3Com-mst-region] active region-configuration
1-1
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
1.1.2 check region-configuration
Syntax
check region-configuration
View
MST region view
Parameter
None
Description
Use the check region-configuration command to display the current MST region
configuration, including region name, revision level, and VLAN mapping table.
MSTP-enabled switches are in the same region only when they have the same MST
region-related configuration. A switch cannot be in a respected region if any one of the
above three MST region-related settings does not be consistent with that of another
switch in the region.
You can use this command to find the MST region the switch currently belongs to or
check to see whether or not the MST region-related configuration is correct.
Related command: instance, region-name, revision-level, vlan-mapping modulo,
and active region-configuration.
Example
# Display the MST region configuration of the current switch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp region-configuration
[3Com-mst-region] check region-configuration
Admin Configuration
Format selector :0
Region name
:00e0fc003900
Revision level
:0
Instance
0
16
Vlans Mapped
1 to 9, 11 to 4094
10
1-2
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Table 1-1 Description on the fields of the check region-configuration command
Field
Description
Format selector
The selector specified by MSTP
Region name
The name of the MST region
Revision level
The revision level of the MST region
Instance Vlans Mapped
Spanning tree instance-to-VLAN mappings in the
MST region
1.1.3 display stp
Syntax
display stp [ instance instance-id ] [ interface interface-list | slot slot-number ] [ brief ]
View
Any view
Parameter
instance-id: ID of the spanning tree instance ranging from 0 to 16. A value of 0 specifies
the common and internal spanning tree (CIST).
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
Slot slot-number: Specifies a slot, the STP-related information about which is to be
displayed.
brief: Displays only port state and protection measures taken on the port.
Description
Use the display stp command to display the state and statistical information about one
or all spanning trees.
The state and statistical information about MSTP can be used to analyze and maintain
the topology of a network. It also can be used to make MSTP operating properly.
z
If neither spanning tree instance nor port list is specified, the command displays
spanning tree information about all spanning tree instances on all ports in order of
port number.
z
If only a spanning tree instance is specified, the command displays information
about the specified spanning tree instance on all ports in the order of the port
number.
1-3
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
If only a port list is specified, the command displays information about all spanning
z
tree instances on these ports in the order of the port number.
If both a spanning tree instance and a port list are specified, the command
z
displays spanning tree information about the specified spanning tree instance and
the specified ports in order of spanning tree instance ID.
MSTP state information includes:
Global CIST parameters: Protocol operation mode, switch priority in the CIST
z
instance, MAC address, Hello time, Max age, Forward delay, Max hops, the
common root of the CIST, the external path cost for the switch to reach the CIST
common root, region root, the internal path cost for the switch to reach the region
root, CIST root port of the switch, the state of the BPDU (bridge protocol data unit)
protection function (enabled or disabled), and the state of the digest snooping
feature (enabled or disabled).
CIST port parameters: Port protocol, port role, port priority, path cost, designated
z
bridge, designated port, edge port/non-edge port, whether or not the link on the
port is a point-to-point link, the maximum transmitting speed, type of the enabled
protection function, state of the digest snooping feature (enabled or disabled),
VLAN mappings, Hello time, Max age, Forward delay, Message-age time, and
Remaining-hops.
Global MSTI parameters: MSTI instance ID, bridge priority of the instance, region
z
root, internal path cost, MSTI root port, and master bridge.
MSTI port parameters: Port state, role, priority, path cost, designated bridge,
z
designated port, and Remaining Hops.
The statistical information includes: the numbers of the TCN BPDUs, the configuration
BPDUs, the RST BPDUs, and the MST BPDUs transmitted/received by each port.
Related command: reset stp.
Example
# Display the state and statistical information about a spanning tree.
<3Com> display stp instance 0 interface Ethernet 1/0/1 to Ethernet 1/0/4 brief
MSTID
Port
Role
STP State
Protection
0
Ethernet1/0/1
ALTE
DISCARDING
LOOP
0
Ethernet1/0/2
DESI
FORWARDING
NONE
0
Ethernet1/0/3
DESI
FORWARDING
NONE
0
Ethernet1/0/4
DESI
FORWARDING
NONE
Table 1-2 Description on the fields of the display stp command
Field
Description
MSTID
ID of a spanning tree instance in the MST region
Port
Port index
1-4
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Field
Description
Role
Port role
STP State
STP state on the port, which can be forwarding and discarding.
Protection
Protection type of the port
1.1.4 display stp region-configuration
Syntax
display stp region-configuration
View
Any view
Parameter
None
Description
Use the display stp region-configuration command to display the activated MST
region configuration, including the region name, region revision level, and spanning
tree instance-to-VLAN mappings configured for the switch.
Related command: stp region-configuration.
Example
# Display the activated MST region configuration.
<3Com> display stp region-configuration
Oper Configuration
Format selector :0
Region name
:hello
Revision level
:0
Instance
Vlans Mapped
0
21 to 4094
1
1 to 10
2
11 to 20
Table 1-3 Description on the fields of the display stp region-configuration command
Field
Description
Format selector
The selector specified by MSTP
Region name
The name of the MST region
1-5
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Field
Description
Revision level
The revision level of the MST region
Instance Vlans Mapped
Spanning tree instance-to-VLAN mappings in the
MST region
1.1.5 instance
Syntax
instance instance-id vlan vlan-list
undo instance instance-id [ vlan vlan-list ]
View
MST region view
Parameter
instance-id: ID of a spanning tree instance ranging from 0 to 16. A value of 0 specifies
the CIST.
vlan-list: List of VLANs. You need to provide this argument in the form of vlan-list =
{ vlan-id [ to vlan-id ] }&<1-10>, where &<1-10> means that you can provide up to 10
VLAN IDs/VLAN ID ranges for this argument. Normally, a VLAN ID can be a number
ranging from 1 to 4094. VLANs with their IDs beyond this range (if the switch supports
this kind VLAN IDs), such as VLAN 4095, VLAN 4096, can only be mapped to the CIST
(spanning tree instance 0).
Description
Use the instance command to map specified VLANs to a specified spanning tree
instance.
Use the undo instance command to remove the mappings from the specified VLANs
to the specified spanning tree instance and remap the specified VLANs to the CIST
(spanning tree instance 0). If you specify no VLAN in the undo instance command, all
VLANs that are mapped to the specified spanning tree instance are remapped to the
CIST.
By default, all VLANs are mapped to the CIST.
VLAN-to-spanning tree instance mappings are recorded in the VLAN mapping table of
an MSTP switch. So these two commands are actually used to manipulate the VLAN
mapping table. You can add/remove a VLAN to/from the VLAN mapping table of a
specific spanning tree instance by using these two commands.
1-6
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Note that a VLAN cannot be mapped to multiple spanning tree instances at the same
time. A VLAN-to-spanning tree instance mapping is automatically removed if you map
the VLAN to another spanning tree instance.
Related command: region-name, revision-level, vlan-mapping modulo, check
region-configuration, and active region-configuration.
Example
# Map VLAN 2 to spanning tree instance 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp region-configuration
[3Com-mst-region] instance 1 vlan 2
1.1.6 region-name
Syntax
region-name name
undo region-name
View
MST region view
Parameter
name: MST region name to be set for the switch, a string of 1 to 32 characters.
Description
Use the region-name command to set an MST region name for a switch.
Use the undo region-name command to revert to the default MST region name.
The default MST region name of a switch is its MAC address.
MST region name, along with VLAN mapping table and MSTP revision level,
determines the MST region which a switch belongs to.
Related
command:
instance,
revision-level,
check
vlan-mapping modulo, and active region-configuration.
Example
# Set the MST region name of the switch to “hello”.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp region-configuration
[3Com-mst-region] region-name hello
1-7
region-configuration,
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
1.1.7 reset stp
Syntax
reset stp [ interface interface-list ]
View
User view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
Description
Use the reset stp command to clear spanning tree-related statistics on Ethernet ports.
The spanning tree statistics include the numbers of the TCN BPDUs, configuration
BPDUs, RST BPDUs, and MST BPDUs sent/received through one or more specified
ports or all ports (note that STP BPDUs and TCN BPDUs are counted only for CISTs.)
This command clears the spanning tree-related statistics on specified ports if you
specify the interface-list argument. If you do not specify the interface-list argument, this
command clears the spanning tree-related statistics on all ports.
Related command: display stp.
Example
# Clear the spanning tree-related statistics on ports Ethernet1/0/1 through
Ethernet1/0/3.
<3Com> reset stp interface Ethernet 1/0/1 to Ethernet 1/0/3
1.1.8 revision-level
Syntax
revision-level level
undo revision-level
View
MST region view
Parameter
level: MSTP revision level to be set for the switch. This argument ranges from 0 to
65,535.
1-8
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Description
Use the revision-level command to set the MSTP revision level for a switch.
Use the undo revision-level command to revert to the default revision level.
By default, the MSTP revision level is 0.
MSTP revision level, along with MST region name and VLAN mapping table,
determines the MST region which a switch belongs to.
Related
command:
instance,
region-name,
check
region-configuration,
vlan-mapping modulo, and active region-configuration.
Example
# Set the MSTP revision level of the MST region to 5.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp region-configuration
[3Com-mst-region] revision-level 5
1.1.9 stp
Syntax
stp { enable | disable }
undo stp
View
System view, Ethernet port view
Parameter
enable: Enables MSTP globally or on a port.
disable: Disables MSTP globally or on a port.
Description
Use the stp command to enable/disable MSTP globally or on a port.
Use the undo stp command to revert to the default MSTP state globally or on a port.
By default, MSTP is disabled globally and on a port.
By default, once MSTP is enabled globally, it is enabled on a port.
After MSTP is enabled, the actual operation mode, which can be STP-compatible mode,
RSTP-compatible mode, and MSTP mode, is determined by the protocol mode
configured by users. A switch becomes a transparent bridge if MSTP is disabled.
After being enabled, MSTP maintains spanning trees by processing configuration
BPDUs of different VLANs. After being disabled, it stops maintaining spanning trees.
1-9
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Related command: stp mode, and stp interface.
Example
# Enable MSTP globally.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp enable
# Disable MSTP on Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface ethernet 1/0/1
[3Com-Ethernet1/0/1] stp disable
1.1.10 stp bpdu-protection
Syntax
stp bpdu-protection
undo stp bpdu-protection
View
System view
Parameter
None
Description
Use the stp bpdu-protection command to enable the BPDU protection function.
Use the undo stp bpdu-protection command to revert to the default state of the
BPDU protection function.
By default, the BPDU protection function is disabled.
Normally, the access ports of the devices operating on the access layer directly connect
to terminals (such as PCs) or file servers. These ports are usually configured as edge
ports to achieve rapid transition. But they resume non-edge ports automatically upon
receiving configuration BPDUs, which causes spanning trees regeneration and
network topology jitter.
Normally, no configuration BPDU will reach edge ports. But malicious users can attack
a network by sending configuration BPDUs deliberately to edge ports to cause network
jitter. You can prevent this type of attacks by utilizing the BPDU protection function.
With this function enabled on a switch, the switch shuts down the edge ports that
1-10
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
receive configuration BPDUs and then reports these cases to the administrator. If a port
is shut down, only the administrator can restore it.
Example
# Enable the BPDU protection function.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp bpdu-protection
1.1.11 stp bridge-diameter
Syntax
stp bridge-diameter bridgenum
undo stp bridge-diameter
View
System view
Parameter
bridgenum: Network diameter to be set for a switched network. This argument ranges
from 2 to 7.
Description
Use the stp bridge-diameter command to set the network diameter of a switched
network. The network diameter of a switched network is represented by the maximum
possible number of switches between any two terminals in a switched network.
Use the undo stp bridge-diameter command to revert to the default network diameter.
By default, the maximum number of switches between any two terminal devices in the
switched network is 7.
After you configure the network diameter of a switched network, MSTP adjusts its Hello
time, Forward delay, and Max age settings accordingly. With the network diameter set
to 7 (the default), the three time-relate settings, Hello time, Forward delay, and Max age,
are set to their defaults as well.
The stp bridge-diameter command only applies to CIST; it is invalid for MSTIs.
Related command: stp timer forward-delay, stp timer hello, and stp timer max-age.
Example
# Set the network diameter to 5.
<3Com> system-view
System View: return to User View with Ctrl+Z.
1-11
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
[3Com] stp bridge-diameter 5
1.1.12 stp config-digest-snooping
Syntax
stp config-digest-snooping
undo stp config-digest-snooping
View
System view
Parameter
None
Description
Use the stp config-digest-snooping command to enable the digest snooping feature.
Use the undo stp config-digest-snooping command to disable the digest snooping
feature.
The digest snooping feature is disabled by default.
According to IEEE 802.1s, two connected switches can interwork with each other
through MSTIs in an MST region only when the two switches have the same MST
region-related configuration. With MSTP employed, interconnected switches determine
whether or not they are in the same MST region by checking the configuration IDs of
the BPDUs between them. (A configuration ID contains information such as region ID
and configuration digest.)
As some partners' switches adopt proprietary spanning tree protocols, they cannot
interwork with other switches in an MST region even if they are configured with the
same MST region-related settings as other switches in the MST region.
This kind of problems can be overcome by implementing the digest snooping feature. If
a switch port is connected to a partner's switch that has the same MST region-related
settings but adopts a proprietary spanning tree protocol, you can enable digest
snooping on the port. Then the switch regards the peer switch connected to the port as
in the same region and records the configuration digests carried in the BPDUs received
from the switch, which will be put in the BPDUs to be send to the peer switch.. In this
way, the switch can interwork with the partners' switches in an MST region.
1-12
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Note:
z
The digest snooping feature is needed only when your Switch 7750 is connected to
partner's proprietary protocol-adopted switches.
z
To enable the digest snooping feature successfully, you must first enable it on all the
switch ports that connect to partner's proprietary protocol-adopted switches and
then enable it globally.
z
To enable the digest snooping feature, the interconnected switches must be
configured with exactly the same MST settings.
z
The digest snooping feature must be enabled on all the switch ports that connect to
partners' proprietary protocol-adopted switches in the same MST region.
z
With the digest snooping feature enabled, the VLAN-to-MSTI mapping cannot be
modified.
z
The digest snooping feature is not applicable to MST region edge ports.
Example
# Enable the digest snooping feature for Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] stp config-digest-snooping
[3Com-Ethernet1/0/1] quit
[3Com]stp config-digest-snooping
1.1.13 stp cost
Syntax
stp [ instance instance-id ] cost cost
undo stp [ instance instance-id ] cost
View
Ethernet port view
Parameter
instance-id: ID of a spanning tree instance ranging from 0 to 16. A value of 0 specifies
the CIST.
cost: Path cost to be set for the port. This argument ranges from 1 to 200,000.
1-13
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Description
Use the stp cost command to set the path cost of the current port in a specified
spanning tree instance.
Use the undo stp cost command to revert to the default path cost of the current port in
the specified spanning tree instance.
By default, a switch automatically calculates the path costs of a port in different
spanning tree instances based on a specified standard.
If you specify the instance-id argument to be 0 or do not specify this argument, the stp
cost command sets the path cost of the port on CIST.
The path costs of a port in spanning tree instances affect the roles of the ports in the
spanning tree instances. By configuring different path costs for the same port in
different MSTIs, you can make flows of different VLANs traveling along different
physical links, so as to achieve VLAN-based load balancing. Changing the path cost of
a port in a spanning tree instance may change the role of the port in the instance and
put it in state transition.
Related command: stp interface cost.
Example
# Set the path cost of Ethernet1/0/3 port in spanning tree instance 2 to 200.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface ethernet1/0/3
[3Com-Ethernet1/0/3] stp instance 2 cost 200
1.1.14 stp edged-port
Syntax
stp edged-port { enable | disable }
undo stp edged-port
View
Ethernet port view
Parameter
enable: Configures the current Ethernet port as an edge port.
disable: Configures the current Ethernet port as a non-edge port.
Description
Use the stp edged-port enable command to configure the current Ethernet port as an
edge port.
1-14
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Use the stp edged-port disable command to configure the current Ethernet port as a
non-edge port.
Use the undo stp edged-port command to restore the current Ethernet port to its
default state.
By default, all Ethernet ports of a switch are non-edge ports.
An edge port is a port that is directly connected to a user terminal instead of another
switch or a network segment. Rapid transition is applied to edge ports because, on
these ports, no loops can be incurred by network topology changes. You can enable a
port to transit to the forwarding state rapidly by setting it to an edge port. And you are
recommended to configure the Ethernet ports directly connected to user terminals as
edge ports to enable them to transit to the forwarding state rapidly.
Normally, configuration BPDUs cannot reach an edge port because the port is not
connected to another switch. But when the BPDU protection function is disabled on an
edge port, configuration BPDUs sent deliberately by a malicious user may reach the
port. If an edge port receives a BPDU, it turns to a non-edge port.
Related command: stp interface edged-port.
Caution:
Among loop prevention function, root protection function and edge port setting, only
one can be valid on a port at one time.
Example
# Configure Ethernet1/0/1 port as a non-edge port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface ethernet1/0/1
[3Com-Ethernet1/0/1] stp edged-port disable
1.1.15 stp interface
Syntax
stp interface interface-list { enable | disable }
View
System view
1-15
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
enable: Enables MSTP on the specified ports.
disable: Disables MSTP on the specified ports.
Description
Use the stp interface command to enable or disable MSTP on specified ports in
system view.
By default, MSTP is enabled on the ports of a switch if MSTP is globally enabled on the
switch, and is disabled on the ports if MSTP is globally disabled.
An MSTP-disabled port does not participate in any calculation of spanning tree and is
always in forwarding state.
Caution:
Disabling MSTP on ports may result in loops.
Related command: stp mode, stp.
Example
# Enable MSTP on Ethernet1/0/1 port in system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp interface Ethernet 1/0/1 enable
1.1.16 stp interface config-digest-snooping
Syntax
stp interface interface-list config-digest-snooping
undo stp interface interface-list config-digest-snooping
View
System view
1-16
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the format of interface-list ={ interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
Description
Use the stp interface config-digest-snooping command to enable the digest
snooping feature.
Use the undo stp interface config-digest-snooping command to disable the digest
snooping feature.
By default, the digest snooping feature is disabled.
According to IEEE 802.1s, two interconnected MSTP switches can interwork with each
other through MSTIs in an MST region only when the two switches have the same MST
region-related configuration. Interconnected MSTP switches determine whether or not
they are in the same MST region by checking the configuration IDs of the BPDUs
between them. (A configuration ID contains information such as region ID and
configuration digest.)
As some partners' switches adopt proprietary spanning tree protocols, they cannot
interwork with other switches in an MST region even if they are configured with the
same MST region-related settings as other switches in the MST region.
This problem can be overcome by implementing the digest snooping feature. If a port
on an Switch 7750 series switch is connected to a partner's switch that has the same
MST region-related settings as its own but adopts a proprietary spanning tree protocol,
you can enable digest snooping on the port. Then the Switch 7750 switch regards the
partner's switch as in the same region; it records the configuration digests carried in the
BPDUs received from the partner's switch, and put them in the BPDUs to be send to the
partner's switch. In this way, the Switch 7750 switches can interwork with the partners'
switches in the same MST region.
1-17
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Note:
z
The digest snooping feature is needed only when your Switch 7750 series switch is
connected to partner's proprietary protocol-adopted switches.
z
To enable the digest snooping feature successfully, you must first enable it on all the
ports of your Switch 7750 series switch that are connected to partner's proprietary
protocol-adopted switches and then enable it globally.
z
To enable the digest snooping feature, the interconnected switches must be
configured with exactly the same MST region-related configuration.
z
The digest snooping feature must be enabled on all the ports of your Switch 7750
series switch that are connected to partners' proprietary protocol-adopted switches
in the same MST region.
z
With the digest snooping feature enabled, the VLAN-to-MSTI mapping cannot be
modified.
z
The digest snooping feature is not applicable to MST region edge ports.
Example
# Enable the digest snooping feature on Ethernet1/0/1 port in system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp interface Ethernet 1/0/1 config-digest-snooping
1.1.17 stp interface cost
Syntax
stp interface interface-list [ instance instance-id ] cost cost
undo stp interface interface-list [ instance instance-id ] cost
View
System view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
instance-id: Spanning tree instance ID ranging from 0 to 16. A value of 0 specifies the
CIST.
cost: Port path cost to be set. This argument ranges from 1 to 200,000,000.
1-18
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Description
Use the stp interface cost command to set the path cost(s) of the specified port(s) in a
specified spanning tree instance in system view.
Use the undo stp interface cost command to revert to the default path cost(s) of the
specified port(s) in the specified spanning tree instance in system view.
By default, a switch automatically calculates the path costs of a port in different
spanning tree instances based on a specified standard.
If you specify the instance-id argument to be 0 or do not specify this argument, the stp
interface cost command sets the path cost(s) of the specified port(s) in the CIST.
The path costs of a port in spanning tree instances affect the roles of the ports in the
spanning tree instances. By configuring different path costs for the same port in
different MSTIs, you can make flows of different VLANs traveling along different
physical links, so as to achieve VLAN-based load balancing. Changing the path cost of
a port in a spanning tree instance may change the role of the port in the instance and
put it in state transition.
The default port path cost differs with port speed. Refer to Table 1-4 for details.
Related command: stp cost.
Example
# Set the path cost of Ethernet1/0/3 port in spanning tree instance 2 to 400 in system
view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp instance 2 interface Ethernet 1/0/3 cost 400
1.1.18 stp interface edged-port
Syntax
stp interface interface-list edged-port { enable | disable }
undo stp interface interface-list edged-port
View
System view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
enable: Configures the specified Ethernet ports to be edge ports.
1-19
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
disable: Configures the specified Ethernet ports to be non-edge ports.
Description
Use the stp interface edged-port enable command to configure the specified
Ethernet port(s) as edge ports in system view.
Use the stp interface edged-port disable command to configure the specified
Ethernet port(s) as non-edge ports in system view.
Use the undo stp interface edged-port command to restore the specified Ethernet
port(s) to their default states.
By default, all Ethernet ports of a switch are non-edge ports.
An edge port is a port that is directly connected to a user terminal instead of another
switch or a network segment. Rapid transition is applied to edge ports because, on
these ports, no loops can be incurred by network topology changes. You can enable a
port to transit to the forwarding state rapidly by setting it to an edge port. And you are
recommended to configure the Ethernet ports directly connected to user terminals as
edge ports to enable them to transit to the forwarding state rapidly.
Normally, configuration BPDUs cannot reach an edge port because the port is not
connected to another switch. But when the BPDU protection function is disabled on an
edge port, configuration BPDUs sent deliberately by a malicious user may reach the
port. If an edge port receives a BPDU, it turns to a non-edge port.
Related command: stp edged-port.
Caution:
Among loop prevention function, root protection function and edge port setting, only
one can be valid on a port at one time.
Example
# Configure Ethernet1/0/3 port as an edge port in system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp interface Ethernet 1/0/3 edged-port enable
1.1.19 stp interface loop-protection
Syntax
stp interface interface-list loop-protection
1-20
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
undo stp interface interface-list loop-protection
View
System view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
Description
Use the stp interface loop-protection command to enable the loop prevention
function in system view.
Use the undo stp interface loop-protection command to revert to the default state of
the loop prevention function in system view.
The loop prevention function is disabled by default.
Related command: stp loop-protection.
Caution:
Among loop prevention function, root protection function and edge port setting, only
one can be valid on the same port.
Example
# Enable the loop prevention function on Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp interface Ethernet 1/0/1 loop-protection
1.1.20 stp interface mcheck
Syntax
stp [ interface interface-list ] mcheck
View
System view
1-21
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
Description
Use the stp interface mcheck command to perform the mCheck operation on
specified port(s) in system view.
A port on an MSTP-enabled switch toggles to the STP-/RSTP-compatible mode
automatically if an STP-/RSTP-enabled switch is connected to it. But when the
STP-/RSTP-enabled switch is disconnected from the port, the port cannot toggle back
to the MSTP mode automatically. In this case, you can force the port to toggle to the
MSTP mode by performing the mCheck operation on the port.
Related command: stp mcheck, and stp mode.
Example
# Perform the mCheck operation for Ethernet1/0/3 port in system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp interface Ethernet 1/0/3 mcheck
1.1.21 stp interface no-agreement-check
Syntax
stp interface interface-type interface-number no-agreement-check
undo stp interface interface-type interface-number no-agreement-check
View
System view
Parameter
interface-type: Port type.
interface-number: Port number.
Description
Use the stp interface no-agreement-check command to enable the rapid transition
feature on a specified port.
Use the undo stp interface no-agreement-check command to disable the rapid
transition feature on a specified port.
1-22
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
The rapid transition feature is disabled on any port by default.
Some manufactures' switches adopt proprietary spanning tree protocols that are
similar to RSTP in the way to implement rapid transition on designated ports. When a
switch of this kind operates as the upstream switch of an Switch 7750 series switch
running MSTP, the upstream designated port fails to change their states rapidly.
The rapid transition feature is developed to avoid this case. When an Switch 7750
series switch running MSTP is connected in the upstream direction to a manufacture's
switch running proprietary spanning tree protocol, you can enable the rapid transition
feature on the ports of the Switch 7750 series switch operating as the downstream
switch. Among these ports, those operating as the root ports will then send agreement
packets to their upstream ports after they receive proposal packets from the upstream
designated ports, instead of waiting for agreement packets from the upstream switch.
This enables designated ports of the upstream switch to change their states rapidly.
Related command: stp no-agreement-check.
Note:
z
The rapid transition feature can be enabled on root ports or alternate ports only.
z
If you configure the rapid transition feature on the designated port, the feature does
not take effect on the port.
Example
# Enable the rapid transition feature for Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]stp interface Ethernet1/0/1 no-agreement-check
1.1.22 stp interface point-to-point
Syntax
stp interface interface-list point-to-point { force-true | force-false | auto }
undo stp interface interface-list point-to-point
View
System view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
1-23
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
force-true: Specifies that the links connected to the specified Ethernet ports are
point-to-point links.
force-false: Specifies that the links connected to the specified Ethernet ports are not
point-to-point links.
auto: Specifies to automatically determine whether or not the links connected to the
specified Ethernet ports are point-to-point links.
Description
Use the stp interface point-to-point command to specify whether the links connected
to the specified Ethernet ports are point-to-point links in system view.
Use the undo stp interface point-to-point command to restore the links connected to
the specified ports to their default link types, which are automatically determined by
MSTP.
If no keyword is specified in the stp interface point-to-point command, the auto
keyword is used by default, and so MSTP automatically determines the types of the
links connected to the specified ports.
The rapid transition feature is not applicable to ports on non-point-to-point links.
If an Ethernet port is the master port of an aggregated port or operates in full-duplex
mode, the link connected to the port is a point-to-point link.
You are recommended to let MSTP automatically determine the link types.
These two commands only apply to CIST and MSTIs. If you configure the link to which
a port is connected to be a point-to-point link (or a non-point-to-point link), the
configuration applies to all spanning tree instances (that is, the port is configured to
connect to a point-to-point link (or a non-point-to-point link) in all spanning tree
instances). If the actual physical link is not a point-to-point link and you configure the
link to which the port is connected to be a point-to-point link, loops may temporarily
occur.
Related command: stp point-to-point.
Example
# Configure the link connected to Ethernet1/0/3 port as a point-to-point link in system
view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp interface Ethernet 1/0/3 point-to-point force-true
1-24
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
1.1.23 stp interface port priority
Syntax
stp interface interface-list instance instance-id port priority priority
undo stp interface interface-list instance instance-id port priority
View
System view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
instance-id: Spanning tree instance ID ranging from 0 to 16. A value of 0 specifies the
CIST.
priority: Port priority to be set. This argument ranges from 0 to 240 and must be a
multiple of 16 (such as 0, 16, and 32). The default port priority of a port in any spanning
tree instance is 128.
Description
Use the stp interface port priority command to set a port priority for the specified
ports in the specified spanning tree instance.
Use the undo stp interface port priority command to restore the specified ports to the
default port priority in the specified spanning tree instance.
If you specify the instance-id argument to be 0, these two commands apply to the port
priorities on the CIST. The role a port plays in a spanning tree instance is determined by
the port priority in the instance. A port on an MSTP-enabled switch can have different
port priorities and play different roles in different MSTIs. This enables packets of
different VLANs to be forwarded along different physical paths, so as to achieve load
balancing by VLANs. Changing port priorities results in port roles being re-determined
and may cause state transitions.
Related command: stp port priority.
Example
# Set the port priority of Ethernet1/0/3 port (with regard to spanning tree instance 2) to
16.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp interface Ethernet 1/0/3 instance 2 port priority 16
1-25
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
1.1.24 stp interface root-protection
Syntax
stp interface interface-list root-protection
undo stp interface interface-list root-protection
View
System view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
Description
Use the stp interface root-protection command to enable the root protection function
on specified port(s).
Use the undo stp interface root-protection command to restore the root protection
function to the default state on specified port(s).
By default, the root protection function is disabled.
Configuration errors or attacks may result in configuration BPDUs with their priorities
higher than that of a root bridge, which causes new root bridge to be elected and
network topology jitter to occur. In this case, flows that should travel along high-speed
links may be led to low-speed links, and network congestion may occur.
You can avoid this by utilizing the root protection function. Ports with this function
enabled can only be kept as designated ports in all spanning tree instances. When a
port of this type receives configuration BPDUs with higher priorities, it changes to
Discarding state (rather than becomes a non-designated port) and stops forwarding
packets (as if it is disconnected from the link). It resumes the normal state if it does not
receive any configuration BPDUs with higher priorities for a specified period.
Related command: stp root-protection.
Caution:
Among loop prevention function, root protection function and edge port setting, only
one can be valid on a port at one time.
1-26
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Example
# Enable the root protection function on Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp interface Ethernet 1/0/1 root-protection
1.1.25 stp interface transmit-limit
Syntax
stp interface interface-list transmit-limit packetnum
undo stp interface interface-list transmit-limit
View
System view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } &<1-10>, where &<1-10> means that you can
provide up to 10 port indexes/port index ranges for this argument.
packetnum: Also known as maximum transmitting speed, the maximum number of
configuration BPDUs a port can send in each Hello time. This argument ranges from 1
to 255 and defaults to 3.
Description
Use the stp interface transmit-limit command to set the maximum number of
configuration BPDUs each specified port can send in each Hello time.
Use the undo stp interface transmit-limit command to revert to the default maximum
number.
The larger the packetnum argument is, the more packets a port can transmit in each
Hello time. Configure the packetnum argument to a proper value to limit the number of
BPDUs a port can send in each Hello time to avoid MSTP from occupying too much
network resources when network topology jitter occur.
Related command: stp transmit-limit.
Example
# Set the maximum transmitting speed of Ethernet1/0/3 port to 5.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp interface Ethernet 1/0/3 transmit-limit 5
1-27
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
1.1.26 stp loop-protection
Syntax
stp loop-protection
undo stp loop-protection
View
Ethernet port view
Parameter
None
Description
Use the stp loop-protection command to enable the loop prevention function on the
current port.
Use the undo stp loop-protection command to restore the loop prevention function to
the default state on the current port.
By default, the loop prevention function is disabled.
A switch maintains the states of the root port and other blocked ports by receiving and
processing BPDUs from the upstream switch. These BPDUs may get lost because of
network congestions and link failures. If a switch does not receive BPDUs from the
upstream switch for a certain period, the switch selects a new root port; the original root
port becomes a designated port; and the blocked ports transit to forwarding state. This
may cause loops in the network.
The loop prevention function suppresses loops. With this function enabled, if link
congestions or link failures happen, a root port becomes a designated port, and the port
state becomes discarding. The blocked port also becomes designated port and the port
state becomes discarding (do not forward packets), and thereby loops can be
prevented.
Example
# Enable the loop prevention function on Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] stp loop-protection
1-28
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
1.1.27 stp max-hops
Syntax
stp max-hops hops
undo stp max-hops
View
System view
Parameter
hops: Maximum hops to be set. This argument ranges from 1 to 40. The default
maximum hops value of an MST region is 20.
Description
Use the stp max-hops command to set the maximum hops for the MST region the
current switch belongs to.
Use the undo stp max-hops command to revert to the default maximum hops.
The maximum hops values configured on the region roots of the CIST and MSTI in an
MST region limit the size of the MST region.
A configuration BPDU contains a field that maintains the remaining hops of the
configuration BPDU. And a switch discards the configuration BPDUs whose remaining
hops are 0. After a configuration BPDU reaches a root bridge of a spanning tree in a
MST region, the value of the remaining hops field in the configuration BPDU is
decreased by 1 every time the configuration BPDU passes a switch. Such a
mechanism disables the switches that are beyond the maximum hops from
participating in spanning tree generation, and thus limits the size of an MST region.
With such a mechanism, the maximum hops configured on the switch operating as the
root bridge of the CIST or an MSTI in a MST region becomes the network diameter of
the spanning tree, which limits the size of the spanning tree in the current MST region.
The switches that are not root bridges in the MST region adopt the maximum hops
settings of their root bridges.
Example
# Set the maximum hops of the current MST region to 35.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp max-hops 35
1-29
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
1.1.28 stp mcheck
Syntax
stp mcheck
View
Ethernet port view
Parameter
None
Description
Use the stp mcheck command to perform the mCheck operation on the current port.
When a port on an MSTP-enabled upstream switch connects with an STP enabled
downstream switch, the port transits to the STP-compatible mode. But when the STP
enabled downstream switch is then replaced by an MSTP-enabled switch, the port
cannot automatically transit to the MSTP mode but remains in the STP-compatible
mode. In this case, you can force the port to transit to the MSTP mode by performing
the mCheck operation on the port.
Similarly, when a port on an RSTP-compatible upstream switch connects with an
STP-enabled downstream switch, the port transits to the STP-compatible mode. But
when the STP enabled downstream switch is then replaced by an MSTP-enabled
switch, the port cannot automatically transit to the MSTP mode but remains in the
STP-compatible mode. In this case, you can force the port to transit to the
MSTP-compatible mode by performing the mCheck operation on the port.
Related command: stp mode, stp interface mcheck.
Example
# Perform the mCheck operation for Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] stp mcheck
1.1.29 stp mode
Syntax
stp mode { stp | rstp | mstp }
undo stp mode
1-30
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
View
System view
Parameter
stp: Enables the STP-compatible mode.
mstp: Enables the MSTP mode.
rstp: Enables RSTP-compatible.
Description
Use the stp mode command to set the MSTP operation mode.
Use the undo stp mode command to revert to the default MSTP operation mode.
By default, a switch operates in MSTP mode.
To make a switch compatible with STP/RSTP, MSTP provides following three operation
modes:
STP-compatible mode, where a switch sends out STP BPDU packets
RSTP-compatible mode, where a switch sends out RSTP BPDU packets
MSTP mode, where a switch sends out MSTP BPDU packets
Related command: stp mcheck, stp, stp interface, and stp interface mcheck.
Example
# Configure the switch to operate in STP-compatible mode.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp mode stp
1.1.30 stp no-agreement-check
Syntax
stp no-agreement-check
undo stp no-agreement-check
View
Ethernet port view
Parameter
None
1-31
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Description
Use the stp no-agreement-check command to enable the rapid transition feature for a
port.
Use the stp no-agreement-check command to disable the rapid transition feature.
By default, the rapid transition feature is disabled on a port.
Some manufactures' switches adopt proprietary spanning tree protocols that are
similar to RSTP in the way to implement rapid transition on designated ports. When a
switch of this kind operates as the upstream switch of an Switch 7750 series switch
running MSTP, the upstream designated port fails to change their states rapidly.
The rapid transition feature aims to resolve this problem. When an Switch 7750 series
switch running MSTP is connected in the upstream direction to a manufacture's switch
running proprietary spanning tree protocol, you can enable the rapid transition feature
on the ports of the Switch 7750 series switch operating as the downstream switch.
Among these ports, those operating as the root ports will then send agreement packets
to their upstream ports after they receive proposal packets from the upstream
designated ports, instead of waiting for agreement packets from the upstream switch.
This enables designated ports of the upstream switch to change their states rapidly.
Related command: stp interface no-agreement-check.
Note:
z
The rapid transition feature can be enabled on root ports or alternate ports only.
z
If you configure the rapid transition feature on the designated port, the feature does
not take effect on the port.
Example
# Enable the rapid transition feature for Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Ethernet1/0/1
[3Com-Ethernet1/0/1]stp no-agreement-check
1.1.31 stp pathcost-standard
Syntax
stp pathcost-standard { dot1d-1998 | dot1t | legacy }
undo stp pathcost-standard
1-32
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
View
System view
Parameter
dot1d-1998: Uses the IEEE 802.1D-1998 standard to calculate the default path costs
of ports.
dot1t: Uses the IEEE 802.1t standard to calculate the default path costs of ports.
legacy: Uses the proprietary standard to calculate the default path costs of ports.
Description
Use the stp pathcost-standard command to set the standard to be used to calculate
the default path costs of the links connected to the switch.
Use the undo stp pathcost-standard command to specify to use the default standard.
By default, a switch uses the IEEE 802.1t standard to calculate the default path costs of
ports.
Table 1-4 Transmission speeds and the corresponding path costs
Transm
ission
speed
0
10
Mbps
100
Mbps
1,000
Mbps
10
Gbps
Operation mode
(half-/full-duplex)
Standard
defined by
Private
802.1D-1998
IEEE 802.1t
-
65,535
200,000,000
200,000
Half-duplex/Full-duplex
100
200,000
2,000
Aggregated link 2 ports
95
1,000,000
1,800
Aggregated link 3 ports
95
666,666
1,600
Aggregated link 4 ports
95
500,000
1,400
Half-duplex/Full-duplex
19
200,000
200
Aggregated link 2 ports
15
100,000
180
Aggregated link 3 ports
15
66,666
160
Aggregated link 4 ports
15
50,000
140
Full-duplex
4
200,000
20
Aggregated link 2 ports
3
10,000
18
Aggregated link 3 ports
3
6,666
16
Aggregated link 4 ports
3
5,000
14
Full-duplex
2
200,000
2
Aggregated link 2 ports
1
1,000
1
Aggregated link 3 ports
1
666
1
Aggregated link 4 ports
1
500
1
1-33
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Normally, when a port operates in full-duplex mode, the corresponding path cost is
slightly less than that when the port operates in half-duplex mode.
When calculating the path cost of an aggregated link, the 802.1D-1998 standard does
not take the number of the ports on the aggregated link into account, whereas the
802.1T standard does. The following formula is used to calculate the path cost of an
aggregated link:
Path cost = 200,000 / link transmission speed,
Where the link transmission speed is the sum of the speeds of the unblocked ports on
the aggregated link, which is measured in 100 Kbps.
Example
# Configure to use the IEEE 802.1D-1998 standard to calculate the default path costs
of ports.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp pathcost-standard dot1d-1998
# Configure to use the IEEE 802.1t standard to calculate the default path costs of ports.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp pathcost-standard dot1t
1.1.32 stp point-to-point
Syntax
stp point-to-point { force-true | force-false | auto }
undo stp point-to-point
View
Ethernet port view
Parameter
force-true: Specifies that the link connected to the current Ethernet port is a
point-to-point link.
force-false: Specifies that the link connected to the current Ethernet port is not a
point-to-point link.
auto: Specifies to automatically determine whether or not the link connected to the
current Ethernet port is a point-to-point link.
1-34
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Description
Use the stp point-to-point command to specify whether the link connected to the
current Ethernet port is a point-to-point link.
Use the undo stp point-to-point command to restore the link connected to the current
Ethernet port to its default link type, which is automatically determined by MSTP.
If no keyword is specified in the stp point-to-point command, the auto keyword is
used by default, and so MSTP automatically determines the type of the link connected
to the current port.
The rapid transition feature is not applicable to ports on non-point-to-point links.
If an Ethernet port is the master port of an aggregation port or operates in full-duplex
mode, the link connected to the port is a point-to-point link.
You are recommended to let MSTP automatically determine the link types of ports.
These two commands only apply to CISTs and MSTIs. If you configure the link to which
a port is connected is a point-to-point link (or a non-point-to-point link), the configuration
applies to all spanning tree instances (that is, the port is configured to connect to a
point-to-point link [or a non-point-to-point link] in all spanning tree instances). If the
actual physical link is not a point-to-point link and you configure the link to which the
port is connected to be a point-to-point link, loops may temporarily occur.
Related command: stp interface point-to-point.
Example
# Configure the link connected to Ethernet1/0/3 port as a point-to-point link.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/3
[3Com-Ethernet1/0/3] stp point-to-point force-true
1.1.33 stp port priority
Syntax
stp [ instance instance-id ] port priority priority
undo stp [ instance instance-id ] port priority
View
Ethernet port view
Parameter
instance-id: Spanning tree instance ID ranging from 0 to 16. A value of 0 specifies the
CIST.
1-35
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
port priority priority: Sets the port priority. The priority argument ranges from 0 to 240
and must be a multiple of 16 (such as 0, 16, and 32). The default port priority of a port in
any spanning tree instance is 128.
Description
Use the stp port priority command to set the port priority of the current port in the
specified spanning tree instance.
Use the undo stp port priority command to restore the current port to the default port
priority in the specified spanning tree instance.
If you specify the instance-id argument to be 0 or do not specify the argument, these
two commands apply to the port priorities on the CIST. The role a port plays in a
spanning tree instance is determined by the port priority in the instance. A port on a
MSTP-enabled switch can have different port priorities and play different roles in
different MSTIs. This enables packets of different VLANs to be forwarded along
different physical paths, so as to achieve load balancing by VLANs. Changing port
priorities result in port roles being re-determined and may cause state transitions.
Related command: stp interface port priority.
Example
# Set the port priority of Ethernet1/0/3 port in spanning tree instance 2 to 16.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/3
[3Com-Ethernet1/0/3] stp instance 2 port priority 16
1.1.34 stp priority
Syntax
stp [ instance instance-id ] priority priority
undo stp [ instance instance-id ] priority
View
System view
Parameter
instance-id: Spanning tree instance ID ranging from 0 to 16. A value of 0 specifies the
CIST.
priority: Switch priority to be set. This argument ranges from 0 to 61,440 and must be a
multiple of 4,096 (such as 0, 4,096, and 8,192). There are totally 16 available switch
priorities.
1-36
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Description
Use the stp priority command to set the priority of the switch in the specified spanning
tree instance.
Use the undo stp priority command to restore the switch to the default priority in the
specified spanning tree instance.
The default priority of a switch is 32,768.
The priorities of switches are used for spanning tree generation. Switch priorities are
spanning tree-specific. That is, you can set different priorities for the same switch in
different spanning tree instances.
If you do not specify the instance-id argument, the two commands apply to the CIST.
Example
# Set the priority of the switch in spanning tree instance 1 to 4,096.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp instance 1 priority 4096
1.1.35 stp region-configuration
Syntax
stp region-configuration
undo stp region-configuration
View
System view
Parameter
None
Description
Use the stp region-configuration command to enter MST region view.
Use the undo stp region-configuration command to revert to the default MST
region-related settings.
MST region-related settings include: region name, revision level, and VLAN mapping
table. The three MST region-related settings default to:
z
MST region name: The first MAC address of the switch
z
VLAN mapping table: All VLANs are mapped to the CIST.
z
MSTP revision level: 0
1-37
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
And you can modify the three settings after entering MST region view by using the stp
region-configuration command.
Example
# Enter MST region view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp region-configuration
[3Com-mst-region]
1.1.36 stp root primary
Syntax
stp [ instance instance-id ] root primary [ bridge-diameter bridgenum ] [ hello-time
centi-seconds ]
undo stp [ instance instance-id ] root
View
System view
Parameter
instance-id: Spanning tree instance ID ranging from 0 to 16. A value of 0 specifies the
CIST.
bridgenum: Network diameter of the specified spanning tree. This argument ranges
from 2 to 7 and defaults to 7.
centi-seconds: Hello time (in centiseconds) of the specified spanning tree. This
argument ranges from 100 to 1,000 and defaults to 200.
Description
Use the stp root primary command to configure the current switch as the root bridge
of a specified spanning tree instance.
Use the undo stp root command to cancel the current configuration.
By default, a switch is not configured as a root bridge.
If you do not specify the instance-id argument, these two commands apply to the CIST.
You can specify the current switch as the root bridge of a spanning tree instance
regardless of the priority of the switch. You can also specify the network diameter of the
switched network by using the stp root primary command. The switch will then figure
out the following three time parameters: Hello time, Forward delay, and Max age. As
the Hello time figured out by the network diameter is not always the optimal one, you
can set it manually through the hello-time centi-seconds parameter. Normally, you are
1-38
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
recommended to set the network diameter and leave the Forward delay and Max age
parameters being automatically determined by the network diameter you set.
Caution:
z
You can configure only one root bridge for a spanning tree instance and can
configure one or more secondary root bridges for a spanning tree instance.
Configuring multiple root bridges for a spanning tree instance causes unpredictable
spanning tree computing results.
z
Once a switch is configured as the root bridge or a secondary root bridge, its priority
cannot be modified.
Example
# Configure the current switch as the root bridge of spanning tree instance 1, setting the
network diameter of the switched network to 4, and the Hello time to 500 centiseconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp instance 1 root primary bridge-diameter 4 hello-time 500
1.1.37 stp root secondary
Syntax
stp [ instance instance-id ] root secondary [ bridge-diameter bridgenum ]
[ hello-time centi-seconds ]
undo stp [ instance instance-id ] root
View
System view
Parameter
instance-id: Spanning tree instance ID ranging from 0 to 16. A value of 0 specifies the
CIST.
bridgenum: Network diameter of the specified spanning tree. This argument ranges
from 2 to 7 and defaults to 7.
centi-seconds: Hello time in centiseconds of the specified spanning tree. This argument
ranges from 100 to 1,000 and defaults to 200.
1-39
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Description
Use the stp root secondary command to configure the current switch as a secondary
root bridge of a specified spanning tree instance.
Use the undo stp root command to cancel the current configuration.
By default, a switch does not operate as a secondary root bridge.
If you do not specify the instance-id argument, these two commands apply to the CIST.
You can configure one or more secondary root bridges for a spanning tree instance. If
the switch operating as the root bridge fails or is turned off, the secondary root bridge
with the least MAC address becomes the root bridge.
You can also specify the network diameter and the Hello time of the switch that you are
configuring as a secondary root bridge. The switch will then figures out the other two
time parameters: Forward delay and Max age. You can configure only one root bridge
for a spanning tree instance but you can configure one or more secondary root bridges
for a spanning tree instance. Once a switch is configured as the root bridge or a
secondary root bridge, its priority cannot be modified.
Example
# Configure the current switch as a secondary root bridge of spanning tree instance 4,
setting the network diameter of the switched network to 5 and the Hello time to 300
centiseconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp instance 4 root secondary bridge-diameter 5 hello-time 300
1.1.38 stp root-protection
Syntax
stp root-protection
undo stp root-protection
View
Ethernet port view
Parameter
None
Description
Use the stp root-protection command to enable the root protection function on the
current port.
1-40
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Use the undo stp root-protection command to restore the root protection function to
the default state on the current port.
By default, the root protection function is disabled.
Configuration errors or attacks may result in configuration BPDUs with their priorities
higher than that of a root bridge, which causes new root bridge to be elected and
network topology jitter to occur. In this case, flows that are to travel along high-speed
links may be led to low-speed links, and network congestion may occur.
You can avoid this by utilizing the root protection function. Ports with this function
enabled can only be kept as designated ports in all spanning tree instances. When a
port of this type receives configuration BPDUs with higher priorities, it changes to
Discarding state (rather than becomes a non-designated port) and stops forwarding
packets (as if it is disconnected from the link). It resumes the normal state if it does not
receive any configuration BPDUs with higher priorities for a specified period.
Related command: stp interface root-protection.
Example
# Enable the root protection function on Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] stp root-protection
1.1.39 stp tc-protection
Syntax
stp tc-protection enable
stp tc-protection disable
View
System view
Parameter
None
Description
Use the stp tc-protection enable command to enable the TC-BPDU prevention
function.
Use the stp tc-protection disable command to disable the TC-BPDU prevention
function.
By default, the TC-BPDU prevention function is enabled.
1-41
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
A switch removes MAC address entries and ARP entries upon receiving TC-BPDUs. If
a malicious user sends a large amount of TC-BPDUs to a switch in a short period, the
switch may busy itself in removing MAC address entries and ARP entries, which may
decreases the performance and stability of the switch.
With the TC-BPDU prevention function enabled, a switch performs only one removing
operation in a specified period (it is 10 seconds by default) after it receives a TC-BPDU.
The switch also checks to see if other TC-BPDUs arrive in this period and performs
another removing operation in the next period if a TC-BPDU is received. Such a
mechanism prevents a switch from being busying itself in performing removing
operations.
Example
# Enable the TC-BPDU prevention function on the switch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp tc-protection enable
1.1.40 stp timer forward-delay
Syntax
stp timer forward-delay centi-seconds
undo stp timer forward-delay
View
System view
Parameter
centi-seconds: Forward delay in centiseconds to be set. This argument ranges from
400 to 3,000 and defaults to 1,500.
Description
Use the stp timer forward-delay command to set the Forward delay of the switch.
Use the undo stp timer forward-delay command to revert to the default Forward
delay.
To prevent the occurrence of temporary loops, when a port changes its state from
discarding to forwarding, it undergoes an intermediate state and waits for a specific
period to synchronize with the remote switches. This state transition period is
determined by the Forward delay configured on the root bridge.
The Forward delay setting configured on a root bridge applies to all switches operating
in the same spanning tree instance.
1-42
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
As for the configuration of the three time-related parameters (that is, the Hello time,
Forward delay, and Max age parameters), the following formulas must be met to
prevent network jitter.
2 x (Forward delay – 1 second) >= Max age
Max age >= 2 x (Hello time + 1 second)
You are recommended to specify the network diameter of the switched network and the
Hello time by using the stp root primary or stp root secondary command. After that,
the three proper time-related parameters are automatically determined.
Related command: stp timer hello, stp timer max-age, and stp bridge-diameter.
Example
# Set the Forward delay to 2,000 centiseconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp timer forward-delay 2000
1.1.41 stp timer hello
Syntax
stp timer hello centi-seconds
undo stp timer hello
View
System view
Parameter
centi-seconds: Hello time in centiseconds to be set. This argument ranges from 100 to
1,000 and defaults to 200.
Description
Use the stp timer hello command to set the Hello time of the switch.
Use the undo stp timer hello command to revert to the default Hello time.
A root bridge regularly sends out configuration BPDUs to maintain the existing
spanning trees. The Hello time is used to set the sending interval. When a switch
becomes a root bridge, it regularly sends BPDUs at the interval specified by the hello
time you have configured on it. While, the other none-root-bridge switches listen to the
BPDUs; if they do not receive a BPDU in a specific period, spanning trees will be
regenerated.
1-43
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
As for the configuration of the three time-related parameters (that is, the Hello time,
Forward delay, and Max age parameters), the following formulas must be met to
prevent network jitter.
2 * (Forward delay – 1 second) >= Max age
Max age >= 2 * (Hello time + 1 second)
You are recommended to specify the network diameter of the switched network and the
Hello time by using the stp root primary or stp root secondary command. After that,
the three proper time-related parameters are automatically determined.
Related command: stp timer forward-delay, stp timer max-age, and stp
bridge-diameter.
Example
# Set the Hello time to 400 centiseconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp timer hello 400
1.1.42 stp timer max-age
Syntax
stp timer max-age centi-seconds
undo stp timer max-age
View
System view
Parameter
centi-seconds: Max age in centiseconds to be set. This argument ranges from 600 to
4,000 and defaults to 2,000.
Description
Use the stp timer max-age command to set the Max age of the switch.
Use the undo stp timer max-age command to revert to the default Max age.
MSTP is capable of detecting link problems and automatically restoring redundant links
to forwarding state. In CIST, switches use the Max age parameter to judge whether or
not a received configuration BPDU times out. And spanning trees will be regenerated if
a configuration BPDU received by a port times out.
The Max age is meaningless to MSTIs. The Max age configured for the root bridge of
the CIST applies to all switches operating on the CIST, including the root bridge.
1-44
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
As for the configuration of the three time-related parameters (that is, the Hello time,
Forward delay, and Max age parameters), the following formulas must be met to
prevent network jitter.
2 * (Forward delay – 1 second) >= Max age,
Max age >= 2 * (Hello time + 1 second).
You are recommended to specify the network diameter of the switched network and the
Hello time parameter by using the stp root primary or stp root secondary command.
After that, the three proper time-related parameters are automatically determined.
Related
command:
stp
timer
forward-delay,
stp
timer
hello,
and
stp
bridge-diameter.
Example
# Set the Max age to 1,000 centiseconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp timer max-age 1000
1.1.43 stp timer-factor
Syntax
stp timer-factor number
undo stp timer-factor
View
System view
Parameter
number: Hello time factor. This argument ranges from 1 to 10 and defaults to 3.
Description
Use the stp timer-factor command to set the timeout time of MSTP protocol packets
on a switch in the form of a multiple of the Hello time. For example, with the number
argument set to 3, the timeout time is three times of the Hello time.
Use the undo stp timer-factor command to revert to the default Hello time factor.
A switch regularly sends protocol packets to its neighboring devices at the interval
specified by the Hello time parameter to test the links. Normally, a switch regards its
upstream switch faulty if the former does receive any protocol packets from the latter in
a period three times of the Hello time and then initiates the spanning tree regeneration
process.
1-45
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
Spanning trees may be regenerated even in a steady network if an upstream switch
continues to be busy. You can configure the timeout time factor to a larger number to
avoid this. Normally, the timeout time can be four (or more) times of the Hello time. For
a steady network, the timeout time can be five to seven times of the Hello time.
Example
# Set the Hello time factor to 7.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] stp timer-factor 7
1.1.44 stp transmit-limit
Syntax
stp transmit-limit packetnum
undo stp transmit-limit
View
Ethernet port view
Parameter
packetnum: Maximum number of configuration BPDUs a port can transmit in each
Hello time. This argument ranges from 1 to 255 and defaults to 5.
Description
Use the stp transmit-limit command to set the maximum number of configuration
BPDUs the current port can transmit in each Hello time.
Use the undo stp transmit-limit command to revert to the default maximum number.
A larger number configured by the stp transmit-limit command allows more
configuration BPDUs can be transmitted in each Hello time, which may occupy more
switch resources. So configure it to a proper value to avoid MSTP from occupying too
many network resources.
Related command: stp interface transmit-limit.
Example
# Set the maximum number of configuration BPDUs that can be transmitted by the
Ethernet1/0/1 port in each Hello time to 15.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] stp transmit-limit 15
1-46
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
1.1.45 vlan-mapping modulo
Syntax
vlan-mapping modulo modulo
View
MST region view
Parameter
modulo: Modulo ranging from 1 to 16.
Description
Use the vlan-mapping modulo command to map VLANs to specific spanning tree
instances.
By default, all VLANs in a network are mapped to the CIST (spanning tree instance 0).
MSTP uses a VLAN mapping table to describe VLAN-to-spanning-tree-instance
mappings. You can use this command to establish the VLAN mapping table and to map
VLANs to specific spanning tree instances.
Note that a VLAN cannot be mapped to multiple different spanning tree instances at the
same time. A VLAN-to-spanning-tree-instance mapping becomes invalid when you
map the VLAN to another spanning tree instance.
Note:
You can map VLANs to specific spanning tree instances quickly by using the
vlan-mapping modulo modulo command. The ID of the spanning tree instance to
which a VLAN is mapped can be figured out by using the following expression:
(VLAN ID-1) % modulo + 1,
Where (VLAN ID-1) % modulo yields the module of (VLAN ID-1) with regards to modulo.
For example, if you set the modulo argument to 16, then VLAN 1 is mapped to spanning
tree instance 1, VLAN 2 is mapped to spanning tree instance 2, …, VLAN 16 is mapped
to spanning tree instance 16, VLAN 17 is mapped to spanning tree instance 1, and so
on.
Related command: check region-configuration, revision-level, region-name, and
active region-configuration.
Example
# Map VLANs to spanning tree instances, with the modulo being 16.
<3Com> system-view
1-47
3Com Switch 7750 Series
Command Reference Guide – MSTP
Chapter 1 MSTP Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] stp region-configuration
[3Com-mst-region] vlan-mapping modulo 16
1.1.46 vlan-vpn tunnel
Syntax
vlan-vpn tunnel
undo vlan-vpn tunnel
View
System view
Parameter
None
Description
Use the vlan-vpn tunnel command to enable the BPDU Tunnel function for a switch.
Use the undo vlan-vpn tunnel command to disable the BPDU Tunnel function.
The BPDU Tunnel function enables BPDUs to be transparently transmitted between
geographically dispersed user networks through specified VLAN VPNs in operator’s
networks, through which spanning trees can be generated across these user networks
and are independent of those of the operator’s network.
By default, the BPDU Tunnel function is disabled.
Note:
z
The BPDU Tunnel function can only be enabled on devices with STP employed.
z
The BPDU Tunnel function can only be enabled on access ports.
z
To enable the BPDU Tunnel function, make sure the links between operator’s
networks are trunk links.
z
As the VLAN-VPN function is unavailable on ports with 802.1x, GVRP, GMRP, STP,
or NTDP employed, the BPDU Tunnel function is not applicable to these ports.
Example
# Enable the BPDU Tunnel function for the switch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan-vpn tunnel
1-48
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Table of Contents
Table of Contents
Chapter 1 Static Route Configuration Commands .................................................................... 1-1
1.1 Routing Table Monitoring Commands ............................................................................... 1-1
1.1.1 display ip routing-table ............................................................................................ 1-1
1.1.2 display ip routing-table acl....................................................................................... 1-2
1.1.3 display ip routing-table ip-address .......................................................................... 1-5
1.1.4 display ip routing-table ip-address1 ip-address2 .................................................... 1-7
1.1.5 display ip routing-table ip-prefix .............................................................................. 1-8
1.1.6 display ip routing-table protocol .............................................................................. 1-9
1.1.7 display ip routing-table radix ................................................................................. 1-11
1.1.8 display ip routing-table statistics ........................................................................... 1-12
1.1.9 display ip routing-table verbose ............................................................................ 1-13
1.2 Static Route Configuration Commands ........................................................................... 1-15
1.2.1 delete static-routes all ........................................................................................... 1-15
1.2.2 ip route-static......................................................................................................... 1-15
1.2.3 ip route-static default-preference .......................................................................... 1-17
Chapter 2 RIP Configuration Commands.................................................................................... 2-1
2.1 RIP Configuration Commands ........................................................................................... 2-1
2.1.1 checkzero ................................................................................................................ 2-1
2.1.2 default cost .............................................................................................................. 2-2
2.1.3 display rip ................................................................................................................ 2-2
2.1.4 display rip routing .................................................................................................... 2-3
2.1.5 filter-policy export .................................................................................................... 2-5
2.1.6 filter-policy import .................................................................................................... 2-6
2.1.7 host-route ................................................................................................................ 2-7
2.1.8 import-route ............................................................................................................. 2-8
2.1.9 network.................................................................................................................... 2-9
2.1.10 peer ..................................................................................................................... 2-10
2.1.11 preference ........................................................................................................... 2-11
2.1.12 reset .................................................................................................................... 2-11
2.1.13 rip ........................................................................................................................ 2-12
2.1.14 rip authentication-mode....................................................................................... 2-13
2.1.15 rip input................................................................................................................ 2-14
2.1.16 rip metricin........................................................................................................... 2-15
2.1.17 rip metricout......................................................................................................... 2-15
2.1.18 rip output ............................................................................................................. 2-16
2.1.19 rip split-horizon .................................................................................................... 2-17
2.1.20 rip version............................................................................................................ 2-18
i
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Table of Contents
2.1.21 rip work................................................................................................................ 2-19
2.1.22 summary.............................................................................................................. 2-19
2.1.23 timers................................................................................................................... 2-20
2.1.24 traffic-share-across-interface .............................................................................. 2-21
Chapter 3 OSPF Configuration Commands................................................................................ 3-1
3.1 OSPF Configuration Commands ....................................................................................... 3-1
3.1.1 abr-summary ........................................................................................................... 3-1
3.1.2 area ......................................................................................................................... 3-2
3.1.3 asbr-summary ......................................................................................................... 3-3
3.1.4 authentication-mode................................................................................................ 3-4
3.1.5 default cost .............................................................................................................. 3-5
3.1.6 default interval ......................................................................................................... 3-5
3.1.7 default limit .............................................................................................................. 3-6
3.1.8 default tag................................................................................................................ 3-7
3.1.9 default type.............................................................................................................. 3-8
3.1.10 default-cost............................................................................................................ 3-8
3.1.11 default-route-advertise .......................................................................................... 3-9
3.1.12 display ospf abr-asbr........................................................................................... 3-11
3.1.13 display ospf asbr-summary ................................................................................. 3-11
3.1.14 display ospf brief ................................................................................................. 3-13
3.1.15 display ospf cumulative ....................................................................................... 3-15
3.1.16 display ospf error................................................................................................. 3-16
3.1.17 display ospf interface .......................................................................................... 3-19
3.1.18 display ospf lsdb.................................................................................................. 3-19
3.1.19 display ospf nexthop ........................................................................................... 3-21
3.1.20 display ospf peer ................................................................................................. 3-25
3.1.21 display ospf request-queue ................................................................................. 3-27
3.1.22 display ospf retrans-queue.................................................................................. 3-28
3.1.23 display ospf routing ............................................................................................. 3-29
3.1.24 display ospf vlink ................................................................................................. 3-30
3.1.25 filter-policy export ................................................................................................ 3-32
3.1.26 filter-policy import ................................................................................................ 3-33
3.1.27 import-route ......................................................................................................... 3-34
3.1.28 network................................................................................................................ 3-35
3.1.29 nssa..................................................................................................................... 3-36
3.1.30 ospf...................................................................................................................... 3-37
3.1.31 ospf authentication-mode.................................................................................... 3-38
3.1.32 ospf cost .............................................................................................................. 3-39
3.1.33 ospf dr-priority ..................................................................................................... 3-39
3.1.34 ospf mib-binding .................................................................................................. 3-40
3.1.35 ospf mtu-enable .................................................................................................. 3-41
3.1.36 ospf network-type................................................................................................ 3-42
ii
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Table of Contents
3.1.37 ospf timer dead.................................................................................................... 3-43
3.1.38 ospf timer hello .................................................................................................... 3-44
3.1.39 ospf timer poll ...................................................................................................... 3-45
3.1.40 ospf timer retransmit ........................................................................................... 3-46
3.1.41 ospf trans-delay................................................................................................... 3-46
3.1.42 peer ..................................................................................................................... 3-47
3.1.43 preference ........................................................................................................... 3-48
3.1.44 protocol multicast-mac enable ............................................................................ 3-49
3.1.45 reset ospf............................................................................................................. 3-50
3.1.46 router id ............................................................................................................... 3-51
3.1.47 silent-interface ..................................................................................................... 3-52
3.1.48 snmp-agent trap enable ospf .............................................................................. 3-52
3.1.49 spf-schedule-interval ........................................................................................... 3-53
3.1.50 stub...................................................................................................................... 3-54
3.1.51 vlink-peer............................................................................................................. 3-55
Chapter 4 Integrated IS-IS Configuration Commands ............................................................... 4-1
4.1 Integrated IS-IS Configuration Commands........................................................................ 4-1
4.1.1 area-authentication-mode ....................................................................................... 4-1
4.1.2 cost-style ................................................................................................................. 4-2
4.1.3 default-route-advertise ............................................................................................ 4-3
4.1.4 display isis brief ....................................................................................................... 4-4
4.1.5 display isis interface ................................................................................................ 4-5
4.1.6 display isis lsdb ....................................................................................................... 4-6
4.1.7 display isis mesh-group........................................................................................... 4-6
4.1.8 display isis peer....................................................................................................... 4-7
4.1.9 display isis route...................................................................................................... 4-8
4.1.10 display isis spf-log ................................................................................................. 4-9
4.1.11 domain-authentication-mode............................................................................... 4-10
4.1.12 filter-policy export ................................................................................................ 4-11
4.1.13 filter-policy import ................................................................................................ 4-12
4.1.14 ignore-lsp-checksum-error .................................................................................. 4-13
4.1.15 import-route ......................................................................................................... 4-14
4.1.16 import-route isis level-2 into level-1 .................................................................... 4-15
4.1.17 isis ....................................................................................................................... 4-15
4.1.18 isis authentication-mode ..................................................................................... 4-16
4.1.19 isis circuit-level .................................................................................................... 4-18
4.1.20 isis cost................................................................................................................ 4-19
4.1.21 isis dis-priority...................................................................................................... 4-19
4.1.22 isis enable ........................................................................................................... 4-20
4.1.23 isis mesh-group ................................................................................................... 4-21
4.1.24 isis timer csnp...................................................................................................... 4-22
4.1.25 isis timer hello...................................................................................................... 4-23
iii
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Table of Contents
4.1.26 isis timer holding-multiplier.................................................................................. 4-24
4.1.27 isis timer lsp......................................................................................................... 4-25
4.1.28 isis timer retransmit ............................................................................................. 4-25
4.1.29 is-level ................................................................................................................. 4-26
4.1.30 log-peer-change .................................................................................................. 4-27
4.1.31 md5-compatible................................................................................................... 4-28
4.1.32 network-entity ...................................................................................................... 4-28
4.1.33 preference ........................................................................................................... 4-29
4.1.34 reset isis all.......................................................................................................... 4-30
4.1.35 reset isis peer ...................................................................................................... 4-31
4.1.36 set-overload......................................................................................................... 4-31
4.1.37 silent-interface ..................................................................................................... 4-32
4.1.38 spf-delay-interval................................................................................................. 4-33
4.1.39 spf-slice-size........................................................................................................ 4-33
4.1.40 summary.............................................................................................................. 4-34
4.1.41 timer lsp-max-age ............................................................................................... 4-35
4.1.42 timer lsp-refresh .................................................................................................. 4-36
4.1.43 timer spf............................................................................................................... 4-37
Chapter 5 BGP Configuration Commands.................................................................................. 5-1
5.1 BGP Configuration Commands ......................................................................................... 5-1
5.1.1 aggregate ................................................................................................................ 5-1
5.1.2 bgp .......................................................................................................................... 5-3
5.1.3 balance.................................................................................................................... 5-3
5.1.4 compare-different-as-med....................................................................................... 5-4
5.1.5 confederation id....................................................................................................... 5-5
5.1.6 confederation nonstandard ..................................................................................... 5-6
5.1.7 confederation peer-as ............................................................................................. 5-6
5.1.8 dampening............................................................................................................... 5-7
5.1.9 default local-preference........................................................................................... 5-8
5.1.10 default med............................................................................................................ 5-9
5.1.11 display bgp group................................................................................................ 5-10
5.1.12 display bgp network ............................................................................................ 5-11
5.1.13 display bgp paths ................................................................................................ 5-12
5.1.14 display bgp peer .................................................................................................. 5-13
5.1.15 display bgp routing-table ..................................................................................... 5-14
5.1.16 display bgp routing-table as-path-acl .................................................................. 5-16
5.1.17 display bgp routing-table cidr .............................................................................. 5-17
5.1.18 display bgp routing-table community .................................................................. 5-18
5.1.19 display bgp routing-table community-list............................................................. 5-19
5.1.20 display bgp routing-table dampened................................................................... 5-20
5.1.21 display bgp routing-table different-origin-as........................................................ 5-21
5.1.22 display bgp routing-table flap-info ....................................................................... 5-22
iv
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Table of Contents
5.1.23 display bgp routing-table peer............................................................................. 5-24
5.1.24 display bgp routing-table regular-expression ...................................................... 5-24
5.1.25 display bgp routing-table statistic ........................................................................ 5-25
5.1.26 filter-policy export ................................................................................................ 5-26
5.1.27 filter-policy import ................................................................................................ 5-27
5.1.28 group ................................................................................................................... 5-27
5.1.29 import-route ......................................................................................................... 5-28
5.1.30 network................................................................................................................ 5-29
5.1.31 peer advertise-community................................................................................... 5-30
5.1.32 peer allow-as-loop............................................................................................... 5-31
5.1.33 peer as-number ................................................................................................... 5-31
5.1.34 peer as-path-acl export ....................................................................................... 5-32
5.1.35 peer as-path-acl import ....................................................................................... 5-33
5.1.36 peer connect-interface ........................................................................................ 5-33
5.1.37 peer default-route-advertise ................................................................................ 5-34
5.1.38 peer description................................................................................................... 5-35
5.1.39 peer ebgp-max-hop............................................................................................. 5-36
5.1.40 peer enable ......................................................................................................... 5-37
5.1.41 peer filter-policy export........................................................................................ 5-37
5.1.42 peer filter-policy import........................................................................................ 5-38
5.1.43 peer group ........................................................................................................... 5-39
5.1.44 peer ip-prefix export ............................................................................................ 5-40
5.1.45 peer ip-prefix import ............................................................................................ 5-40
5.1.46 peer next-hop-local ............................................................................................. 5-41
5.1.47 peer password..................................................................................................... 5-42
5.1.48 peer public-as-only.............................................................................................. 5-43
5.1.49 peer reflect-client................................................................................................. 5-43
5.1.50 peer route-policy export ...................................................................................... 5-44
5.1.51 peer route-policy import ...................................................................................... 5-45
5.1.52 peer route-update-interval................................................................................... 5-46
5.1.53 peer timer ............................................................................................................ 5-47
5.1.54 preference ........................................................................................................... 5-47
5.1.55 reflect between-clients ........................................................................................ 5-48
5.1.56 reflector cluster-id................................................................................................ 5-49
5.1.57 refresh bgp .......................................................................................................... 5-50
5.1.58 reset bgp ............................................................................................................. 5-50
5.1.59 reset bgp dampening .......................................................................................... 5-51
5.1.60 reset bgp flap-info ............................................................................................... 5-52
5.1.61 reset bgp group ................................................................................................... 5-52
5.1.62 summary.............................................................................................................. 5-53
5.1.63 timer .................................................................................................................... 5-53
5.1.64 undo synchronization .......................................................................................... 5-54
v
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Table of Contents
Chapter 6 IP Routing Policy Configuration Commands............................................................ 6-1
6.1 IP Routing Policy Configuration Commands ..................................................................... 6-1
6.1.1 apply as-path........................................................................................................... 6-1
6.1.2 apply community ..................................................................................................... 6-2
6.1.3 apply cost ................................................................................................................ 6-3
6.1.4 apply cost-type ........................................................................................................ 6-4
6.1.5 apply ip next-hop ..................................................................................................... 6-4
6.1.6 apply isis.................................................................................................................. 6-5
6.1.7 apply local-preference............................................................................................. 6-6
6.1.8 apply origin .............................................................................................................. 6-6
6.1.9 apply tag.................................................................................................................. 6-7
6.1.10 display ip ip-prefix ................................................................................................. 6-8
6.1.11 display route-policy ............................................................................................... 6-9
6.1.12 if-match { acl | ip-prefix }...................................................................................... 6-10
6.1.13 if-match as-path .................................................................................................. 6-11
6.1.14 if-match community ............................................................................................. 6-11
6.1.15 if-match cost ........................................................................................................ 6-12
6.1.16 if-match interface................................................................................................. 6-13
6.1.17 if-match ip next-hop............................................................................................. 6-14
6.1.18 if-match tag.......................................................................................................... 6-15
6.1.19 ip as-path-acl....................................................................................................... 6-16
6.1.20 ip community-list.................................................................................................. 6-16
6.1.21 ip ip-prefix............................................................................................................ 6-17
6.1.22 route-policy.......................................................................................................... 6-19
Chapter 7 Route Capacity Configuration Commands ............................................................... 7-1
7.1 Route Capacity Configuration Commands ........................................................................ 7-1
7.1.1 display memory ....................................................................................................... 7-1
7.1.2 display memory limit................................................................................................ 7-2
7.1.3 memory auto-establish disable ............................................................................... 7-3
7.1.4 memory auto-establish enable ................................................................................ 7-4
7.1.5 memory { safety | limit }* ........................................................................................ 7-5
vi
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
Chapter 1 Static Route Configuration Commands
Note:
The words “router” covered in the following text represent routers in common sense
and Ethernet switches running a routing protocol. To improve readability, this will not
be mentioned again in this manual.
1.1 Routing Table Monitoring Commands
1.1.1 display ip routing-table
Syntax
display ip routing-table
View
Any view
Parameter
None
Description
Use the display ip routing-table command to display the routing table summary.
This command displays the summary of the routing table. Each line represents one
route, containing destination address/mask length, protocol, preference, cost, next
hop, and output interface.
This command displays only the currently used routes, that is, the optimal routes.
Example
# Display the summary of the current routing table.
<3Com> display ip routing-table
Routing Table: public net
Destination/Mask
Protocol
Pre Cost
1.1.1.0/24
DIRECT 0
0
1.1.1.1 Vlan-interface1
1.1.1.1/32
DIRECT 0
0
127.0.0.1
2.2.2.0/24
DIRECT 0
0
2.2.2.1 Vlan-interface2
1-1
Nexthop
Interface
InLoopBack0
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
2.2.2.1/32
DIRECT 0
0
127.0.0.1
InLoopBack0
3.3.3.0/24
DIRECT 0
0
3.3.3.1 Vlan-interface3
3.3.3.1/32
DIRECT 0
0
127.0.0.1
4.4.4.0/24
DIRECT 0
0
4.4.4.1 Vlan-interface4
4.4.4.1/32
DIRECT 0
0
127.0.0.1
InLoopBack0
127.0.0.0/8
DIRECT 0
0
127.0.0.1
InLoopBack0
127.0.0.1/32
DIRECT 0
0
127.0.0.1
InLoopBack0
InLoopBack0
Table 1-1 Description on the fields of the display ip routing-table command
Field
Description
Destination/Mask
Destination address/mask length
Protocol
Routing protocol
Pre
Route preference
Cost
Route cost
Nexthop
Next hop address
Interface
Output interface, through which the data
packets destined for the destination
network segment are sent
1.1.2 display ip routing-table acl
Syntax
display ip routing-table acl { acl-number | acl-name } [ verbose ]
View
Any view
Parameter
acl-number: Number of the number-identified ACL, in the range of 2,000 to 2,999.
acl-name: Name of the basic name-identified ACL.
verbose: Displays the detailed information about active and inactive routes filtered by
the ACL rules if this keyword is provided; displays the brief information about the
active routes filtered by the ACL rules.
Description
Use the display ip routing-table acl command to display the routes filtered by the
basic ACL rules.
This command is mainly used to trace and display the routing policies, that is, to
display the routes filtered by the rules based on the input basic ACL numbers.
1-2
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
Example
# Display the brief information about the active routes filtered by the basic ACL 2000.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] acl number 2000
[3Com-acl-basic-2000] rule permit source 10.1.1.1 0.0.0.255
[3Com-acl-basic-2000] rule deny source any
[3Com-acl-basic-2000] display ip routing-table acl 2000
Routes matched by access-list 2000:
Summary count: 2
Destination/Mask
Protocol Pre
Cost
Nexthop
10.1.1.0/24
DIRECT
0
0
10.1.1.2
10.1.1.2/32
DIRECT
0
0
127.0.0.1
Interface
Vlan-interface1
InLoopBack0
Refer to Table 1-1 for the description on the displayed information above.
# Display the detailed information about the active and inactive routes filtered by the
basic ACL 2000.
<3Com> display ip routing-table acl 2000 verbose
Routes matched by access-list 2000:
Generate Default: no
+ = Active Route, - = Last Active, # = Both
* = Next hop in use
Summary count: 2
**Destination: 10.1.1.0
Mask: 255.255.255.0
Protocol: #DIRECT
Preference: 0
*NextHop: 10.1.1.2
Interface: 10.1.1.2(Vlan-interface1)
Vlinkindex: 0
State:
Age: 7:24
Cost: 0/0
**Destination: 10.1.1.2
Tag: 0
Mask: 255.255.255.255
Protocol: #DIRECT
Preference: 0
*NextHop: 127.0.0.1
Interface: 127.0.0.1(InLoopBack0)
Vlinkindex: 0
State:
Age: 7:24
Cost: 0/0
Tag: 0
Table 1-2 Description on the fields of the display ip routing-table acl command
Field
Destination
Description
Destination address
1-3
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
Field
Description
Mask
Mask
Protocol
Routing protocol that detects this route
Preference
Preference of the route
Nexthop
Address of the next hop
Interface
Outbound interface where packets to the destination network segment
are forwarded.
Vlinkindex
Virtual link index
State
Route state:
ActiveU
Active unicast routes
Blackhole
Blackhole routes, which are similar to Reject routes
except that blackhole routes do not send ICMP
unreachable messages to the source end of the packet.
Delete
The route is deleted.
Gateway
Indirectly reachable routes
Hidden
If you do not want to remove some routes that are not
available temporarily for some reasons (such as the
configured polices, the port being down), you can hide the
route so as to restore it later.
Holddown
Holddown is a route redistribution policy adopted by
some distance-vector (D-V) routing protocols such as
RIP. Through Holddown, a routing protocol can avoid the
flooding of error routes and deliver route unreachable
messages accurately. It redistributes a certain route
every a period of time regardless of whether the actually
found routes destined for the same destination change.
For more details, refer to the specific routing protocols.
Int
The route is discovered by the interior gateway protocol
(IGP).
NoAdvise
NoAdvise routes are nor released when the routing protocol ad
NotInstall
Generally, the route with the highest preference in a
routing table is added to the core routing table and
released. Comparatively, noninstall routes cannot be
added to the core routing table, however, they may be
released.
Reject
Reject route do not distribute packets as other routes.
Instead, the packet that selects a reject route will be
dropped, and ICMP unreachable messages will be sent
to the source end of the packet. Reject routes are
generally used in network tests.
Retain
When the routes in the core routing table are removed,
the routes with the retain tag will not be removed. You can
tag some static routes as retain routes so that they can
continue to exist in the core routing table.
1-4
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
Field
Description
Static
The static routes manually configured on the route are
tagged as static routes, which will not be removed from
the routing table if the router is restarted after the save
command is executed.
Unicast
Unicast routes
Age
The time that a route exists in the routing table, expressed in the form
of hh:mm:ss.
Cost
Route cost
Tag
Route tag
1.1.3 display ip routing-table ip-address
Syntax
display ip routing-table ip-address [ mask ] [ longer-match ] [ verbose ]
View
Any view
Parameter
ip-address: Destination IP address, in dotted decimal notation.
mask: IP address mask, length in dotted decimal notation or expressed as an integer.
It ranges from 0 to 32 when expressed as an integer.
longer-match: Specifies all the routes that lead to the destination address and match
the specified mask. If you do not specify the mask argument, those that match the
natural mask are specified.
verbose: With the verbose argument specified, this command displays the verbose
information of both the active and inactive routes. Without the argument specified, this
command only displays the summary of active routes.
Description
Use the display ip routing-table ip-address command to display the routing
information of the specified destination address.
With different arguments provided, the command output is different. The following is
the command output with different arguments provided:
z
display ip routing-table ip-address
If the destination address ip-address corresponds to a route in the natural mask range,
this command displays the route that is the longest match of the destination address
ip-address and is active.
1-5
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
z
Chapter 1 Static Route Configuration Commands
display ip routing-table ip-address mask
This command only displays the routes exactly matching the specified destination
address and mask.
z
display ip routing-table ip-address longer-match
This command displays all destination address routes matching the specified
destination address in the natural mask range.
z
display ip routing-table ip-address mask longer-match
This command displays all destination address routes matching the specified
destination address in the specified mask range.
Example
# There is a corresponding route in the natural mask range. Display the summary.
<3Com> display ip routing-table 169.0.0.0
Destination/Mask
Protocol Pre Cost
Nexthop
Interface
169.0.0.0/16
Static
2.1.1.1
LoopBack1
60
0
For detailed description of the output information, see Table 1-1.
# There is no corresponding route (only the longest matching route is displayed) in the
natural mask range. Display the summary.
<3Com> display ip routing-table 169.253.0.0
Destination/Mask
Protocol Pre
Cost
Nexthop
Interface
169.0.0.0/8
Static
0
2.1.1.1
LoopBack1
60
# There are corresponding routes in the natural mask range. Display detailed
information.
<3Com> display ip routing-table 169.0.0.0 verbose
Routing Tables:
Generate Default: no
+ = Active Route, - = Last Active, # = Both
* = Next hop in use
Summary count:2
**Destination: 169.0.0.0
Protocol: #Static
Mask: 255.0.0.0
Preference: 60
*NextHop: 2.1.1.1
Interface: 2.1.1.1(LoopBack1)
Vlinkindex: 0
State:
Age: 3:47 Cost: 0/0
**Destination: 169.0.0.0
Protocol: #Static
Tag: 0
Mask: 255.254.0.0
Preference: 60
*NextHop: 2.1.1.1
Interface: 2.1.1.1(LoopBack1)
Vlinkindex: 0
State:
1-6
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Age: 3:47 Cost: 0/0
Chapter 1 Static Route Configuration Commands
Tag: 0
# There is no corresponding route in the natural mask range (only the longest
matched route is displayed). Display the detailed information.
<3Com> display ip routing-table 169.253.0.0 verbose
Routing Tables:
Generate Default: no
+ = Active Route, - = Last Active, # = Both
* = Next hop in use
Summary count:1
**Destination: 169.0.0.0
Protocol: #Static
Mask: 255.0.0.0
Preference: 60
*NextHop: 2.1.1.1
Interface: 2.1.1.1(LoopBack1)
Vlinkindex: 0
State:
Age: 3:47 Cost: 0/0
Tag: 0
For detailed description of the output information, see Table 1-2.
1.1.4 display ip routing-table ip-address1 ip-address2
Syntax
display ip routing-table ip-address1 mask1 ip-address2 mask2 [ verbose ]
View
Any view
Parameter
ip-address1, ip-address2: Destination IP address in dotted decimal notation.
ip-address1, mask1 and ip-address2, mask2 determine one address range
together. .ip-address1 ANDed with mask1 specifies the start of the range, while
ip-address2 ANDed with mask2 specifies the end. This command displays the route
in this address range.
mask1, mask2: IP address mask, length in dotted decimal notation or expressed as
an integer. It ranges from 0 to 32 when expressed as an integer.
verbose: With the verbose argument provided, this command displays the verbose
information of both active and inactive routes. Without this argument provided, this
command displays the summary of active routes only.
Description
Use the display ip routing-table ip-address1 ip-address2 command to display the
route information in the specified destination address range.
1-7
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
Example
# Display the routing information of destination addresses ranging from 1.1.1.0 to
2.2.2.0.
<3Com>display ip routing-table 1.1.1.0 24 2.2.2.0 24
Routing tables:
Summary count: 3
Destination/Mask
Protocol
1.1.1.0/24
DIRECT
Pre Cost
0
0
Nexthop
1.1.1.1/32
DIRECT
0
0
127.0.0.1
2.2.2.0/24
DIRECT
0
0
2.2.2.1
1.1.1.1
Interface
Vlan-interface1
InLoopBack0
Vlan-interface2
For detailed description of the output information, see Table 1-1.
1.1.5 display ip routing-table ip-prefix
Syntax
display ip routing-table ip-prefix ip-prefix-name [ verbose ]
View
Any view
Parameter
ip-prefix-name: Name of the IP address prefix list, containing 1 to 19 characters.
verbose: Displays the detailed information about active and inactive routes filtered by
the ACL rules if this keyword is provided; displays the brief information about the
active routes filtered by the ACL rules.
Description
Use the display ip routing-table ip-prefix command to display the routes filtered
based on the specified ip-prefix list.
This command is mainly used to track and display the routing policy. It displays the
routes filtered by the rules based on the input ip-prefix list name.
If the specified ip-prefix list does not exist, with the verbose keyword provided, this
command displays the detailed information about all active and inactive routes;
without the verbose argument keyword, this command displays the brief information
about all active routes only.
Example
# Display the brief information about the active routes filtered by the IP-prefix list
named abc2, which permits the route with a prefix of 10.1.1.0 and a mask length of 24
to 32.
1-8
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ip ip-prefix abc2 permit 10.1.1.0 24 less-equal 32
[3Com] display ip routing-table ip-prefix abc2
Routes matched by ip-prefix abc2:
Summary count: 2
Destination/Mask
Protocol Pre
Cost
10.1.1.0/24
DIRECT
0
10.1.1.2/32
DIRECT 0
0
0
Nexthop
Interface
10.1.1.2
127.0.0.1
Vlan-interface1
InLoopBack0
For detailed information about the displayed information above, please refer to Table
1-1.
# Display the detailed information about the active and inactive routes filtered by the
ip-prefix list named abc2.
[3Com] display ip routing-table ip-prefix abc2 verbose
Routes matched by ip-prefix abc2:
Generate Default: no
+ = Active Route, - = Last Active, # = Both
* = Next hop in use
Summary count: 2
**Destination: 10.1.1.0
Mask: 255.255.255.0
Protocol: #DIRECT
Preference: 0
*NextHop: 10.1.1.2
Interface: 10.1.1.2(Vlan-interface1)
Vlinkindex: 0
State:
Age: 3:23:44
Cost: 0/0
**Destination: 10.1.1.2
Tag: 0
Mask: 255.255.255.255
Protocol: #DIRECT
Preference: 0
*NextHop: 127.0.0.1
Interface: 127.0.0.1(InLoopBack0)
Vlinkindex: 0
State:
Age: 3:23:44
Cost: 0/0
Tag: 0
For detailed description on the displayed information above, refer to Table 1-2.
1.1.6 display ip routing-table protocol
Syntax
display ip routing-table protocol protocol [ inactive | verbose ]
1-9
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
View
Any view
Parameter
protocol: You can provide one of the following values for this argument.
z
direct: Displays direct-connect route information
z
static: Displays static route information.
z
bgp: Displays BGP route information
z
isis: Displays IS-IS route information.
z
ospf: Displays OSPF route information.
z
ospf-ase: Displays OSPF ASE route information.
z
ospf-nssa: Displays OSPF NSSA route information.
z
rip: Displays RIP route information.
inactive: With this argument provided, this command displays the inactive route
information. Without this argument provided, this command displays both active and
inactive route information.
verbose: With this argument provided, this command displays the verbose route
information. Without this argument provided, this command displays route summary
only.
Description
Use the display ip routing-table protocol command to display the route information
of a specific protocol.
Example
# Display the summary of all direct-connect routes.
<3Com> display ip routing-table protocol direct
DIRECT Routing tables:
Summary count: 8
DIRECT Routing table status::
Summary count: 7
Destination/Mask
10.5.1.0/24
Protocol Pre
DIRECT
Cost
Nexthop
0
0
10.5.1.5
Interface
Vlan-interface105
10.5.1.5/32
DIRECT
0
0
127.0.0.1
InLoopBack0
100.100.1.1/32
DIRECT
0
0
127.0.0.1
InLoopBack0
102.1.1.0/24
DIRECT
0
0
102.1.1.1
LoopBack1
102.1.1.1/32
DIRECT
0
0
127.0.0.1
InLoopBack0
127.0.0.0/8
DIRECT
0
0
127.0.0.1
InLoopBack0
127.0.0.1/32
DIRECT
0
0
127.0.0.1
InLoopBack0
DIRECT Routing table status::
1-10
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
Summary count: 1
Destination/Mask
Protocol Pre
Cost
Nexthop
Interface
100.100.1.1/32
DIRECT
0
100.100.1.1
LoopBack0
0
# Display the static routing table.
<3Com> display ip routing-table protocol static
STATIC Routing tables:
Summary count: 1
STATIC Routing tables status::
Summary count: 0
STATIC Routing tables status::
Summary count: 1
Destination/Mask
Protocol
Pre Cost
Nexthop
1.2.3.0/24
STATIC
60
1.2.4.5
0
Interface
Vlan-interface10
For detailed description of the output information, see Table 1-1.
1.1.7 display ip routing-table radix
Syntax
display ip routing-table radix
View
Any view
Parameter
None
Description
Use the display ip routing-table radix command to display the route information in a
tree structure.
Example
<3Com> display ip routing-table radix
Radix tree for INET (2) inodes 14 routes 10:
+--8+--{169.0.0.0
|
+-32+--{169.1.1.1
+--0+
|
|
+--8+--{127.0.0.0
|
|
|
|
+--1+
+-32+--{127.0.0.1
|
|
+--8+--{2.0.0.0
|
|
|
+-24+--{2.2.2.0
1-11
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
|
|
|
|
|
|
|
|
|
|
+--6+
|
Chapter 1 Static Route Configuration Commands
|
+-32+--{2.2.2.2
+-22+
+-32+--{2.2.1.1
+--8+--{1.0.0.0
|
+-32+--{1.1.1.1
Table 1-3 Description on the fields of the display ip routing-table radix command
Field
Description
INET
Address suite
inodes
Number of nodes
routes
Number of routes
1.1.8 display ip routing-table statistics
Syntax
display ip routing-table statistics
View
Any view
Parameter
None
Description
Use the display ip routing-table statistics command to display the statistics
information about routes.
The statistics information about routes includes the total number of routes, the
number of routes added by protocols, the number of routes deleted by the protocols,
the number of routes which are not deleted though they are with the deleted tag, the
number of active routes, and the number of inactive routes.
Example
# Display the statistics information about routes.
<3Com> display ip routing-table statistics
Routing tables:
Proto
route
active
added
deleted
DIRECT
24
4
25
1
STATIC
4
1
4
0
BGP
0
0
0
0
1-12
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
RIP
0
0
0
0
IS-IS
0
0
0
0
OSPF
0
0
0
0
O_ASE
0
0
0
0
O_NSSA
0
0
0
0
AGGRE
0
0
0
0
Total
28
5
29
1
Table 1-4 Description on the fields of the display ip routing-table statistics
command
Field
Description
Proto
Routing protocol. O_ASE stands for
OSPF_ASE routes; O_NSSA stands for
OSPF NSSA routes; AGGRE stands for
aggregated routes.
route
Number of routes
active
Number of active routes
added
Number of routes added after the router
is rebooted or the routing table is cleared
last time.
deleted
Number of routes deleted (Such routes
will be freed in a period of time)
Total
Total number of the different kinds of
routes.
1.1.9 display ip routing-table verbose
Syntax
display ip routing-table verbose
View
Any view
Parameter
None
Description
Use the display ip routing-table verbose command to display the verbose routing
table information.
With the verbose argument provided, this command displays the verbose routing
table information. The descriptor describing the route state will be displayed first.
1-13
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
Then, the statistics of the entire routing table will be output. Finally, the verbose
description of each route will be output.
The display ip routing-table verbose command can display all current routes,
including inactive routes and invalid routes.
Example
# Display the verbose routing table information.
<3Com> display ip routing-table verbose
Routing Tables:
+ = Active Route, - = Last Active, # = Both
Destinations: 3
Holddown: 0
* = Next hop in use
Routes: 3
Delete: 62
Hidden: 0
**Destination: 1.1.1.0
Mask: 255.255.255.0
Protocol: #DIRECT
Preference: 0
*NextHop: 1.1.1.1
Interface: 1.1.1.1(Vlan-interface1)
State:
Age: 20:17:41
Cost: 0/0
**Destination: 1.1.1.1
Mask: 255.255.255.255
Protocol: #DIRECT
Preference: 0
*NextHop: 127.0.0.1
Interface: 127.0.0.1(InLoopBack0)
State:
Age: 20:17:42
Cost: 0/0
**Destination: 2.2.2.0
Mask: 255.255.255.0
Protocol: #DIRECT
Preference: 0
*NextHop: 2.2.2.1
Interface: 2.2.2.1(Vlan-interface2)
State:
Age: 20:08:05
Cost: 0/0
Table 1-2 describes the meaning of route status and Table 1-5 shows the statistics
information about the routing table.
Table 1-5 Description on the fields of the display ip routing-table verbose
command
Field
Description
Holddown
Number of held-down routes
Delete
Number of deleted routes
Hidden
Number of hidden routes
1-14
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
1.2 Static Route Configuration Commands
1.2.1 delete static-routes all
Syntax
delete static-routes all
View
System view
Parameter
None
Description
Use the delete static-routes all command to delete all static routes.
The system will request your confirmation before it deletes all the configured static
routes.
Related command: ip route-static and display ip routing-table.
Example
# Delete all the static routes in the router.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] delete static-routes all
Are you sure to delete all the unicast static routes?[Y/N]y
1.2.2 ip route-static
Syntax
ip route-static ip-address { mask | mask-length } { interface-type interface-number |
next-hop } [ preference preference-value ] [ reject | blackhole ]
undo ip route-static ip-address { mask | mask-length } [ interface-type
interface-number | next-hop ] [ preference preference-value ] [ reject | blackhole ]
View
System view
Parameter
ip-address: Destination IP address, in dotted decimal notation.
mask: Mask.
1-15
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
mask-length: Mask length. Since 1s in a 32-bit mask must be consecutive, a mask in
dotted decimal notation can be replaced by mask-length, which is the number of the
consecutive 1s in the mask.
interface-type interface-number: Next-hop outgoing interface. The packets sent to a
null interface, which is a virtual interface, will be discarded immediately. This can
decrease the system load.
next-hop: Next hop IP address of the route, in dotted decimal notation.
preference-value: Preference level of the route, in the range from 1 to 255. The
default preference is 60.
reject: Indicates an unreachable route. If a static route to a destination has the
"reject" attribute, all the IP packets destined for this destination will be discarded.
blackhole: Indicates a blackhole route. If a static route to a destination has the
“blackhole” attribute, the outgoing interface of this route is the Null 0 interface
regardless of the next hop address, and all the IP packet addresses destined for this
destination are dropped without the source host being notified.
Description
Use the ip route-static command to configure a static route.
Use the undo ip route-static command to delete a manually configured static route.
By default, the system can obtain the subnet route directly connected to the router.
When you configure a static route, if no preference is specified for the route, the
preference defaults to 60, and if the route is not specified as reject or blackhole, the
route will be reachable by default.
When configuring a static route, note the following points:
z
If the destination IP address and the mask are both 0.0.0.0, what you are
configuring is a default route. All the packets that fail to find a routing entry will be
forwarded through this default route.
z
You cannot configure an interface address of the local switch as the next hop
address of a static route.
z
You can configure a different preference to implement flexible route
management policy.
Related command: display ip routing-table, ip route-static default-preference, ip
route-static default-preference.
Example
# Configure the next hop of the default route as 129.102.0.2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ip route-static 0.0.0.0 0.0.0.0 129.102.0.2
1-16
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 1 Static Route Configuration Commands
1.2.3 ip route-static default-preference
Syntax
ip route-static default-preference default-preference-value
undo ip route-static default-preference
View
System view
Parameter
default-preference-value: Default precedence of the static routes, in the range of 1 to
255. It is 60 by default.
Description
Use the ip route-static default-preference command to set the default precedence
of the static routes.
Use the undo ip route-static default-preference command to restore the default
precedence to the default value.
If a static route is configured without the specified precedence, its precedence is set to
the default precedence value.
Related command: display ip routing-table, and ip route-static.
Example
# Set the default precedence of static routes to 120.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ip route-static default-preference 120
1-17
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
Chapter 2 RIP Configuration Commands
Note:
The word “router” covered in the following text represent routers in common sense
and Ethernet switches running a routing protocol. To improve readability, this will not
be mentioned again in this manual.
2.1 RIP Configuration Commands
2.1.1 checkzero
Syntax
checkzero
undo checkzero
View
RIP view
Parameter
None
Description
Use the checkzero command to enable zero field check of RIP-1 packets.
Use the undo checkzero command to disable zero field check.
By default, RIP-1 performs zero field check.
According to the protocol (RFC 1058) specifications, some fields in RIP-1 packets
must be zero and these fields are called zero fields. You can use the checkzero
command to enable/disable zero field check of RIP-1 packets. When zero field check
is enabled, if an incoming RIP-1 packet has a non-zero zero field, the packet will be
rejected.
This command does not apply to RIP-2 packets because they have no zero fields.
Example
# Disable zero field check on RIP-1 packets.
<3Com> system-view
2-1
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] undo checkzero
2.1.2 default cost
Syntax
default cost value
undo default cost
View
RIP view
Parameter
value: Default routing cost to be set, ranging from 1 to 16. It is 1 by default.
Description
Use the default cost command to set the default routing cost of imported routes.
Use the undo default cost command to restore the default value.
If no routing cost is specified when you use the import-route command to import
routes from another routing protocol, the routes will be imported with the default
routing cost specified with the default cost command.
Related command: import-route.
Example
# Set the default routing cost of the routes imported from other routing protocols to 3.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] default cost 3
2.1.3 display rip
Syntax
display rip
View
Any view
Parameter
None
2-2
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
Description
Use the display rip command to display the current RIP operation state and RIP
configuration.
Example
# Display the current RIP operation state and configuration.
<3Com> display rip
RIP is running
Checkzero is on
Default cost : 1
Summary is on
Preference : 100
Traffic-share-across-interface is off
Period update timer : 30
Timeout timer : 180
Garbage-collection timer : 120
No peer router
Network :
10.0.0.0
Table 2-1 Description on the fields of the display rip command
Field
Description
RIP is running
RIP is active.
Checkzero is on
Zero field checking is enabled.
Default cost : 1
The default route cost is 1
Summary is on
Routes are aggregated automatically
Preference : 100
The preference of RIP is 100
Traffic-share-across-interface is off
Traffic is shared across equivalent
routes.
Period update timer : 30
Timeout timer : 180
Settings of the three timers of RIP
Garbage-collection timer : 120
No peer router
No destination address of a transmission
is specified
Network :10.0.0.0
RIP is enabled on network segment
10.0.0.0
2.1.4 display rip routing
Syntax
display rip routing
2-3
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
View
Any view
Parameter
None
Description
Use the display rip routing command to display RIP routing information.
Example
# Display RIP routing table information.
<3Com> display rip routing
RIP routing table: public net
A = Active
I = Inactive
G=Garbage collection
Destination/Mask
Cost NextHop
Age
SourceGateway
Att
6.0.0.0/8
1
4s
10.153.25.22
A
10.153.25.22
Table 2-2 Description on the fields of the display rip routing command
Field
Description
Destination/Mask
Destination address/Mask
Cost
Cost
NextHop
Net hop address
Age
The time that a route exists in the routing
table, namely, the aging time
SourceGateway
Gateway originating the route
Attribute value, which may be one of the
three following values:
Att
2-4
A
Active routes
I
Inactive routes
G
Unreachable route in the state of
garbage collection. If garbage
collection times out, and the
unreachable route does not receive
update messages from the same
neighbor, the route will be removed
from the routing table completely.
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
2.1.5 filter-policy export
Syntax
filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol | interface
interface-type interface-number ]
filter-policy route-policy route-policy-name export
undo filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol |
interface interface-type interface-number ]
undo filter-policy route-policy route-policy-name export
View
RIP view
Parameter
acl-number: Number of the basic or advanced ACL used to filter routing information
by destination address, in the range of 2,000 to 3,999.
ip-prefix-name: Name of the address ip-prefix list used to filter routing information by
destination address, containing 1 to 19 characters.
route-policy-name: Name of the routing policy used to filter routing information,
containing 1 to 19 characters. A routing policy can enable RIP to determine which
routes
are
to
be
sent/received
based
on
such
fields
as
acl/cost/interface/ip/ip-prefix/tag.
protocol: Routing protocol whose routing information is to be filtered. Currently, this
can be bgp, direct, isis, ospf, ospf-ase, ospf-nssa or static.
interface: Interface where the routes to be advertised will be filtered.
Description
Use the filter-policy export command to enable RIP to filter the routing information to
be advertised.
Use the undo filter-policy export command to cancel the filtering of the routing
information to be advertised.
By default, RIP does not filter routing information before advertising.
Related command: acl, filter-policy import, ip ip-prefix.
Example
# Configure to filter route information by ACL 2000 before the information is
advertised.
<3Com> system-view
System View: return to User View with Ctrl+Z.
2-5
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
[3Com] rip
[3Com-rip] filter-policy 2000 export
2.1.6 filter-policy import
Syntax
filter-policy gateway ip-prefix-name import
undo filter-policy gateway ip-prefix-name import
filter-policy { acl-number | ip-prefix ip-prefix-name [ gateway ip-prefix-name ] |
route-policy route-policy-name } import [ interface interface-type interface-number ]
undo filter-policy { acl-number | ip-prefix ip-prefix-name [ gateway ip-prefix-name ]
|
route-policy
route-policy-name
}
import
[
interface
interface-type
interface-number ]
View
RIP view
Parameter
acl-number: Number of the ACL used to filter routing information by destination
address, in the range of 2,000 to 3,999.
ip-prefix-name: Name of the address prefix list used to filter routing information by
destination address, containing 1 to 19 characters.
gateway ip-prefix-name: Name of the address prefix list used to filter routing
information by the address of the neighbor router advertising the information,
containing 1 to 19 characters.
route-policy-name: Name of the routing policy used to filter routing information,
containing 1 to 19 characters.A routing policy can enable RIP to determine which
routes
are
to
be
sent/received
based
on
such
fields
as
acl/cost/interface/ip/ip-prefix/tag.
interface interface-type interface-number: Filters routes on the specified interface.
The interface-type argument represents the interface type and the interface-number
argument represents the interface number.
Description
Use the filter-policy gateway import command to enable RIP to filter received
routing information by a specified address so that the routing information advertised
by the address can pass the filter.
Use the undo filter-policy gateway import command to disable the above filtering.
Use the filter-policy import command to filter the received routing information.
Use the undo filter-policy import command to disable the above filtering.
2-6
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
You can control the range of routes received by RIP by specifying an ACL, ip-prefix list
and routing policies.
Related command: acl, filter-policy export, ip ip-prefix.
Example
# Configure to filter incoming routing information by acl 2000.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] filter-policy 2000 import
2.1.7 host-route
Syntax
host-route
undo host-route
View
RIP view
Parameter
None
Description
Use the host-route command to enable RIP to accept host routes.
Use the undo host-route command to reject host routes.
By default, RIP accepts host routes.
In some special cases, RIP receives a great number of host routes from the same
network segment. These routes are of little help to path searching and occupy a lot of
resources. In this case, the undo host-route command can be used to reject host
routes.
Example
# Enable RIP to reject host routes.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] undo host-route
2-7
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
2.1.8 import-route
Syntax
import-route protocol [ cost value | route-policy route-policy-name ]*
undo import-route protocol
View
RIP view
Parameter
protocol: Source routing protocol whose routes will be imported by RIP. At present,
RIP can import the following types of routes: direct, ospf, ospf-ase, ospf-nssa,
static, isis and bgp.
value: Cost value of the routes to be imported, in the range of 1 to 16.
route-policy route-policy-name: Name of a routing policy, containing 1 to 19
characters.Specifies to import only the routes matching the conditions of the specified
route-policy
Description
Use the import-route command to import the routes of another protocol into RIP.
Use the undo import-route command to cancel the routes imported from another
protocol.
By default, RIP does not import routes from other protocols.
The import-route command is used to import the routes of another protocol with a
specified cost.. RIP regards the imported routes as its own routes and transmits them
with the specified cost. This command can greatly enhance the capability of RIP to
obtain routes, thereby improving RIP performance.
If the cost value is not specified, routes will be imported with the default routing cost
(set by the default cost command, ranging from 1 to 16). If the cost of an imported
route is 16, RIP marks the route as HOLD DOWN (however, the route can still be used
to forward packets), and continues to announce the route with this cost to other
routers running RIP until the Garbage Collection timer times out (the timeout time
defaults to 120 seconds).
Related command: default cost.
Example
# Import static routes with the cost of 4.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
2-8
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
[3Com-rip] import-route static cost 4
# Set the default cost and import OSPF routes with the default cost.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] default cost 3
[3Com-rip] import-route ospf
2.1.9 network
Syntax
network network-address
undo network network-address
View
RIP view
Parameter
network-address: Address of the network for which RIP is enabled/disabled. It can be
the IP network address of any interface.
Description
Use the network command to enable RIP on a specified interface.
Use the undo network command to disable RIP on the interface.
By default, RIP is disabled on any interface.
After a RIP routing process is started, it is disabled on any interface. To enable RIP
routing on an interface, you must use the network command.
The undo network command is similar to the undo rip work command in function.
But they are not identical.
Their similarity is that the interface using either command will not receive/transmit RIP
routes any more.
The difference between them is that, in the case of undo rip work, other interfaces
will still forward the routes of the interface on which the undo rip work command is
executed. In the case of undo network, other interfaces will not forward the routes of
the interface on which the undo network command is executed and it seems that the
interface disappeared.
When the network command is used on an address, the effect is that the interface on
the network segment at this address is enabled. For example, the results of viewing
the network 129.102.1.1 with both the display current-configuration command and
the display rip command are shown as network 129.102.0.0.
2-9
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
Related command: rip work.
Example
# Enable RIP on the interface with the network address 129.102.0.0.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] network 129.102.0.0
2.1.10 peer
Syntax
peer ip-address
undo peer ip-address
View
RIP view
Parameter
ip-address: IP address of the interface on the peer router with which routing
information needs to be exchanged, in dotted decimal notation.
Description
Use the peer command to configure the destination address of the peer device with
which routing information should be exchanged in unicast mode.
Use the undo peer command to cancel a unicast address.
By default, RIP does not send packets to any address in unicast mode.
This command is used to for non-broadcast networks to which protocol packets
cannot be sent in broadcast mode. And you are not recommended to use this
command in normal situation.
Example
# Specify a unicast destination address of 202.38.165.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] peer 202.38.165.1
2-10
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
2.1.11 preference
Syntax
preference value
undo preference
View
RIP view
Parameter
value: Preference level, ranging from 1 to 255. By default, the value is 100.
Description
Use the preference command to configure the route preference of RIP.
Use the undo preference command to restore the default preference.
Every routing protocol has its own preference. Its default value is determined by the
specific routing policy. The preferences of routing protocols will finally determine
which routing algorithm's routes will be selected as the optimal routes in the IP routing
table. You can use this command to modify the RIP preference manually.
Example
# Specify the RIP preference as 20.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] preference 20
2.1.12 reset
Syntax
reset
View
RIP view
Parameter
None
Description
Use the reset command to reset the system configuration parameters of RIP.
2-11
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
When you need to re-configure the parameters of RIP, you can use this command to
restore the default setting.
Example
# Reset the RIP system configuration.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] reset
% Reset RIP's configuration and restart RIP? [Y/N]y
2.1.13 rip
Syntax
rip
undo rip
View
System view
Parameter
None
Description
Use the rip command to enable RIP and enter RIP view.
Use the undo rip command to disable RIP.
By default, the system does not run RIP.
RIP must be enabled before you can enter the RIP view and configure various RIP
global parameters. You can, however, configure the interface-based parameters
regardless of whether RIP is enabled.
Note:
Note that the interface parameters configured previously would be invalid when RIP is
disabled.
Example
# Enable RIP and enter RIP view.
<3Com> system-view
2-12
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip]
2.1.14 rip authentication-mode
Syntax
rip authentication-mode { simple password | md5 { rfc2453 key-string | rfc2082
key-string key-id } }
undo rip authentication-mode
View
Interface view
Parameter
simple: Specifies to use simple text authentication mode.
password: Simple text authentication key, containing 1 to 16 characters.
md5: Specifies to use MD5 cipher text authentication mode.
rfc2453: Specifies that MD5 cipher text authentication packets will use a packet
format (IETF standard) stipulated by RFC2453.
rfc2082: Specifies that MD5 cipher text authentication packets will use a packet
format stipulated by RFC2082.
key-string: MD5 cipher text authentication key. If it is input in a plain text form, MD5
key is a character string not exceeding 16 characters. And it will be displayed in a
cipher text form in a length of 24 characters when you use the display
current-configuration command. You can also input the MD5 key in a cipher text
form with a length of 24 characters.
key-id: MD5 cipher text authentication identifier, ranging from 1 to 255.
Description
Use the rip authentication-mode command to configure RIP-2 authentication mode
and its parameters.
Use the undo rip authentication-mode command to cancel RIP-2 authentication
mode.
RIP-1 does not authenticate packets. Generally RIP authenticates packets in two
modes: plaintext authentication and MD5 ciphertext authentication. There are two
packet formats in the MD5 ciphertext authentication: one format conforms to RFC
2453 and the other format is described in RFC 2082. Routers support both formats.
You can select any format as required.
Related command: rip version.
2-13
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
Example
# Specify the interface Vlan-interface 10 to use the simple authentication with the
authentication key of aaa.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] rip version 2
[3Com-Vlan-interface10] rip authentication-mode simple aaa
# Specify Vlan-interface 10 to use the MD5 cipher text authentication, with the
authentication key of aaa and the packet format of rfc2453.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] rip version 2
[3Com-Vlan-interface10] rip authentication-mode md5 rfc2453 aaa
2.1.15 rip input
Syntax
rip input
undo rip input
View
Interface view
Parameter
None
Description
Use the rip input command to enable an interface to receive RIP packets.
Use the undo rip input command to disable an interface from receiving RIP packets.
By default, all interfaces, except loopback interfaces, can receive RIP packets.
This command is used in cooperation with another two commands: rip output and rip
work. Functionally, rip work is equivalent to rip input & rip output. The latter two
control the receipt and the transmission of RIP packets respectively on an interface.
The former command equals the functional combination of the latter two commands.
Related command: rip output, rip work.
Example
# Configure the interface Vlan-interface 10 not to receive RIP packets.
2-14
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 10
[3Com-Vlan-interface10] undo rip input
2.1.16 rip metricin
Syntax
rip metricin value
undo rip metricin
View
Interface view
Parameter
value: Additional route metric added when receiving a RIP route, ranging from 0 to 16.
By default, the value is 0.
Description
Use the rip metricin command to configure the additional route metric added to the
RIP routes received on an interface.
Use the undo rip metricin command to restore the default value of this additional
route metric.
Related command: rip metricout.
Example
# Set the additional route metric added to RIP routes received on Vlan-interface 10 to
2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] rip metricin 2
2.1.17 rip metricout
Syntax
rip metricout value
undo rip metricout
View
Interface view
2-15
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
Parameter
value: Additional route metric added when transmitting a RIP route, ranging from 1 to
16. By default, the value is 1.
Description
Use the rip metricout command to configure the additional route metric added to the
RIP routes to be transmitted on an interface.
Use the undo rip metricout command to restore the default value of this additional
route metric.
Note:
The metricout configuration only applies to the RIP routes learnt by the router and
those generated by the router itself. It does not apply to any route imported to RIP by
any other routing protocol.
Related command: rip metricin.
Example
# Set the additional route metric added to the RIP routes to be transmitted on
Vlan-interface 10 to 2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] rip metricout 2
2.1.18 rip output
Syntax
rip output
undo rip output
View
Interface view
Parameter
None
Description
Use the rip output command to enable an interface to transmit RIP packets.
2-16
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
Use the undo rip output command to disable an interface from transmitting RIP
packets.
By default, all interfaces except loopback interfaces are enabled to transmit RIP
packets to the external.
This command is used in cooperation with another two commands: rip input and rip
work . Functionally, rip work is equivalent to rip input & rip output. The latter two
control the receipt and the transmission of RIP packets respectively on an interface.
The former command equals the functional combination of the latter two commands.
Related command: rip input, rip work.
Example
# Disable the interface Vlan-interface 10 from transmitting RIP packets.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] undo rip output
2.1.19 rip split-horizon
Syntax
rip split-horizon
undo rip split-horizon
View
Interface view
Parameter
None
Description
Use the rip split-horizon command to configure an interface to use split horizon
when transmitting RIP packets.
Use the undo rip split-horizon command to configure an interface not to use split
horizon when transmitting RIP packets.
By default, an interface is enabled to use split horizon when transmitting RIP packets.
Normally, split horizon is necessary for avoiding route loop. Only in some special
cases does split horizon need to be disabled to ensure the correct execution of the
protocol. So, disable split horizon only when necessary.
2-17
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
Example
# Specify the interface Vlan-interface 10 not to use split horizon when processing RIP
packets.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] undo rip split-horizon
2.1.20 rip version
Syntax
rip version { 1 | 2 [ broadcast | multicast ] }
undo rip version
View
Interface view
Parameter
1: Specifies the version of RIP packets on the interface to RIP-1.
2: Specifies the version of RIP packets on the interface to RIP-2.
broadcast: Transmission mode of RIP-2 packets is broadcast.
multicast: Transmission mode of RIP-2 packets is multicast.
Description
Use the rip version command to specify the version of RIP packets on an interface.
Use the undo rip version command to restore the default RIP packet version on the
interface.
By default, the interface RIP version is RIP-1. RIP-1 transmits packets in broadcast
mode, while RIP-2 transmits packets in multicast mode by default.
When running RIP-1, the interface only receives and transmits RIP-1 broadcast
packets, and receives RIP-2 broadcast packets, but does not receive RIP-2 multicast
packets. When running RIP-2 in broadcast mode, the interface receives and transmits
RIP-2 broadcast packets, receives RIP-1 broadcast packets and RIP-2 multicast
packets. When running RIP-2 in multicast mode, the interface only receives and
transmits RIP-2 multicast packets, receives RIP-2 broadcast packets, but does not
receive RIP-1 broadcast packets.
Example
# Configure the interface Vlan-interface 10 as RIP-2 broadcast mode.
<3Com> system-view
2-18
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] rip version 2 broadcast
2.1.21 rip work
Syntax
rip work
undo rip work
View
Interface view
Parameter
None
Description
Use the rip work command to enable RIP to transmit and receive RIP packets on an
interface.
Use the undo rip work command to disable RIP from transmitting and receiving RIP
packets on an interface.
By default, RIP is enabled from transmitting and receiving RIP packets on an
interface.
This command is used in cooperation with rip input, rip output and network
commands.
Related command: network, rip input, rip output.
Example
# Disable RIP from transmitting and receiving RIP packets on the interface
Vlan-interface 10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] undo rip work
2.1.22 summary
Syntax
summary
undo summary
2-19
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
View
RIP view
Parameter
None
Description
Use the summary command to enable RIP-2 automatic route aggregation.
Use the undo summary command to disable RIP-2 automatic route aggregation.
By default, RIP-2 route aggregation is enabled.
Route aggregation can be used to reduce the routing traffic on the network as well as
to reduce the size of the routing table. If RIP-2 is used, route aggregation function can
be disabled with the undo summary command when it is necessary to broadcast
subnet routes.
RIP-1 does not support subnet mask. Forwarding subnet routes may cause ambiguity.
Therefore, RIP-1always uses route aggregation.
Related command: rip version.
Example
# Set RIP version on the interface Vlan-interface 10 as RIP-2 and disable route
aggregation.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] rip version 2
[3Com-Vlan-interface10] quit
[3Com] rip
[3Com-rip] undo summary
2.1.23 timers
Syntax
timers { update update-timer | timeout timeout-timer } *
undo timers { update | timeout } *
View
RIP view
2-20
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
Parameter
update-timer: Value of the Period Update timer, ranging from 1 to 3,600 seconds. By
default, it is 30 seconds.
timeout-timer: Value of the Timeout timer, ranging from 1 to 3,600 seconds. By default,
it is 180 seconds.
Description
Use the timers command to modify the values of the three RIP timers: Period Update,
Timeout, and Garbage-collection.
Use the undo timers command to restore the default settings.
By default, the Period Update, Timeout, and Garbage-collection timers are 30
seconds, 180 seconds, and 120 seconds, respectively.
Generally, it is regarded that the value of the Garbage-collection timer is fixed at four
times that of the Period Update timer. Adjusting the Period Update timer will affect the
Garbage-collection timer.
The modification of RIP timers is validated immediately.
Related command: display rip.
Example
# Set the values of the Period Update timer and the Timeout timer of RIP to 10
seconds and 30 seconds respectively.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] timers update 10 timeout 30
2.1.24 traffic-share-across-interface
Syntax
traffic-share-across-interface
undo traffic-share-across-interface
View
RIP view
Parameter
None
2-21
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 2 RIP Configuration Commands
Description
Use the traffic-share-across-interface command to enable traffic sharing across
RIP interfaces, so as to distribute traffic evenly over equal-cost routes across the
interfaces on a router.
Use the undo traffic-share-across-interface command to cancel traffic sharing.
By default, traffic sharing across RIP interfaces is disabled.
Example
# Enable traffic sharing across RIP interfaces.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rip
[3Com-rip] traffic-share-across-interface
2-22
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Chapter 3 OSPF Configuration Commands
Note:
The words “router” covered in the following text represent routers in common sense
and Ethernet switches running a routing protocol. To improve readability, this will not
be mentioned again in this manual.
3.1 OSPF Configuration Commands
3.1.1 abr-summary
Syntax
abr-summary ip-address mask [ advertise | not-advertise ]
undo abr-summary ip-address mask
View
OSPF Area view
Parameter
ip-address: Network segment address.
mask: Network mask.
advertise: Specifies to advertise the aggregated route that match a specific IP
address and mask.
not-advertise: Specifies not to advertise the aggregated route that match a specific
IP address and mask.
Description
Use the abr-summary command to enable route aggregation on an area border
router (ABR).
Use the undo abr-summary command to disable route aggregation on an ABR.
By default, an ABR does not aggregate routes.
This command is applicable to ABRs only and is used for route aggregation in an area.
It allows the ABR to transmit an aggregated route to other areas.
Route aggregation means that routing information is processed by an ABR, which
transmits only one route to other areas for each network segment configured with
3-1
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
route aggregation. You can configure multiple aggregation routes in an area so that
OSPF can aggregate multiple network segments.
Example
# Aggregate the routes in the two network segments, 36.42.10.0 and 36.42.110.0, in
OSPF area 1 into one summary route 36.42.0.0 and transmit it to other areas.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] area 1
[3Com-ospf-1-area-0.0.0.1] network 36.42.10.0 0.0.0.255
[3Com-ospf-1-area-0.0.0.1] network 36.42.110.0 0.0.0.255
[3Com-ospf-1-area-0.0.0.1] abr-summary 36.42.0.0 255.255.0.0
3.1.2 area
Syntax
area area-id
undo area area-id
View
OSPF view
Parameter
area-id: ID of an OSPF area, which can be a decimal integer (ranging from 0 to
4294967295) or in the form of an IP address.
Description
Use the area command to enter OSPF area view.
Use the undo area command to cancel the specified area.
Example
# Enter OSPF area 0 view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] area 0
[3Com-ospf-1-area-0.0.0.0]
3-2
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
3.1.3 asbr-summary
Syntax
asbr-summary ip-address mask [ not-advertise | tag value ]
undo asbr-summary ip-address mask
View
OSPF view
Parameter
ip-address: IP address to be matched, in dotted decimal notation.
mask: IP address mask, in dotted decimal notation.
not-advertise: Specifies not to advertise the aggregated route matching the specified
IP address and mask. If this argument is not provided, the aggregated route will be
advertised.
tag value: Tag value, which is mainly used to control route advertisement via
route-policy. It ranges from 0 to 4294967295 and defaults to 1.
Description
Use the asbr-summary command to configure the aggregation of imported routes by
OSPF.
Use the undo asbr-summary command to cancel the aggregation.
By default, imported routes are not aggregated.
After the aggregation of imported routes is configured, if the local router is an
autonomous system border router (ASBR), this command aggregates the imported
Type-5 LSAs in the aggregation address range. If an NSSA is configured, this
command also aggregates the imported Type-7 LSAs in the summary address range.
If the local router acts as both an ABR and a transit router in the NSSA, this command
aggregates Type-5 LSAs transformed from Type-7 LSAs. If the router is not the router
in the NSSA, the aggregation is disabled.
Related command: display ospf asbr-summary.
Example
# Set aggregation of routes imported by the router 3Com.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] asbr-summary 10.2.0.0 255.255.0.0 not-advertise
3-3
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
3.1.4 authentication-mode
Syntax
authentication-mode { simple | md5 }
undo authentication-mode
View
OSPF Area view
Parameter
simple: Uses simple text authentication mode.
md5: Uses MD5 cipher text authentication mode.
Description
Use the authentication-mode command to configure one area of OSPF to support
the authentication attribute.
Use the undo authentication-mode command to cancel the authentication attribute
of this area.
By default, an area does not support authentication attribute.
All the routers in one area must use the same authentication mode (no authentication,
simple text authentication, or MD5 cipher text authentication). If the mode of
supporting authentication is configured, all routers on the same segment must use the
same authentication key.
Use the ospf authentication-mode simple command to configure a simple text
authentication key.
Use the ospf authentication-mode md5 command to configure the MD5 cipher text
authentication key if the area is configured to support MD5 cipher text authentication
mode.
Related command: ospf authentication-mode.
Example
# Enter area 0 view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] area 0
# Specify the OSPF area 0 to support MD5 cipher text authentication.
[3Com-ospf-1-area-0.0.0.0] authentication-mode md5
3-4
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
3.1.5 default cost
Syntax
default cost value
undo default cost
View
OSPF view
Parameter
value: Default routing cost of external route imported by OSPF, ranging from 0 to
16,777,214. By default, its value is 1.
Description
Use the default cost command to configure the default cost for OSPF to import
external routes.
Use the undo default cost command to restore the default routing cost of external
routes to its default value.
Since OSPF can import external routing information and propagate the information to
the entire autonomous system, routing cost of external routes can influence route
selection and calculation. Therefore, it is necessary to specify the default routing cost
for the protocol to import external routes.
Example
# Specify the default routing cost for OSPF to import external routes as 10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] default cost 10
3.1.6 default interval
Syntax
default interval seconds
undo default interval
View
OSPF view
3-5
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Parameter
seconds: Default interval, in seconds, of importing external routes. It ranges from 1 to
2147483647 and defaults to 1.
Description
Use the default interval command to configure the default interval for OSPF to
import external routes.
Use the undo default interval command to restore the default value of the default
interval of importing external routes.
OSPF can import external routing information and propagate it to the entire
autonomous system. However, importing routes too often greatly affects the
performance of the device. Therefore, it is necessary to specify the default interval for
the protocol to import external routes.
Example
# Specify the default interval for OSPF to import external routes as 10 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] default interval 10
3.1.7 default limit
Syntax
default limit routes
undo default limit
View
OSPF view
Parameter
routes: Default limit on the number of external routes imported in a unit time. It ranges
from 200 to 2147483647 and defaults to1000.
Description
Use the default limit command to configure the default limit on the number of routes
imported by OSPF in a unit time.
Use the undo default limit command to restore the default value.
OSPF can import external routing information and advertise them to the whole AS.
Importing too many external routes at a time greatly affects the performance of the
3-6
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
device. Therefore, it is necessary to limit the number of external routes imported
during each import interval.
Related command: default interval.
Example
# Specify the default limit on the number of external routes imported by OSPF in each
import interval as 200.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] default limit 200
3.1.8 default tag
Syntax
default tag tag
undo default tag
View
OSPF view
Parameter
tag: Default tag, in the range of 0 to 4,294,967,295, which is 1 by default.
Description
Use the default tag command to configure the default tag of OSPF when it imports an
external route.
Use the undo default tag command to restore the default tag of OSPF when it
imports the external route.
When OSPF imports a route found by another routing protocol in the router and uses
it as the external routing information of its own autonomous system, some additional
parameters are required, including the default cost and the default tag of the route.
Related command: default type.
Example
# Set the default tag of OSPF imported external route of the autonomous system as
10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] default tag 10
3-7
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
3.1.9 default type
Syntax
default type { 1 | 2 }
undo default type
View
OSPF view
Parameter
type 1: External routes of type 1.
type 2: External routes of type 2.
Description
Use the default type command to configure the default type when OSPF imports
external routes.
Use the undo default type command to restore the default type when OSPF imports
external routes.
By default, the external routes of type 2 are imported.
OSPF specifies the two types of external routing information. You can use the
command described in this section to specify the default type when external routes
are imported.
Related command: default tag.
Example
# Configure OSPF to import external routes of type 1 by default.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] default type 1
3.1.10 default-cost
Syntax
default-cost value
undo default-cost
View
OSPF Area view
3-8
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Parameter
value: Cost value of the default route transmitted by OSPF to the STUB or NSSA area.
It ranges from 0 to 16,777,214 and defaults to 1.
Description
Use the default-cost command to configure the cost of the default route transmitted
by OSPF to the STUB or NSSA area.
Use the undo default-cost command to restore the default cost of the default route
transmitted by OSPF to the STUB or NSSA area.
This command only applies to an ABR in a STUB area or NSSA area.
To configure a STUB area, you need to use the stub and default-cost commands.
You must use the stub command on all the routers connected to a STUB area to
configure the area with the STUB attribute.
Use the default-cost command to configure the cost of the default route transmitted
by an ABR to the STUB area or NSSA area.
Related command: stub, nssa.
Example
# Set area 1 as the STUB area and the cost of the default route transmitted to this
STUB area to 60.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] area 1
[3Com-ospf-1-area-0.0.0.1] network 20.0.0.0 0.255.255.255
[3Com-ospf-1-area-0.0.0.1] stub
[3Com-ospf-1-area-0.0.0.1] default-cost 60
3.1.11 default-route-advertise
Syntax
default-route-advertise [ always | cost value | type type-value | route-policy
route-policy-name ]*
undo default-route-advertise [ always | cost | type | route-policy ]*
View
OSPF view
3-9
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Parameter
always: Generates an ase lsa describing the default route and advertises it if the local
router is not configured with the default route. If this keyword is not provided, the local
router must be configured with the default route before it can import the ase lsa, which
generates the default route.
cost value: Specifies the cost value of this ase lsa. The value of value ranges from 0
to 16777214 and defaults to 1.
type type-value: Specifies the cost type of this ase lsa. The value of type-value
ranges from 1 to 2 and defaults 2.
route-policy route-policy-name: If the default route matches the route-policy
specified by route-policy-name, the route-policy will affect the value in ase lsa. The
route-policy-name argument is a string of 1 to 19 characters.
Description
Use the default-route-advertise command to import the default route to OSPF route
area.
Use the undo default-route-advertise command to cancel the import of the default
route.
By default, OSPF does not import the default route.
The import-route command cannot import the default route. To import the default
route to the route area, the default-route-advertise command must be used. If the
local router is not configured with the default route, the keyword always should be
specified so that ase lsa of the default route is generated.
Related command: import-route.
Example
# The ase lsa of the default route is generated only if the local router has the default
route.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] default-route-advertise
# The ase lsa of default route will be generated and advertised to OSPF route area
even the local router has no default route.
[3Com-ospf-1] default-route-advertise always
3-10
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
3.1.12 display ospf abr-asbr
Syntax
display ospf [ process-id ] abr-asbr
View
Any view
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
Description
Use the display ospf abr-asbr command to display the information about the ABR
and ASBR of OSPF.
Example
# Display the information about the OSPF ABRs and ASBRs.
<3Com> display ospf abr-asbr
OSPF Process 1 with Router ID 1.1.1.1
Routing Table to ABR and ASBR
I = Intra i = Inter A = ASBR B = ABR
S = SumASBR
Destination
Area
Cost
Nexthop
Interface
IA 2.2.2.2
0.0.0.0
10
10.153.17.89
Vlan-interface1
Table 3-1 Description on the fields of the display ospf abr-asbr command
Field
Description
Destination
Router ID of the ABR or ASBR
Area
Area where the router is connected to the
ASBR
Cost
Routing overhead value of the route
Nexthop
Nexthop address to the destination
Interface
Local output interface
3.1.13 display ospf asbr-summary
Syntax
display ospf [ process-id ] asbr-summary [ ip-address mask ]
3-11
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
View
Any view
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
ip-address: Matched IP address, in dotted decimal notation.
mask: IP address mask, in dotted decimal notation.
Description
Use the display ospf asbr-summary command to display the summary information
of OSPF imported route.
If you do not specify an IP address or mask, the summary information of all OSPF
imported routes will be displayed.
Related command: asbr-summary .
Example
# Display the summary information of all OSPF imported routes.
<3Com> display ospf asbr-summary
OSPF Process 1 with Router ID 10.1.1.1
Summary Addresses
Total summary address count:
2
Summary Address
net
: 168.10.0.0
mask
: 255.254.0.0
tag
: 1
status
: Advertise
The Count of Route is 0
Summary Address
net
: 1.1.0.0
mask
: 255.255.0.0
tag
: 100
status
: DoNotAdvertise
The Count of Route is 0
3-12
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Table 3-2 Description on the fields of the display ospf asbr-summary command.
Field
Description
net
Destination network segment
mask
Mask
tag
Tag
Status information, which takes one of the following two values:
status
DoNotAdv
ertise
The summary routing information to the network
segment will not be advertised.
Advertise
The summary routing information to the network
segment will be advertised.
3.1.14 display ospf brief
Syntax
display ospf [ process-id ] brief
View
Any view
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
Description
Use the display ospf brief command to display brief OSPF information.
Example
# Display brief OSPF information.
<3Com> display ospf brief
OSPF Process 1 with Router ID 10.1.1.1
OSPF Protocol Information
RouterID: 10.1.1.1
Spf-schedule-interval: 5
Routing preference: Inter/Intra: 10 External: 150
Default ASE parameters: Metric: 1 Tag: 1 Type: 2
SPF computation count: 163
Area Count: 1
Nssa Area Count: 0
3-13
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Area 0.0.0.0:
Authtype: none
Flags: <>
SPF scheduled:
Interface: 110.1.1.1 (Vlan-interface110)
Cost: 11 State: DR
Type: Broadcast
Priority: 11
Designated Router: 110.1.1.1
Backup Designated Router: 110.1.1.2
Timers: Hello 10, Dead 40, Poll 40, Retransmit 5, Transmit Delay 1
Table 3-3 Description on the fields of the display ospf brief command
Field
Description
RouterID
Router ID of the router
Border Router
Border routers for connection to the area, including ASBRs
and ABRs
spf-schedule-interval
Interval of SPF schedule
Authtype
Authentication type of OSPF
Routing preference
Routing preference of OSPF. The internal route of OSPF
includes intra/inter area route, and its default routing
preference is 10, while that of the external route of OSPF is
150 by default
Default
parameters
Default ASE parameters of OSPF, including metric, type
and tag
SPF
count
ASE
computation
SPF computation count since OSPF is enabled
Area Count
Areas for connection to this router
Nssa Area Count
Number of NSSA areas
SPF scheduled
SPF scheduled (flag)
Interface
Name of interface belonging to this area
Cost
Cost of routes
State
State information
Type
Network type of OSPF interface/the first type refers to the
type of the imported external route
Priority
Priority
Designated Router
IP address of designated router (DR)
Backup
Router
IP address of backup designated router (BDR)
Designated
3-14
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Field
Description
OSPF timers, defined as follows:
Timers
Transmit Delay
Hello
Interval of hello packet
Dead
Interval of dead neighbors
Poll
Interval of poll
Retransmit
Interval of retransmitting LSA
Delay time of transmitting LSA
3.1.15 display ospf cumulative
Syntax
display ospf [ process-id ] cumulative
View
Any view
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
Description
Use the display ospf cumulative command to display cumulative OSPF statistics.
Example
# Display cumulative OSPF statistics.
<3Com> display ospf cumulative
OSPF Process 1 with Router ID 10.1.1.1
Cumulations
IO Statistics
Type
Input
Output
Hello
6271
9241
DB Description
9659
9915
Link-State Req
419
1426
Link-State Update
30190
51723
Link-State Ack
13642
22262
ASE: 6231 Checksum Sum: C3D40E0
LSAs originated by this router
Router: 141
Net: 5
3-15
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
LSAs Originated: 146
Chapter 3 OSPF Configuration Commands
LSAs Received: 161905
Area 0.0.0.0:
Neighbors: 4
Spf: 163
Interfaces: 5
Checksum Sum 3C60A5F8
rtr: 105 net: 187 sumasb: 0 sumnet: 30500
Routing Table:
Intra Area: 8
Inter Area: 0
ASE: 5
Table 3-4 Description on the fields of the display ospf cumulative command
Field
IO Statistics
Description
Type
Type of input/output OSPF packet
Input
Number of received packets
Output
Number of transmitted packets
ASE
Number of all ASE LSAs
checksum sum
Checksum of ASE LSA
LSAs
originated
Number of originated LSAs
received
Number of received LSAs generated by other
routers
Router
Number of all Router LSAs
SumNet
Number of all Sumnet LSAs
SumASB
Number of all SumASB LSAs
Area
Routing Table
Neighbors
Number of neighbors in this area
Interfaces
Number of interfaces in this area
Spf
Number of SPF computation count in this area
rtr, net, sumasb,
sumnet
Number of all LSAs in this area
Intra Area
Number of intra-area routes
Inter Area
Number of inter-area routes
ASE
Number of external routes
3.1.16 display ospf error
Syntax
display ospf [ process-id ] error
3-16
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
View
Any view
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
Description
Use the display ospf error command to display OSPF error information.
Example
# Display the OSPF error information.
<3Com> display ospf error
OSPF Process 1 with Router ID 1.1.1.1
OSPF packet error statistics:
0: IP: received my own packet
0: OSPF: wrong packet type
0: OSPF: wrong version
0: OSPF: wrong checksum
0: OSPF: wrong area id
0: OSPF: area mismatch
0: OSPF: wrong virtual link
0: OSPF: wrong authentication type
0: OSPF: wrong authentication key
0: OSPF: too small packet
0: OSPF: packet size > ip length
0: OSPF: transmit error
0: OSPF: interface down
0: OSPF: unknown neighbor
0: HELLO: netmask mismatch
0: HELLO: hello timer mismatch
0: HELLO: dead timer mismatch
0: HELLO: extern option mismatch
0: HELLO: router id confusion
0: HELLO: virtual neighbor unknown
0: HELLO: NBMA neighbor unknown
0: DD: neighbor state low
0: DD: router id confusion
0: DD: extern option mismatch
0: DD: unknown LSA type
0: LS ACK: neighbor state low
0: LS ACK: wrong ack
0: LS ACK: duplicate ack
0: LS ACK: unknown LSA type
0: LS REQ: neighbor state low
0: LS REQ: empty request
0: LS REQ: wrong request
0: LS UPD: neighbor state low
0: LS UPD: newer self-generate LSA
0: LS UPD: LSA checksum wrong
0: LS UPD: received less recent LSA
0: LS UPD: unknown LSA type
0: OSPF routing: next hop not exist
0: DD: MTU option mismatch
0: ROUTETYPE: wrong type value
0: LS UPD: LSA length wrong
Table 3-5 Description on the fields of the display ospf error command
Field
Description
IP: received my own packet
Received my own packet
OSPF: wrong packet type
OSPF packet type error
3-17
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Field
Description
OSPF: wrong version
OSPF version error
OSPF: wrong checksum
OSPF checksum error
OSPF: wrong area id
OSPF area ID error
OSPF: area mismatch
OSPF area mismatch
OSPF: wrong virtual link
OSPF virtual link error
OSPF: wrong authentication
type
OSPF authentication type error
OSPF: wrong authentication
key
OSPF authentication key error
OSPF: too small packet
OSPF packet too small
OSPF: packet size > ip length
OSPF packet size exceeds IP packet length
OSPF: transmit error
OSPF transmission error
OSPF: interface down
OSPF interface is down, unavailable
OSPF: unknown neighbor
OSPF neighbors are unknown
HELLO: netmask mismatch
Network mask mismatch
HELLO: hello timer mismatch
Interval of HELLO packet is mismatched
HELLO: dead timer mismatch
Interval of dead neighbor packet is mismatched
HELLO:
mismatch
Extern option of Hello packet is mismatched
extern
option
HELLO: router id confusion
Hello packet: Router ID confusion
HELLO:
unknown
virtual
neighbor
Hello packet: unknown virtual neighbor
HELLO:
unknown
NBMA
neighbor
Hello packet: unknown NBMA neighbor
DD: neighbor state low
Database description (DD) packet: asynchronous
neighbor state
DD: unknown LSA type
DD packet: unknown LSA type
DD: router id confusion
DD packet: router id unidentifiable
DD: extern option mismatch
DD packet: external route flag error
LS ACK: neighbor state low
Link state acknowledgment (LS ACK) packet:
asynchronous neighbor state
LS ACK: wrong ack
Link state acknowledgment packet: ack error
LS ACK: duplicate ack
Link state acknowledgment packet: ack duplication
LS ACK: unknown LSA type
Link state acknowledgment packet: unknown LSA
type
3-18
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Field
Description
LS REQ: neighbor state low
Link state request (LS REQ) packet: asynchronous
neighbor state
LS REQ: empty request
Link state request packet: empty request
LS REQ: wrong request
Link state request packet: erroneous request
LS UPD: neighbor state low
Link state update packet: asynchronous neighbor
state
LS UPD: newer self-generate
LSA
Link state update packet: newer LSA generated by
itself
LS UPD: LSA checksum wrong
Link state update packet: LSA checksum error
LS UPD:received less recent
LSA
Link state update packet: received less recent LSA
LS UPD: unknown LSA type
Link state update packet: unknown LSA type
LS UPD: LSA length wrong
Link state update packet: LSA length error
OSPF routing: next hop not
exist
Next hop of OSPF routing does not exist
DD: MTU option mismatch
MTU option of DD packet is mismatched
ROUTETYPE:
value
wrong
type
Route type: the value of the type is wrong
3.1.17 display ospf interface
Syntax
display ospf [ process-id ] interface [ interface-type interface-number | verbose ]
View
Any view
Parameter
process-id: OSPF Process ID. If you do not specify a process ID, this command
applies to all current OSPF processes.
interface-type interface-number: Interface type and interface number.
verbose: Specifies to display the detailed information about the specified OSPF
interface.
3-19
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Description
Use the display ospf interface command to display the OSPF interface information.
If the verbose keyword is provided, the detailed information about the OSPF interface
is displayed.
Example
# Display the OSPF interface information of Vlan-interface1.
<3Com> display ospf interface vlan-interface 1
OSPF Process 1 with Router ID 1.1.1.1
Interfaces
Interface: 10.110.10.2 (Vlan-interface1)
Cost: 1 State: BackupDR
Type: Broadcast
Priority: 1
Designated Router: 10.110.10.1
Backup Designated Router: 10.110.10.2
Timers: Hello 10, Dead 40, Poll 10, Retransmit 5, Transmit Delay 1
# Display the detailed information about the OSPF interface.
<3Com>display ospf interface verbose
OSPF Process 1 with Router ID 192.168.0.68
Interfaces
Area: 0.0.0.0
Vlan-interface1 is up, line protocol is up
Internet Address is 192.168.0.68/24
Network Type: Bcast, Cost: 10
State: BackupDR, Priority: 1
Designated Router: 192.168.0.35
Backup Designated Router: 192.168.0.68
Timers: Hello 10, Dead 40, Poll 40, Retransmit 5, Transmit Delay 1
Area: 0.0.0.2
Vlan-interface200 is up, line protocol is up
Internet Address is 200.1.1.68/24
Network Type: Bcast, Cost: 10
State: DR, Priority: 1
Designated Router: 200.1.1.68
Backup Designated Router: 200.1.1.35
Timers: Hello 10, Dead 40, Poll 40, Retransmit 5, Transmit Delay 1
3-20
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Table 3-6 Description on the fields of the display ospf interface command
Field
Description
Cost
Cost of the interface
State
State of the interface state machine
Type
Network type of OSPF
Priority
Priority of DR for interface election
Designated
Router
DR on the network in which the
interface resides
Backup
Designated
Router
BDR on the network in which the
interface resides
OSPF timers, defined as follows:
Timers
Transmit Delay
Hell
o
Interval
packet
of
hello
Dea
d
Interval of
neighbors
dead
Poll
Interval of poll
Retr
ans
mit
Interval
of
retransmitting LSA
Delay time of transmitting LSA
3.1.18 display ospf lsdb
Syntax
display ospf [ process-id [ area-id ] ] lsdb [ brief | [ asbr | ase | network | nssa |
router | summary ] [ ip-address | verbose ] [ originate-router ip-address |
self-originate ] ]
View
Any view
Parameter
process-id: OSPF Process ID. If you do not specify a process ID, this command
applies to all current OSPF processes.
area-id: OSPF area ID, which can be a decimal integer (ranging from 0 to
4294967295) or in the form of an IP address.
brief: Displays brief statistics information about the link state database (LSDB).
3-21
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
asbr: Displays the brief information about Type-4 LSAs (summary-Asbr-LSAs)
advertised by ASBR routers in the LSDB.
ase: Displays the brief information about the Type-5 LSAs (AS-external-LSAs) in the
LSDB. This argument is unavailable if you have provided a value for area-id.
network: Displays the brief information about the Type-2 LSAs (network-LSAs) in the
LSDB.
nssa: Displays the brief information about the Type-7 LSAs (NSSA-external-LSAs) in
the LSDB.
router: Displays the brief information about the Type-1 LSAs (router-LSAs) in the
LSDB.
summary: Displays the brief information about the Type-3 LSAs (summary-net-LSAs)
in the LSDB.
ip-address: Link state identifier (in the form of an IP address).
verbose: Displays the detailed information about LSAs in the LSDB.
originate-router ip-address: Specifies the IP address of the router advertising the
LSAs.
self-originate: Displays the database information about the LSAs generated by the
local router (self-originate LSAs).
Description
Use the display ospf lsdb command to display the information about OSPF link state
database (LSDB). If the verbose keyword is provided, the detailed information about
the LSAs of the specific type in the OSPF LSDB is displayed.
Example
# Display the information about OSPF LSDB.
<3Com> display ospf lsdb
OSPF Process 1 with Router ID 1.1.1.1
Link State Database
Area: 0.0.0.0
Type LinkState ID
AdvRouter
Age Len
Sequence
Metric Where
Rtr
2.2.2.2
2.2.2.2
465 36
8000000c
0 SpfTree
Rtr
1.1.1.1
1.1.1.1
449 36
80000004
0 SpfTree
Net
10.153.17.89
2.2.2.2
465 32
80000004
0 SpfTree
1.1.1.1
355 28
80000003
SNet 10.153.18.0
10 Inter List
Area: 0.0.0.1
Type LinkState ID
AdvRouter
Age Len
Sequence
Rtr
1.1.1.1
1.1.1.1
449 36
80000004
0
SpfTree
Rtr
3.3.3.3
3.3.3.3
429 36
8000000a
0
Clist
Net
10.153.18.89
3.3.3.3
429 32
80000003
0
SpfTree
3-22
Metric Where
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
SNet 10.153.17.0
1.1.1.1
355 28
80000003
10 Inter List
ASB
1.1.1.1
355 28
80000003
10 SumAsb List
2.2.2.2
AS External Database:
Type LinkState ID
AdvRouter
Age Len
Sequence
Metric Where
ASE
10.153.18.0
1.1.1.1
1006 36
ASE
10.153.16.0
2.2.2.2
798 36
80000002
1 Uninitialized
ASE
10.153.17.0
2.2.2.2
623 36
80000003
1 Uninitialized
ASE
10.153.17.0
1.1.1.1
1188 36
80000002
80000002
1
1
Ase List
Ase List
Table 3-7 Description on the fields of the display ospf lsdb command
Field
Description
Type
Type of the LSA
LinkStateID
Link state ID of the LSA
AdvRouter
Router ID of the router that
advertises the LSA
Age
Age of the LSA
Len
Length of the LSA
Sequence
Sequence number of the
LSA
Metric
Cost from the router that
advertises the LSA to LSA
destination
Where
Location of the LSA
<3Com> display ospf lsdb ase
OSPF Process 1 with Router ID 1.1.1.1
Link State Data Base
type: ASE
ls id :
2.2.0.0
adv rtr: 1.1.1.1
ls age:
349
len: 36
seq#:
chksum:
80000001
0xfcaf
Options: (DC)
Net mask:255.255.0.0
Tos 0 metric: 1
E type : 2
Forwarding Address: 0.0.0.0
Tag: 1
3-23
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Table 3-8 Description on the fields of the display ospf lsdb ase command
Field
Description
type
Type of the LSA
ls id
Link state ID of the LSA
adv rtr
Router ID of the router that
advertises the LSA
ls age
Age of the LSA
len
Length of the LSA
seq#
Sequence number of the
LSA
chksum
Checksum of the LSA
Options
Options of the LSA
Net mask
Network mask
E type
Type of external route
Forwarding Address
Forwarding address
Tag
Tag
3.1.19 display ospf nexthop
Syntax
display ospf [ process-id ] nexthop
View
Any view
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
Description
Use the display ospf nexthop command to display the OSPF next-hop information.
Example
# Display the OSPF next-hop information.
<3Com> display ospf nexthop
OSPF Process 1 with Router ID 2.2.2.2
3-24
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Next hops:
Address
Type
Refcount
Intf Addr
Intf Name
--------------------------------------------------------------202.38.160.1
Direct
3
202.38.160.1
Vlan-interface2
202.38.160.2
Neighbor 1
202.38.160.1
Vlan-interface2
Table 3-9 Description on the fields of the display ospf nexthop command
Field
Description
Address
Address of next hop
Type
Type of next hop
Refcount
Reference count of the next hop, namely, number of routes
using the next hop
Intf Addr
IP address of the interface to the next hop
Intf Name
Interface to the next hop
nexthop
Next hop
3.1.20 display ospf peer
Syntax
display ospf [ process-id ] peer [ brief | statistics ]
View
Any view
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
Description
Use the display ospf peer command to display the information about OSPF peer.
Use the display ospf peer brief command to display the brief information, including
router ID, interface, and state, about every OSPF peer.
Use the display ospf peer statistics command to display the statistics of every
OSPF peer, namely, the number of peers in various states in every area.
Example
# Display the information about OSPF peer.
<3Com> display ospf peer
OSPF Process 1 with Router ID 1.1.1.1
3-25
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Neighbors
Area 0.0.0.0 interface 10.153.17.88(Vlan-interface1)'s neighbor(s)
RouterID: 2.2.2.2
State: Full
Address: 10.153.17.89
Mode: Nbr is Master
DR: 10.153.17.89
Priority: 1
BDR: 10.153.17.88
Dead timer expires in 31s
Neighbor has been up for 01:14:14
Table 3-10 Description on the fields of the display ospf peer command
Field
Description
RouterID
Router ID of neighbor router
Address
Address of the interface, through which neighbor router
communicates with the router
State
State of adjacency relation
Mode
Master/Slave mode formed by negotiation in exchanging
DD packet
Priority
Priority of DR/BDR for neighbor election
DR
IP address of the interface of elected DR
BDR
IP address of the interface of elected BDR
Dead timer expires in
31s
If no hello packet is received from the peer within this
interval, the peer will be considered to be invalid.
Neighbor has been up
for 01:14:14
Time of neighbor connection
# Display OSPF peer statistics.
<3Com> display ospf peer statistics
OSPF Process 1 with Router ID 1.1.1.1
Neighbor Statistics
Area ID
Down Attempt Init 2-Way ExStart Exchange Loading Full Total
0.0.0.0
0
0
0
0
0
0
0
1
1
0.0.0.1
0
0
0
0
0
0
0
1
1
Total
0
0
0
0
0
0
0
2
2
Table 3-11 Description on the fields of the display ospf peer statistics command
Field
Description
Area ID
Area ID
Down
Initial state for OSPF to establish neighbor relation, which
indicates that OSPF router does not receive the message from
a certain neighbor router within a period of time
3-26
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Field
Description
Attempt
It is enabled in an NBMA environment, such as Frame Relay,
X.25 or ATM. It indicates that OSPF router does not receive the
message from a certain neighbor router within a period of time,
but still attempts to send Hello packet to the adjacent routers for
their communications with a lower frequency.
Init
It indicates that OSPF router has received Hello packet from a
neighbor router, but its IP address is not contained in the Hello
packet. Therefore, a two-way communication between them
has not been established.
2-Way
It indicates that a two-way communication between OSPF
router and neighbor router has been established. DR and BDR
can be selected in this state (or higher state).
ExStart
In this state, the router determines the sequence number of
initial database description (DD) packet used for data
exchange, so that it can obtain the latest link state information
Exchange
It indicates that OSPF router sends DD packet to its neighbor
routers to exchange link state information
Loading
In this state, OSPF router requests neighbor routers based on
the updated link state information from neighbor routers and its
expired information, and waits for response from neighbor
routers
Full
It indicates that database synchronization between the routers
that have established neighbor relation has been completed,
and their link state databases have been consistent
3.1.21 display ospf request-queue
Syntax
display ospf [ process-id ] request-queue
View
Any view
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
Description
Use the display ospf request-queue command to display the information about the
OSPF request-queue.
3-27
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Example
# Display the information about the OSPF request-queue.
<3Com> display ospf request-queue
OSPF Process 1 with Router ID 1.1.1.1
Request List
The Router's Neighbor is
RouterID:
10.1.1.1
Address: 120.1.1.1
Interface: 120.1.1.2
Area: 0.0.0.0
Request list:
LSID:151.14.83.0
AdvRouter:5.4.0.0
Sequence:8000002a
Age:545
LSID:151.10.91.0
AdvRouter:5.4.0.0
Sequence:8000002a
Age:545
Table 3-12 Description on the fields of the display ospf request-queue command
Field
Description
RouterID
Router ID of neighbor router
Address
Address of the interface, through which neighbor routers
communicate with the router
Interface
Address of the interface on the network segment
Area
Area number of OSPF
LSID
Link State ID of the LSA
AdvRouter
Router ID of the router that advertised the LSA
Sequence
Sequence number of the LSA, used to discover old and
repeated LSAs
Age
Age of the LSA
3.1.22 display ospf retrans-queue
Syntax
display ospf [ process-id ] retrans-queue
View
Any view
Parameter
process-id: OSPF Process ID. If you do not specify a process ID, this command
applies to all current OSPF processes.
3-28
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Description
Use the display ospf retrans-queue command to display the information about the
OSPF retransmission queue.
Example
# Display the information about the OSPF retransmission queue.
<3Com> display ospf retrans-queue
OSPF Process 200 with Router ID 103.160.1.1
Retransmit List
The Router's Neighbors is
RouterID: 162.162.162.162 Address: 103.169.2.2
Interface: 103.169.2.5
Area: 0.0.0.1
Retrans list:
Type: ASE
LSID:129.11.77.0
Type: ASE
LSID:129.11.108.0
AdvRouter:103.160.1.1
AdvRouter:103.160.1.1
Table 3-13 Description on the fields of the display ospf retrans-queue command
Field
Description
RouterID
Router ID of neighbor router
Address
Address of the interface, through which neighbor routers
communicate with the router
Interface
Address of the interface on the network segment
Area
Area number of OSPF
Type
Type of the LSA
LSID
Link State ID of the LSA
AdvRouter
Router ID of the router that advertises the LSA
3.1.23 display ospf routing
Syntax
display ospf [ process-id ] routing
View
Any view
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
3-29
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Description
Use the display ospf routing command to display the information about OSPF
routing table.
Example
# Display OSPF routing information.
<3Com> display ospf routing
OSPF Process 1 with Router ID 1.1.1.1
Routing Tables
Routing for Network
Destination
Cost Type NextHop
10.110.0.0/16
1
Net
10.10.0.0/16
1
Stub 10.10.0.1
AdvRouter
10.110.10.1
1.1.1.1
0.0.0.0
3.3.3.3
0.0.0.0
Total Nets: 2
Intra Area: 2
Inter Area: 0
ASE: 0
NSSA: 0
Table 3-14 Description on the fields of the display ospf routing command
Field
Description
Destination
Destination network segment
Cost
Cost of route
Type
Type of route
NextHop
Next hop of route
AdvRouter
ID of the router that advertises the route
Area
Area ID
Intra Area
Number of intra-area routes
Inter Area
Number of inter-area routes
ASE
Number of external routes
NSSA
Number of NSSA routes
3.1.24 display ospf vlink
Syntax
display ospf [ process-id ] vlink
View
Any view
3-30
Area
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
Description
Use the display ospf vlink command to display the information about OSPF virtual
links.
Example
# Display OSPF virtual link information.
<3Com> display ospf vlink
OSPF Process 1 with Router ID 1.1.1.1
Virtual Links
Virtual-link Neighbor-id
Cost: 0 State: Full
-> 2.2.2.2, State: Full
Type: Virtual
Transit Area: 0.0.0.2
Timers: Hello 10, Dead 40, Poll 0, Retransmit 5, Transmit Delay 1
Table 3-15 Description on the fields of the display ospf vlink command
Field
Description
Virtual-link
Neighbor-id
Router ID of virtual-link neighbor router
State
State
Interface
IP address of the interface on the virtual link
Cost
Route cost of the interface
Type
Type: virtual link
Transit Area
ID of transit area that the virtual link passes, and it cannot be
backbone area, STUB area, or NSSA area
OSPF timers, defined as follows:
Timers
Transmit Delay
Hello
Interval of hello packet
Dead
Interval of dead neighbors
Poll
Interval of poll
Retransmit
Interval of retransmitting LSA
Delay time of transmitting LSA
3-31
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
3.1.25 filter-policy export
Syntax
filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol ]
undo filter-policy { acl-number | ip-prefix ip-prefix-name} export [ protocol ]
View
OSPF view
Parameter
acl-number: Basic or advanced ACL number, in the range of 2,000 to 3,999.
ip-prefix-name: Name of the address prefix list, containing 1 to 19 characters.
protocol: Routing protocol advertising the routing information. At present, it can be
direct, rip, bgp, isis or static.
Description
Use the filter-policy export command to enable the ASBR routers to filter the
external routes imported to OSPF. This command is applicable only to ASBR routers
Use the undo filter-policy export command to cancel the filtering rule configured.
By default, OSPF does not receive routes advertised by the other routing protocols.
Note:
z
The filter-policy export command take effect on only the routes imported to the
local device through the import-route command. If the filter-policy export
command is configured while the import-route command is not configured to
import other external routes (including OSPF routes in different processes), the
filter-policy export command does not take effect.
z
If the protocol argument is not specified in the filter-policy export command, this
command takes effect on all the routes imported to the local device through the
import-route command.
Related command: acl, ip ip-prefix.
Example
# Configure OSPF to advertise only the routing information permitted by acl 2000.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] acl number 2000
[3Com-acl-basic-2000] rule permit source 11.0.0.0
3-32
0.255.255.255
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
[3Com-acl-basic-2000] rule deny source any
[3Com-ospf-1] filter-policy 2000 export
3.1.26 filter-policy import
Syntax
filter-policy { acl-number | ip-prefix ip-prefix-name | gateway prefix-list-name }
import
undo filter-policy { acl-number | ip-prefix ip-prefix-name | gateway ip-prefix-name }
import
View
OSPF view
Parameter
acl-number: Basic or advanced Access control list used for filtering the destination
addresses of the routing information.
ip-prefix-name: Name of the address prefix list used for filtering the destination
addresses of the routing information, containing 1 to 19 characters.
gateway ip-prefix-name: Specifies the name of the address prefix list used for filtering
the addresses of the neighbor routers advertising the routing information.
Description
Use the filter-policy import command to configure the OSPF rules for filtering the
routing information received.
Use the undo filter-policy import command to cancel the filtering of the routing
information received.
By default, no filtering of the received routing information is performed.
In some cases, it may be required that only the routing information meeting some
conditions can be received. You can use the filter-policy command to set the filtering
conditions for the routing information to be received. Only the routing information
passing the filter can be received.
The filter-policy import command filters the routes calculated by OSPF. Only the
routes passing the filter can be added to the routing table. The routes can be filtered
based on next hop and destination address.
OSPF is a dynamic routing protocol based on link state, with routing information
hidden in LSAs. Therefore, OSPF cannot filter any advertised or received LSA. This
command is used much less in OSPF than in distance-vector routing protocols.
3-33
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Example
# Filter the received routing information according to the rule defined by ACL 2000.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] acl number 2000
[3Com-acl-basic-2000] rule permit source 20.0.0.0
0.255.255.255
[3Com-acl-basic-2000] rule deny source any
[3Com-ospf-1] filter-policy 2000 import
3.1.27 import-route
Syntax
import-route protocol [ process-id ] [ cost value | type value | tag value |
route-policy route-policy-name ]*
undo import-route protocol [ process-id ]
View
OSPF view
Parameter
protocol: Source routing protocol whose routes will be imported. At present, it can be
direct, rip, bgp, isis, static, ospf, ospf-ase and ospf-nssa.
process-id: Specifies to import OSPF.
cost value: Specifies the cost of imported external routes, in the range of 0 to
16,777,214.
type value: Specifies the cost type of imported external routes. The value ranges from
1 to 2.
tag value: Specifies the tag of imported external routes.
route-policy route-policy-name: Imports only the routes matching the specified
route-policy. The route-policy-name argument is a string of 1 to 19 characters.
Description
Use the import-route command to import external routes.
Use the undo import-route command to cancel the importing of external routes.
3-34
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Note:
You are recommended to configure the route type, cost and tag together in one
command. When you configure them individually, the new configuration for an
attribute will overwrite the old configuration for the attribute.
By default, the routing information of other protocols is not imported.
Example
# Configure to import RIP routes as type-2 routes, with the route tag of 33 and the
route cost of 50.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] import-route rip type 2 tag 33 cost 50
3.1.28 network
Syntax
network ip-address ip-mask
undo network ip-address ip-mask
View
OSPF Area view
Parameter
ip-address: Address of the network segment where the interface resides.
ip-mask: IP address wildcard shielded text (similar to the complement of the IP
address mask).
Description
Use the network command to enable an interface to run the OSPF protocol.
Use the undo network command to disable an interface from running OSPF.
By default, the interface does not belong to any area.
To run OSPF on an interface, the master IP address of this interface must be in the
range of the network segment specified by this command. If only the slave IP address
of the interface is in the range of the network segment specified by this command, this
interface will not run OSPF.
Related command: ospf.
3-35
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Example
# Specify the interfaces whose master IP addresses are in the segment range of
10.110.36.0 to run OSPF and specify the number of the OSPF area (where these
interfaces reside) as 6.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] area 6
[3Com-ospf-1-area-0.0.0.6] network 10.110.36.0 0.0.0.255
3.1.29 nssa
Syntax
nssa [ default-route-advertise | no-import-route | no-summary ]*
undo nssa
View
OSPF Area view
Parameter
default-route-advertise: Imports the default route to the NSSA area.
no-import-route: Specifies not to import route to the NSSA area.
no-summary: An ABR is disabled from transmitting summary_net LSAs to the NSSA
area.
Description
Use the nssa command to configure an OSPF area as an NSSA area.
Use the undo nssa command to cancel the function.
By default, no NSSA area is configured.
For all the routers connected to the NSSA area, the nssa command must be used to
configure the area as the NSSA attribute.
The default-route-advertise argument is used to generate the default type-7 LSA.
No matter whether the route 0.0.0.0 exists in the routing table on the ABR, the type-7
LSA default route will always be generated. The type-7 LSA default route is generated
only when the route 0.0.0.0 exists in the routing table on the ASBR.
On the ASBR, if the no-import-route argument is provided, the external route
imported by OSPF with the import-route command will not be advertised to NSSA
area.
3-36
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Example
# Configure area 1 as NSSA area.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] area 1
[3Com-ospf-1-area-0.0.0.1] network 36.0.0.0 0.255.255.255
[3Com-ospf-1-area-0.0.0.1] nssa
3.1.30 ospf
Syntax
ospf [ process-id [ router-id router-id ] ]
undo ospf [ process-id ]
View
System view
Parameter
process-id: OSPF Process ID, ranging from 1 to 65535. By default, the process ID is 1.
process-id is locally significant.
router-id: Router ID used by an OSPF process, in dotted decimal notation.
Description
Use the ospf command to enable OSPF
Use the undo ospf command to disable OSPF
After OSPF is enabled, you can perform the related configuration in OSPF view.
By default, the system does not run OSPF.
Related command: network.
Example
# Enable OSPF.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] router id 10.110.1.8
[3Com] ospf
[3Com-ospf-1]
# Enable the running of the OSPF protocol with process ID specified as 120.
<3Com> system-view
3-37
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] router id 10.110.1.8
[3Com] ospf 120
[3Com-ospf-120]
3.1.31 ospf authentication-mode
Syntax
ospf authentication-mode { simple password | md5 key-id key }
undo ospf authentication-mode { simple | md5 }
View
Interface view
Parameter
simple password: Uses plain text authentication. The password argument is a string
of up to eight characters.
key-id: ID of the authentication key in MD5 authentication mode, ranging from 1 to
255.
key: MD5 authentication key. If it is input in a plain text form, MD5 key is a string of 1 to
16 characters. It is displayed in a cipher text form with 24 characters in length when
the display current-configuration command is executed. Inputting the MD5 key in a
cipher text form with 24 characters in length is also supported.
Description
Use the ospf authentication-mode command to configure the authentication mode
and key between adjacent routers.
Use the undo ospf authentication-mode command to cancel the authentication key
that has been set.
By default, the interface does not authenticate the OSPF packets.
The passwords for authentication keys of the routers on the same network segment
must be identical. In addition, you need to use the authentication-mode command to
set the authentication type of the area, so as to validate the configuration.
Related command: authentication-mode.
Example
# Configure area 1 where the network segment 131.119.0.0 of interface
Vlan-interface 10 resides to support MD5 cipher text authentication. Set the
authentication key identifier to 15 and the authentication key to 3Com.
<3Com> system-view
3-38
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] area 1
[3Com-ospf-1-area-0.0.0.1] network 131.119.0.0 0.0.255.255
[3Com-ospf-1-area-0.0.0.1] authentication-mode md5
[3Com-Vlan-interface10] ospf authentication-mode md5 15 3Com
3.1.32 ospf cost
Syntax
ospf cost value
undo ospf cost
View
Interface view
Parameter
value: Cost for running OSPF protocol, ranging from 1 to 65,535.
Description
Use the ospf cost command to configure the cost for running OSPF on the interface.
Use the undo ospf cost command to restore the default costs.
For the switch, the default cost for running OSPF protocol on a VLAN interface is 1.
Example
# Specify the cost spent when an interface runs OSPF as 33.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] ospf cost 33
3.1.33 ospf dr-priority
Syntax
ospf dr-priority dr-priority-value
undo ospf dr-priority
View
Interface view
3-39
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Parameter
dr-priority-value: Interface priority for electing the "designated router", ranging from 0
to 255. The default value is 1.
Description
Use the ospf dr-priority command to configure the priority for electing the
"designated router" on an interface.
Use the undo ospf dr-priority command to restore the default value.
The priority of the interface determines the qualification of the interface when the
"designated router" is elected. The interface with higher priority will be preferred when
the election conflict occurs.
Example
# Set the priority of the interface Vlan-interface 10 to 8 during DR election.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] ospf dr-priority 8
3.1.34 ospf mib-binding
Syntax
ospf mib-binding process-id
undo ospf mib-binding
View
System view
Parameter
process-id: OSPF Process ID. It ranges from 1 to 65535 and defaults to 1.
Description
Use the ospf mib-binding command to bind MIB operation to the specified OSPF
process.
Use the undo ospf mib-binding command to restore the default settings.
When OSPF enables the first process, OSPF always binds MIB operation to this
process. You can use this command to bind MIB operation to another OSPF process.
To cancel the binding, use the undo ospf mib-binding command. OSPF will
automatically re-bind MIB operation to the first process that it enables.
By default, MIB operation is bound to the OSPF process enabled first.
3-40
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Example
# Bind MIB operation to OSPF process 100.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf mib-binding 100
# Bind MIB operation to OSPF process 200.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf mib-binding 200
# Cancel the binding of MIB operation.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] undo ospf mib-binding
3.1.35 ospf mtu-enable
Syntax
ospf mtu-enable
undo ospf mtu-enable
View
Interface view
Parameter
None.
Description
Use the ospf mtu-enable command to enable the interface to write MTU value when
sending DD packets.
Use the undo ospf mtu-enable command to restore the default settings.
By default, the MTU value is 0 when sending DD packets. That is, the actual MTU
value of the interface is not written.
Database Description (DD) packets are used to describe its own LSDB when the
router running OSPF protocol is synchronizing the database.
The default MTU value of DD packet is 0. You can use this command to configure the
specified interface manually to write the MTU value area in DD packets when sending
DD packets. That is, the actual MTU value of the interface is written in.
3-41
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Example
# Configure interface Vlan-interface 3 to write MTU value area when sending DD
packets.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 3
[3Com-Vlan-interface3] ospf mtu-enable
3.1.36 ospf network-type
Syntax
ospf network-type { broadcast | nbma | p2mp | p2p }
undo ospf network-type
View
Interface view
Parameter
broadcast: Changes the interface network type to broadcast.
nbma: Changes the interface network type to NBMA.
p2mp: Changes the interface network type to point-to-multipoint.
p2p: Changes the interface network type to point-to-point.
Description
Use the ospf network-type command to configure the network type of OSPF
interface.
Use the undo ospf network-type command to restore the default network type of the
OSPF interface.
OSPF divides networks into four types based on link layer protocol:
z
Broadcast: If Ethernet or FDDI is adopted, OSPF defaults the network type to
broadcast.
z
Non-Broadcast Multi-access (nbma): If Frame Relay, ATM, HDLC or X.25 is
adopted, OSPF defaults the network type to NBMA.
z
Point-to-Multipoint (p2mp): OSPF will not default the network type of any link
layer protocol to p2mp. The general undertaking is to change a partially
connected NBMA network to p2mp network if the NBMA network is not
fully-meshed.
z
Point-to-point (p2p): If PPP, LAPB or POS is adopted, OSPF defaults the
network type to p2p.
3-42
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
If there is any router not supporting multicast addresses on a broadcast network, the
network type of the interface can be changed to NBMA. Alternatively, the network type
of the interface can be changed from NBMA to broadcast.
For a non-broadcast multi-accessible network to be of NBMA type, any two routers in
the network must be directly reachable to each other through a virtual circuit. In other
words, the network must be fully-meshed.
For a network not meeting this condition, the network type of the interface must be
changed to point-to-multipoint. In this way, routing information can be exchanged
between two routers not directly reachable to each other through another router that is
directly reachable to the two routers.
If only two routers run OSPF in the same network segment, the network type of the
interface can also be changed to point-to-point.
Note that you must use the peer command to configure the peer if the network type of
the interface is NBMA or manually changed to NBMA with the ospf network-type
command.
Related command: ospf dr-priority.
Example
# Set the interface Vlan-interface 10 to NBMA type.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] ospf network-type nbma
3.1.37 ospf timer dead
Syntax
ospf timer dead seconds
undo ospf timer dead
View
Interface view
Parameter
seconds: Dead interval of the OSPF neighbor. It is in seconds and ranges from 1 to
65535.
Description
Use the ospf timer dead command to configure the dead interval of the OSPF peer.
3-43
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Use the undo ospf timer dead command to restore the default value of the dead
interval of the peer.
By default, the dead interval is 40 seconds for the OSPF peers of p2p and broadcast
interfaces and is 120 seconds for those of p2mp and nbma interfaces.
The dead interval of OSPF peers means that, within this interval, if no Hello message
is received from the peer, the peer will be considered to be invalid. The value of dead
seconds should be at least four times of that of the Hello seconds. The dead seconds
for the routers on the same network segment must be identical.
Related command: ospf timer hello.
Example
# Set the peer dead interval on the interface Vlan-interface 10 to 80 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] ospf timer dead 80
3.1.38 ospf timer hello
Syntax
ospf timer hello seconds
undo ospf timer hello
View
Interface view
Parameter
seconds: Interval, in seconds, at which an interface transmits hello packet. It ranges
from 1 to 255.
Description
Use the ospf timer hello command to configure the interval for transmitting Hello
messages on an interface.
Use the undo ospf timer hello command to restore the interval to the default value.
By default, the interval is 10 seconds for an interface of p2p or broadcast type to
transmit Hello messages, and 30 seconds for an interface of p2mp or nbma type.
Related command: ospf timer dead.
3-44
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Example
# Configure the interval of transmitting Hello messages on the interface Vlan-interface
10 to 20 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] ospf timer hello 20
3.1.39 ospf timer poll
Syntax
ospf timer poll seconds
undo ospf timer poll
View
Interface view
Parameter
seconds: Poll Hello interval in seconds. It ranges from 1 to 65535 and defaults to 40.
Description
Use the ospf timer poll command to configure the poll Hello packet interval on NBMA
and p2mp network.
Use the undo ospf timer poll command to restore the default poll interval.
On an NBMA or p2mp network, if a neighbor becomes invalid, Hello packet will be
transmitted at the interval of poll seconds. You can configure the poll seconds to
specify how often the interface transmits Hello packet before it establishes adjacency
with the adjacent router. Poll seconds should be no less than 3 times of Hello.
Example
# Configure to transmit poll Hello packet through interface Vlan-interface 20 every 120
seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 20
[3Com-Vlan-interface20] ospf timer poll 120
3-45
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
3.1.40 ospf timer retransmit
Syntax
ospf timer retransmit interval
undo ospf timer retransmit
View
Interface view
Parameter
interval: Interval, in seconds, for retransmitting LSA on an interface. It ranges from 1 to
3600 and defaults to 5.
Description
Use the ospf timer retransmit command to configure the interval for LSA
retransmission on an interface.
Use the undo ospf timer retransmit command to restore the default interval value
for LSA retransmission on the interface.
If a router running OSPF transmits a "link state advertisement" (LSA) to the peer, it
needs to wait for the acknowledgement packet from the peer. If no acknowledgement
is received from the peer within the LSA retransmission interval, this LSA will be
retransmitted.
The LSA retransmit between adjacent routers should not be set too short; otherwise,
unexpected retransmission will occur (See RFC2328).
Example
# Specify the retransmit for LSA transmission between the interface Vlan-interface 10
and the adjacent routers to 12 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] ospf timer retransmit 12
3.1.41 ospf trans-delay
Syntax
ospf trans-delay seconds
undo ospf trans-delay
3-46
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
View
Interface view
Parameter
seconds: LSA transmission delay on an interface. It ranges from 1 to 3,600 and
defaults to 1 (in seconds).
Description
Use the ospf trans-delay command to configure the LSA transmission delay on an
interface.
Use the undo ospf trans-delay command to restore the default LSA transmission
delay on an interface.
LSA ages in the "link state database" (LSDB) of the router as time goes by (1 added
every second), but it does not age during network transmission. Therefore, it is
necessary to add a period of time set by this command to the aging time of LSA before
transmitting it.
Example
# Specify the trans-delay of transmitting LSA on the interface Vlan-interface 10 as 3
seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] ospf trans-delay 3
3.1.42 peer
Syntax
peer ip-address [ dr-priority dr-priority-value ]
undo peer ip-address
View
OSPF view
Parameter
ip-address: IP address of the peer.
dr-priority-value: Value of the corresponding priority of a neighbor in the NBMA
network. It ranges from 0 to 255 and defaults to 1.
3-47
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Description
Use the peer command to configure the IP address of the neighbor router and specify
DR priority on an NBMA network.
Use the undo peer command to cancel this configuration.
Example
# Configure the IP address of the neighbor router as 10.1.1.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] peer 10.1.1.1
3.1.43 preference
Syntax
preference [ ase ] value
undo preference [ ase ]
View
OSPF view
Parameter
value: OSPF protocol route preference, ranging from 1 to 255.
ase: Indicates the preference of an imported external route of the AS.
Description
Use the preference command to configure the preference of an OSPF protocol route.
Use the undo preference command to restore the default value of the OSPF protocol
route.
By default, the preference of an OSPF protocol internal route is 10 and the preference
of an external route is 150.
Because multiple dynamic routing protocols could be running on a router, there is the
problem of routing information sharing among routing protocols and selection.
Therefore, a default preference is specified for each routing protocol. When a route is
identified by different protocols, the protocol with the highest preference selected for
forwarding IP packets.
Example
# Specify the preference of an imported external route of the AS as 160.
<3Com> system-view
3-48
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] preference ase 160
3.1.44 protocol multicast-mac enable
Syntax
protocol multicast-mac enable
undo protocol multicast-mac enable
View
System view
Parameter
None
Description
Use the protocol multicast-mac enable command to enable protocol multicast MAC
address delivery. Use the undo protocol multicast-mac enable command to
disable protocol multicast MAC address delivery.
By default, protocol multicast MAC address delivery is enabled.
If OSPF is configured when Layer 2/Layer 3 multicast function is enabled in the
system, the system will multicast the broadcast routing protocol packets because the
broadcast MAC address and multicast MAC address used by the delivered OSPF
routing protocol are the same. This makes broadcast packets unable to reach the
destination host and adversely affects the running of the routing protocol.
You can disable the protocol multicast MAC address delivery function so that the
system correctly forwards OSPF multicast packets, thus ensuring the normal running
of the routing protocol.
Note:
z
Disable protocol multicast MAC address delivery (with the undo protocol
multicast-mac enable command) only if you are configuring OSPF with Layer
2/Layer 3 multicast function enabled in the system.
z
You do not need to disable protocol multicast MAC address delivery if the system
is enabled with OSPF only.
3-49
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Example
# Disable protocol multicast MAC address delivery in the system.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]undo protocol multicast-mac enable
3.1.45 reset ospf
Syntax
reset ospf [ statistics ] { all | process-id }
View
User view
Parameter
all: Resets all OSPF processes.
process-id: OSPF Process ID, ranging from 1 to 65535. If this argument is not
specified, all OSPF processes will be reset.
statistics: Resets OSPF statistics.
Description
Use the reset ospf all command to reset all OSPF processes.
Use the reset ospf process-id command to reset the specified OSPF process and
clear the statistics.
After you use this command to reset an OSPF process:
z
Invalid LSA is cleared immediately before LSA times out.
z
A new Router ID takes effect if the Router ID changes.
z
DR and BDR are re-elected conveniently.
z
OSPF configuration before the restart will not lose.
After this command is issued, the system will prompt you to confirm whether to
re-enable OSPF.
Example
# Reset all the OSPF processes.
<3Com> reset ospf all
# Reset OSPF process 200.
<3Com> reset ospf 200
3-50
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
3.1.46 router id
Syntax
router id router-id
undo router id
View
System view
Parameter
router-id: Router ID, in dotted decimal notation, in the range of 0 to 255.
Description
Use the router id command to configure the ID of a router running the OSPF protocol.
Use the undo router id command to cancel the router ID that has been set.
By default, if a LoopBack interface address exists, the system chooses the LoopBack
address with the greatest IP address value as the router ID. If no LoopBack interface
is configured, the address of the physical interface with the greatest IP address value
will be the router ID.
Router ID is a 32-bit unsigned integer that uniquely identifies a router in an OSPF
autonomous system. You can specify the ID for a router. If you do not specify a router
ID, the router will automatically select one from configured IP addresses as the ID of
this router. If no IP address is configured for any interface of the router, the router ID
must be configured in OSPF view. Otherwise, OSPF protocol cannot be enabled.
When the router ID is configured manually, the IDs of any two routers cannot be same
in the autonomous system. Thus, you can select the IP address of an interface as the
ID of this router.
Related command: ospf.
Note:
A modified router ID takes effect only after OSPF is re-enabled.
Example
# Set the router ID to 10.1.1.3.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] router id 10.1.1.3
3-51
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
3.1.47 silent-interface
Syntax
silent-interface Vlan-interface Vlan-interface-number
undo silent-interface Vlan-interface Vlan-interface-number
View
OSPF view
Parameter
Vlan-interface-number: Interface number.
Description
Use the silent-interface command to disable an interface from transmitting OSPF
packet.
Use the undo silent-interface command to restore the default setting.
By default, the interface is enabled to transmit OSPF packet.
To prevent the router on some network from receiving the OSPF routing information,
you can use this command to disable this interface from transmitting OSPF packet.
On the switch, this command can be used to enable/disable OSPF packet
transmission through the specified VLAN interface.
Example
# Disable interface Vlan-interface 20 from transmitting OSPF packet.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] silent-interface Vlan-interface 20
3.1.48 snmp-agent trap enable ospf
Syntax
snmp-agent trap enable ospf [ process-id ] [ ifstatechange | iftxretransmit |
ifrxbadpkt | ifcfgerror | virifstatechange | nbrstatechange | virnbrstatechange |
virifcfgerror | ifauthfail | virifauthfail | virifrxbadpkt | viriftxretransmit |
originatelsa | maxagelsa | lsdboverflow | lsdbapproachoverflow ]*
undo snmp-agent trap enable ospf [ process-id ] [ ifstatechange | iftxretransmit |
ifcfgerror |virifstatechange | nbrstatechange | virnbrstatechange | virifcfgerror |
ifauthfail | virifauthfail | ifrxbadpkt | virifrxbadpkt | viriftxretransmit | originatelsa
| maxagelsa | lsdboverflow | lsdbapproachoverflow ]*
3-52
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
View
System view
Parameter
process-id: OSPF Process ID, in the range of 1 to 65,535. If you do not specify a
process ID, this command applies to all current OSPF processes.
ifstatechange, virifstatechange, nbrstatechange, virnbrstatechange, ifcfgerror,
virifcfgerror, ifauthfail, virifauthfail, ifrxbadpkt, iftxretransmit, virifrxbadpkt,
viriftxretransmit,
originatelsa,
maxagelsa,
lsdboverflow,
and
lsdbapproachoverflow: Types of TRAP packets that the switch produces in case of
OSPF anomalies.
Description
Use the snmp-agent trap enable ospf command to enable the OSPF TRAP
function.
Use the undo snmp-agent trap enable ospf command to disable the OSPF TRAP
function.
This command does not apply to the OSPF processes that are started after the
command is executed.
By default, the switch does not send TRAP packets in case of OSPF anomalies.
For detailed configuration of SNMP TRAP, refer to section "System Management" in
this manual.
Example
# Enable the TRAP function for OSPF process 100.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent trap enable ospf 100
3.1.49 spf-schedule-interval
Syntax
spf-schedule-interval interval
undo spf-schedule-interval
View
OSPF view
3-53
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
Parameter
interval: SPF calculation interval of OSPF, in seconds. It ranges from 1 to 10 and
defaults to 5.
Description
Use the spf-schedule-interval command to configure the route calculation interval of
OSPF.
Use the undo spf-schedule-interval command to restore the default setting.
According to the Link State Database (LSDB), the router running OSPF can calculate
the shortest path tree taking itself as the root and determine the next hop to the
destination network according to the shortest path tree. Adjusting SPF calculation
interval restrains frequent network changes, which may occupy too many bandwidth
resources and router resources.
Example
# Set the OSPF route calculation interval of 3Com to 6 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] spf-schedule-interval 6
3.1.50 stub
Syntax
stub [ no-summary ]
undo stub
View
OSPF Area view
Parameter
no-summary: Disables an ABR from transmitting Summary LSAs to the STUB area.
Description
Use the stub command to configure the type of an OSPF area as "stub".
Use the undo stub command to cancel the settings.
By default, no area is set to be the STUB area.
If the router is an ABR, it will send a default route to the connected stub area . Use the
default-cost command to configure the default route cost. In addition, you can
3-54
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
specify the no-summary argument in the stub command to disable the receiving of
type-3 LSAs by the stub area connected to the ABR.
Related command: default-cost.
Example
# Set the type of OSPF area 1 to STUB.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] area 1
[3Com-ospf-1-area-0.0.0.1] stub
3.1.51 vlink-peer
Syntax
vlink-peer router-id [ hello seconds | retransmit seconds | trans-delay seconds |
dead seconds | simple password | md5 keyid key ]*
undo vlink-peer router-id
View
OSPF Area view
Parameter
route-id: Router ID of virtual link peer.
hello seconds: Specifies the interval, in seconds, at which the router transmits hello
packet. It ranges from 1 to 8192 and defaults to 10. This value must equal the hello
seconds value of the router virtually linked to the interface.
retransmit seconds: Specifies the interval, in seconds, for retransmitting the LSA
packets on an interface. It ranges from 1 to 8192 and defaults to 5.
trans-delay seconds: Specifies the delay, in seconds, for transmitting LSA packets on
an interface. It ranges from 1 to 8192 and defaults to 1.
dead seconds: Specifies the interval, in seconds, of death timer. It ranges from 1 to
8192 and defaults to 40. This value must equal the dead seconds of the router
virtually linked to it and must be at least four times of the hello seconds.
simple password: Specifies the simple text authentication password, which contains
up to eight characters, of the interface. This value must equal the authentication key
of the virtually linked peer.
keyid: MD5 authentication key ID. It ranges from 1 to 255. It must be equal to the
authentication key ID of the virtually linked peer.
3-55
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 3 OSPF Configuration Commands
key: MD5 authentication key. If you use simple text authentication key, you can input a
string
containing
1
to
current-configuration
16
characters.
When
you
use
the
display
command to display system information, the MD5
authentication key is displayed in the form of cipher text with a length of 24 characters.
Inputting the key in the form of cipher text with a length of 24 characters is also
supported.
Description
Use the vlink-peer command to create and configure a virtual link.
Use the undo vlink-peer command to cancel an existing virtual link.
According to RFC2328, an OSPF area must be connected to the backbone network.
You can use the vlink-peer command to keep the connectivity. Virtual link can be
regarded as a common interface that uses OSPF because the principle for
configuring the parameters such as hello, retransmit, and trans-delay on it is similar.
Note
that,
when
configuring
virtual
link
authentication,
you
use
the
authentication-mode command to specify the authentication mode as MD5 cipher
text or simple text on the backbone network.
Related command: authentication-mode, display ospf.
Example
# Create a virtual link to 10.110.0.3 and use the MD5 cipher authentication mode.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ospf 1
[3Com-ospf-1] area 10.0.0.0
[3Com-ospf-1-area-10.0.0.0] vlink-peer 10.110.0.3 md5 3 345
3-56
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
Chapter 4 Integrated IS-IS Configuration
Commands
Note:
The router in this document refers to a generic router and an Ethernet switch running
routing protocols.
4.1 Integrated IS-IS Configuration Commands
4.1.1 area-authentication-mode
Syntax
area-authentication-mode { simple | md5 } password [ ip | osi ]
undo area-authentication-mode { simple | md5 } [ ip | osi ]
View
IS-IS view
Parameter
simple: Specifies to send the password in plain text.
md5: Specifies to send the password encrypted with MD5.
password: Specifies the password to be set. For the simple authentication mode, the
password must be plain text. For the md5 authentication mode, the password can be
either plain text or ciphertext, and the result depends on the input. A plain password
can be a string no longer than 16 bytes, such as user918. A cipher password must be
a ciphertext of 24 bytes, such as (TT8F]Y\5SQ=^Q`MAF4<1!!.
ip: Specifies the system to check the configuration for the corresponding field of IP in
LSP.
osi: Specifies the system to check the configuration for the corresponding field of OSI
in LSP.
Whether a password should use the ip keyword or the osi keyword is not affected by
the actual network environment.
4-1
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
Description
Use the area-authentication-mode command to configure IS-IS to authenticate the
packets (LSP, CSNP and PSNP) received from level-1 route using the predefined
mode and password.
Use the undo area-authentication-mode command to disable IS-IS from
authenticating the received packets above.
The system will neither authenticate the packets received from level-1 route nor check
its password by default.
We can use this command to clear all leve-1 routing packets not compatible with the
area authentication password set by the command. And at the same time, we also
instruct the system to follow a specific mode to insert the area authentication
password in all the level-1 routing packets sent from the local node.
Related command: reset isis all, domain-authentication-mode, and isis
authentication-mode.
Example
# Set the area authentication password to hello, and the authentication mode to
simple.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] area-authentication-mode simple hello
4.1.2 cost-style
Syntax
cost-style { narrow | wide | wide-compatible | { compatible | narrow-compatible }
[ relax-spf-limit ] }
undo cost-style
View
IS-IS view
Parameter
narrow: Specifies to receive and send narrow packets only.
wide: Specifies to receive and send wide packets only.
compatible: Specifies to receive or send both wide and narrow packets.
narrow-compatible: Specifies to receive both narrow and wide packets, but send
only narrow packets.
4-2
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
wide-compatible: Specifies to receive both narrow and wide packets, but send only
wide packets.
relax-spf-metric: Specifies to allow receiving routes with cost bigger than 1,024. If
this keyword is not configured, any route with cost larger than 1,024 will be dropped.
This configuration is only available when the compatible keyword or when the
narrow-compatible keyword is provided.
Description
Use the cost-style command to set the cost style of packets received or sent by IS-IS
router.
Use the undo cost-style command to restore the default cost style.
Only narrow packets can be received and sent by default.
Related command: isis cost.
Example
# Set the router to send only narrow packets, but receive both narrow and wide ones.
<3Com> system-view
System View: return to User View with Ctrl+Z..
[3Com] isis
[3Com-isis] cost-style narrow-compatible
4.1.3 default-route-advertise
Syntax
default-route-advertise [ route-policy route-policy-name ]
undo default-route-advertise [ route-policy route-policy-name ]
View
IS-IS view
Parameter
route-policy-name: Name of the specified route-policy, which is a string containing 1
to 19 characters.
Description
Use the default-route-advertise command to enable the L1 and L2 routers to
generate default routes.
Use the undo default-route-advertise command to disable the function.
By default, L2 routers generate default routes.
4-3
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
This command can be executed on L1 routers or L2 routers. Defaults routes are
generated in L2 LSP by default. Carrying out the apply isis level-1 command in
routing policy view will generate default routes in L1 LSP. Carrying out the apply isis
level-2 command in routing policy view will generate default routes in L2 LSP.
Carrying out the apply isis level-1-2 command in routing policy will generate default
routes in L1 LSP and L2 LSP respectively.
Example
# Configure the current router to generate default route in LSP.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com-isis] default-route-advertise
4.1.4 display isis brief
Syntax
display isis brief
View
Any view
Parameter
None
Description
Use the display isis brief command to display the brief information about IS-IS.
Example
# Display the brief information about IS-IS.
<3Com> display isis brief
ISIS
Protocol Brief Information:
System protocol supported by IS-IS:
Is-level:
level-1-2
Cost-style:
narrow
Preference:
15
CLNS Preference:
15
Timers:
spf-delay-interval:
spf-slice-size:
5000
0
lsp-max-age:
1200
lsp-refresh:
900
4-4
none
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
interval between SPFs:
Chapter 4 Integrated IS-IS Configuration Commands
level-1
10
level-2
10
4.1.5 display isis interface
Syntax
display isis interface [ verbose ]
View
Any view
Parameter
verbose: Displays the detailed information about the interface.
Description
Use the display isis interface command to view the information about the
IS-IS-enabled interfaces.
The information displayed by this command includes the interface name, interface IP
address, interface link state and so on. Besides all the information displayed by the
display isis interface command, the display isis interface verbose command will
display the IS-IS configuration information related to the interface, such as CSNP
packets broadcast intervals, Hello packets broadcast intervals and the number of
invalid Hello packets.
Example
# Display the information about the IS-IS-enabled interface.
<3Com> display isis interface
Interface
IP Address Id
Link.Sta IP.Sta
Vlan-interface1 172.16.1.2 001 Up
Up
MTU
Type
1497
L1
DIS
No/No
# Display the detailed information about the IS-IS-enabled interface.
<3Com> display isis interface verbose
Interface
IP Address Id
Link.Sta IP.Sta
Vlan-interface1 172.16.1.2 001 Up
Up
1497
L1
10
L2
10
L1
10
L2
10
L1
30
L2
30
10
L2
10
64
L2
64
Secondary IP Address
:
Csnp Interval
:
L1
Hello Interval
:
Hold Time
:
Lsp Interval
:
Cost
:
L1
Priority
:
L1
Retransmission interval
:
4-5
MTU
33
5
Type
DIS
No/No
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
4.1.6 display isis lsdb
Syntax
display isis lsdb [ [ l1 | l2 | level-1 | level-2 ] | [ [ lsp-id | local ] | verbose ]* ]*
View
Any view
Parameter
l1, level-1: Specifies level-1 routing connection state database.
l2, level-2: Specifies level-2 routing connection state database.
lsp-id: LSP ID of the network-entity-title.
local: Specifies to display LSP information generated locally.
verbose: Specifies to display the detailed information of link state database.
Description
Use the display isis lsdb command to display IS-IS link state database.
Example
# Display a piece of LSP information.
<3Com> display isis lsdb 0050.0500.5005.00-00
IS-IS Level-1 Link State Database
Lsp ID
Sequence
Holdtime
A_P_O
Checksum
>0050.0500.5005.00-00
0x00000328
780
0_0_0
0xf211
4.1.7 display isis mesh-group
Syntax
display isis mesh-group
View
Any view
Parameter
None
Description
Use the display isis mesh-group command to display the mesh-group of IS-IS.
4-6
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
You can use this command to view the mesh-group configuration of the current
routing interface.
Example
# Configure the IS-IS-enabled Vlan-interface 10 and Vlan-interface 20 of the router to
belong to mesh group 100.
<3Com> system-view
[3Com-Vlan-interface10] isis mesh-group 100
[3Com-Vlan-interface10] interface Vlan-interface 20
[3Com-Vlan-interface20] isis mesh-group 100
# Display the configuration information of the IS-IS mesh group.
<3Com> system-view
[3Com-Vlan-interface20] display isis mesh-group
Interface
Mesh-group/Blocked
Vlan-interface 10
100
Vlan-interface 20
100
4.1.8 display isis peer
Syntax
display isis peer [ verbose ]
View
Any view
Parameter
verbose: Displays the area address advertised in a neighbor’s Hello packet when this
keyword is provided; displays only the brief information if this keyword is not specified.
Description
Use the display isis peer command to display the information of the IS-IS neighbor.
Besides all the information displayed by the display isis peer command, the display
isis peer verbose command will display the neighbor’s area address, holdtime of Up
state and the IP address of the directly-connected interface.
Example
# Display the detailed information about IS-IS neighbors.
<3Com> display isis peer verbose
System ID
Interface
Circuit ID
State HoldTime Type Pri
0000.0000.6502 Vlan-interface1000 0000.0000.6502.02 Up
Area Address:
01
IP Address: 7.7.7.7
4-7
8s
Period: 01:51:13
L1
64
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
System ID
Chapter 4 Integrated IS-IS Configuration Commands
Interface
Circuit ID
State HoldTime Type Pri
0000.0000.6502 Vlan-interface1001 0001.0000.6506.02 Up
Area Address:
01
IP Address: 6.6.6.6
24s
L1
64
Period: 00:53:50
# Display the information about IS-IS neighbors.
<3Com> display isis peer
System ID
Interface
Circuit ID
State HoldTime Type Pri
0000.0000.6502 Vlan-interface1000 0000.0000.6502.02 Up 9s
L1
64
0000.0000.6502 Vlan-interface1001 0001.0000.6506.02 Up 24s
L1
64
4.1.9 display isis route
Syntax
display isis route { clns | ip }
View
Any view
Parameter
ip: Displays IP-based IS-IS routing information.
clns: Displays OSI-based IS-IS routing information.
Description
Use the display isis route command to display the IS-IS routing information.
Example
# Display the output information of the display isis ip route command.
<3Com> display isis route
ISIS IP Level - 2 Routing Table :
Type - D -Direct, C -Connected, I -ISIS, S -Static, O -OSPF
B -BGP, R -RIP
Flags: R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set
Destination/Mask In.Met
Ex.Met NextHop
Interface
Flags
------------------------------------------------------------------------D 111.1.0.0/16
10
Direct
Vlan-interface111
R/L/-
D 170.1.1.0/24
10
Direct
Vlan-interface170
R/L/-
I 131.1.0.0/16
20
111.1.1.1
Vlan-interface111
R/-/-
4-8
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
I 133.1.0.0/16
20
111.1.1.1
Vlan-interface111
R/-/-
I 135.1.0.0/16
20
111.1.1.1
Vlan-interface111
R/-/-
D 145.1.0.0/16
10
Direct
Vlan-interface145
R/L/-
4.1.10 display isis spf-log
Syntax
display isis spf-log
View
Any view
Parameter
None
Description
Use the display isis spf-log command to display the log record of IS-IS SPF
calculation.
Example
# Display the log record of IS-IS SPF calculation.
<3Com> display isis spf-log
Details of Level 2 SPF Run:
------------------------------------------------------------------------Trig.Event
No.Of Nodes
Duration(ms)
StartTime
IS_SPFTRIG_NEWADJ
2
74
0:10:55
IS_SPFTRIG_NEWADJ
2
670
0:10:24
IS_SPFTRIG_NEWADJ
2
23
0:10:2
IS_SPFTRIG_NEWADJ
2
30
0:9:32
IS_SPFTRIG_NEWADJ
2
34
0:9:1
IS_SPFTRIG_NEWADJ
2
111
0:7:59
IS_SPFTRIG_NEWADJ
2
302
0:25:1
IS_SPFTRIG_NEWADJ
2
60
0:24:30
IS_SPFTRIG_NEWADJ
2
232
0:20:31
IS_SPFTRIG_NEWADJ
2
42
0:19:58
IS_SPFTRIG_NEWADJ
2
37
0:19:32
IS_SPFTRIG_NEWADJ
2
34
0:19:0
IS_SPFTRIG_CIRC_UP
2
633
0:18:51
IS_SPFTRIG_NEWADJ
2
78
0:17:59
IS_SPFTRIG_ADJDOWN
0
-59863
0:15:7
4-9
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
IS_SPFTRIG_NEWADJ
2
30
0:15:3
IS_SPFTRIG_NEWADJ
2
32
0:14:2
IS_SPFTRIG_NEWADJ
2
202
0:13:34
IS_SPFTRIG_CIRC_DOWN
2
215
0:12:17
IS_SPFTRIG_CIRC_UP
2
27
0:12:7
4.1.11 domain-authentication-mode
Syntax
domain-authentication-mode { simple | md5 } password [ ip | osi ]
undo domain-authentication-mode { simple | md5 } [ ip | osi ]
View
IS-IS view
Parameter
simple: Specifies to send the password in plain text.
md5: Specifies to send the password after encrypted with MD5.
password: Specifies the password to be set. For the simple authentication mode, the
password must be plain text. For md5 authentication mode, the password can be
either plain text or ciphertext, and the result depends on the input. A plain password
can be a string no longer than 16 bytes, such as user918. A cipher password must be
a ciphertext of 24 bytes, such as _(TT8F]Y\5SQ=^Q`MAF4<1!!.
ip: Specifies the system to check the configuration for the corresponding field of IP in
LSP.
osi: Specifies the system to check the configuration for the corresponding field of OSI
in LSP.
Whether a password should use the ip keyword or the osi keyword is not affected by
the actual network environment.
Description
Use the domain-authentication-mode command to configure IS-IS routing domain
to authenticate the received level-2 packets (LSP, CSNP and PSNP) using the
predefined mode and password.
Use the undo domain-authentication-mode command to disable IS-IS from
authenticating the received packets above.
The system will neither authenticate the received level-2 routing packet nor check its
password by default.
You can use this command to clear all leve-2 routing packets not matching the
domain-authentication password set by the command. At the same time, we also
4-10
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
instruct the system to follow a specific mode to insert the area-authentication
password in all the level-2 routing packets sent from the local node.
Related command: area-authentication-mode, and isis authentication-mode.
Example
# Use the simple mode and set the password to 3Com to authenticate level-2 routing
packets.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] domain-authentication-mode simple 3Com
4.1.12 filter-policy export
Syntax
filter-policy acl-number export [ protocol ]
undo filter-policy acl-number export [ protocol ]
View
IS-IS view
Parameter
acl-number: ACL number in the range of 2,000 to 3,999.
protocol: Protocol used to advertise routing information, including direct, static, rip,
bgp, ospf, ospf-ase, ospf-nssa currently.
Description
Use the filter-policy export command to enable IS-IS to filter the routes advertised
by other routing protocols.
Use the undo filter-policy export command to disable the configured filter rules.
IS-IS does not filter the routes advertised by other routing protocols by default.
4-11
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
Note:
z
The filter-policy export command takes effect only on the routes imported
through the import-route command. If the filter-policy export command is
configured while the import-route command is not configured to import other
non-IS-IS routes, the filter-policy export command does not take effect.
z
If the protocol argument is not provided in the filter-policy export command, the
command takes effect on all the routes imported to the local device using the
import-route command.
Related command: filter-policy import.
Example
# Use ACL 2000 to filter the routes imported through IS-IS.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] filter-policy 2000 export
4.1.13 filter-policy import
Syntax
filter-policy acl-number import
undo filter-policy acl-number import
View
IS-IS view
Parameter
acl-number: ACL number in the range of 2,000 to 3,999.
Description
Use the filter-policy import command to enable IS-IS to filter the received routes.
Use the undo filter-policy import command to disable IS-IS from filtering the
received routes.
IS-IS does not filter the received routes by default.
In some circumstances, only the routing information satisfying certain conditions will
be received. You can configure the filtering condition by setting the filter-policy
parameters.
Related command: filter-policy export.
4-12
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
Example
# Use ACL 2000 to filter the received routes.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] filter-policy 2000 import
4.1.14 ignore-lsp-checksum-error
Syntax
ignore-lsp-checksum-error
undo ignore-lsp-checksum-error
View
IS-IS view
Parameter
None
Description
Use the ignore-lsp-checksum-error command to set IS-IS to drop the LSP when it
detects LSP checksum errors.
Use the undo ignore-lsp-checksum-error command to set IS-IS to ignore LSP
checksum errors.
IS-IS ignores LSP checksum errors by default.
When the local IS-IS receives a LSP packet, it will check the LSP packet and compare
the checksum calculated with that in the LSP packet. By default, the LSP packets will
not
be
dropped
even
if
the
checksum
is
wrong.
You
can
use
the
ignore-lsp-checksum-error to configure IS-IS to drop the LSP packet in case of
checksum error.
Example
# Configure IS-IS to drop the LSP packet in case of checksum error.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] ignore-lsp-checksum-error
4-13
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
4.1.15 import-route
Syntax
import-route protocol [ cost value | type { external | internal } | [ level-1 | level-1-2 |
level-2 ] | route-policy route-policy-name ]*
undo import-route protocol [ cost value | type { external | internal } | [ level-1 |
level-1-2 | level-2 ] | route-policy route-policy-name ]*
View
IS-IS view
Parameter
protocol: Source routing protocol that can be imported, including direct, static, rip,
bgp, ospf, ospf-ase, and ospf-nssa.
value: Cost of the imported route, in the range of 0 to 63.
type: Specifies the type of the routing cost. If it is internal, then it is a route within an
area; if it is external, it is a route between areas. The type is internal by default.
level-1: Specifies to import routes to Level-1 routing table.
level-2: Specifies to import routes to Level-2 routing table. If no level is specified, the
routes are imported to level-2 routing table by default.
level-1-2: Specifies to import routes to Level-1 and level-2 routing tables.
route-policy route-policy-name: Specifies to import only those routes satisfying the
matching condition of the designated route-policy. The route-policy-name argument is
a string containing 1 to 19 characters.
Description
Use the import-route command to enable IS-IS to filter the imported routes.
Use the undo import-route command to disable IS-IS from importing other protocols'
routing information.
IS-IS does not import other protocols’ routing information by default.
IS-IS takes all the routes imported to the routing domain as external routes, which
describe how to select a routes to a destination outside of the routing domain.
Related command: import-route isis level-2 into level-1.
Example
# Import a static route with the cost of 15.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
4-14
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
[3Com-isis] import-route static cost 15
4.1.16 import-route isis level-2 into level-1
Syntax
import-route isis level-2 into level-1 [ acl acl-number ]
undo import-route isis level-2 into level-1
View
IS-IS view
Parameter
acl-number: ACL number in the range of 2000 to 3999. It can be either basic ACLs or
advanced ACLs.
Description
Use the import-route isis level-2 into level-1 command to import the routing
information of Level-2 area to Level-1 area.
Use the undo import-route isis level-2 into level-1 command to disable this
function.
By using the filter policy to filter the routes during the route penetration from Level-2 to
Level-1, you call advertise in the Level-1 area only those routes that have passed the
filter.
The routing information in Level-2 area will not be advertised in Level-1 area by
default.
Related command: import-route.
Example
# Set the router to penetrate routes from Level-2 to Level-1 through ACL.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] import-route isis level-2 into level-1 acl 2100
4.1.17 isis
Syntax
isis [ tag ]
undo isis [ tag ]
4-15
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
View
System view
Parameter
tag: Name of an IS-IS routing process, consisting of no more than 128 characters. Its
length can be 0, that is, the tag argument can be null.
Description
Use the isis command to start a corresponding IS-IS routing process and enter the
IS-IS view.
Use the undo isis command to delete the specified IS-IS routing process.
IS-IS routing processes are disabled by default.
Before running IS-IS protocol normally, you must first use the isis command to enable
IS-IS process, then use the network-entity command to configure a network entity
title (NET) for the router, and then use the isis enable command to enable each
interface that need to run the IS-IS process.
Note:
Only one IS-IS routing process can be enabled on a router.
Related command: isis enable, and network-entity.
Example
# Start the IS-IS routing process, with the system ID as 0000.0000.0002, and area ID
as 01.0001.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] network-entity 01.0001.0000.0000.0002.00
4.1.18 isis authentication-mode
Syntax
isis authentication-mode { simple | md5 } password [ { level-1 | level-2 } [ ip | osi ] ]
undo isis authentication-mode { simple | md5 } password [ { level-1 | level-2 } [ ip
| osi ] ]
4-16
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
View
Interface view
Parameter
simple: Specifies to send the password in plain text.
md5: Specifies to send the password in ciphertext.
password: Specifies a password. For simple authentication mode, the password
must be plain text. For md5 authentication mode, the password can be either plain
text or ciphertext, and the result depends on the input. A plain password can be a
string no longer than 16 bytes, such as user918. A cipher password must be a
ciphertext of 24 bytes, such as _(TT8F]Y\5SQ=^Q`MAF4<1!!.
level-1: Specifies to set a password for L1.
level-2: Specifies to set a password for L2.
ip: Specifies the system to check the configuration for the corresponding field of IP in
LSP.
osi: Specifies the system to check the configuration for the corresponding field of OSI
in LSP.
Whether a password should use the ip keyword or the osi keyword is not affected by
the actual network environment.
Description
Use the isis authentication-mode command to authenticate the IS-IS hello packets
of the specified level using the specified authentication mode and password on the
IS-IS interface.
Use the undo isis authentication-mode command to disable the authentication and
remove the password.
There is no password or authentication by default.
If there is no other parameter but the password, then only level-1 and osi are
available.
Related command: area-authentication-mode, and domain authentication-mode.
Example
# Set the plain password as tangshi for Level-1 adjacency on Vlan-interface 10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] isis authentication-mode simple tangshi level-1
4-17
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
4.1.19 isis circuit-level
Syntax
isis circuit-level [ level-1 | level-1-2 | level-2 ]
undo isis circuit-level
View
Interface view
Parameter
level-1: Specifies to set up only level-1 adjacency for the interface.
level-1-2: Specifies to set up level-1-2 adjacency for the interface.
level-2: Specifies to set up only level-2 adjacency for the interface.
Description
Use the isis circuit-level command to set link adjacency for the level-1-2 router.
Use the undo isis circuit-level command to resume the default configuration of link
adjacency for the level-1-2 router.
An interface can be configured level-1-2 adjacency by default.
This command is only available for a level-1-2 router. If the local host is level-1-2
router and it need to set up some adjacency (level-1 or level-2) with a peer router,
then you can use this command to prescribe the local interface to receive and send
only the hello packets. An interface can receive and send only one type of hello
packet on a point-to-point link. You can use this command to reduce the router’s
processing time to save bandwidth.
Related command: is-level.
Example
# Set the level-1 attributes for Vlan-interface 10 to prohibit sending and receiving
level-2 Hello packets when the interface is connected to a non-backbone router within
the same area.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] isis enable
[3Com-Vlan-interface10] isis circuit-level level-1
4-18
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
4.1.20 isis cost
Syntax
isis cost value [ level-1 | level-2 ]
undo isis cost [ level-1 | level-2 ]
View
Interface view
Parameter
value: Specifies the link cost value for corresponding SPF calculation, in the range of
0 to 63. It is 10 by default.
level-1: Indicates the link cost corresponding to Level-1 layer.
level-2: Indicates the link cost corresponding to Level-2 layer.
Description
Use the isis cost command to set the interface link cost for SPF calculation.
Use the undo isis cost command to resume the default link cost value.
If neither level-1 nor level-2 is assigned in the configuration, then both level-1 and
level-2 are configured by default.
You are recommended to configure a proper link cost for each interface; otherwise,
the link cost for IS-IS route calculation may not reflect the correct cost.
Example
# Set the Level-2 link cost to 5 for Vlan-interface10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] isis cost 5 level-2
4.1.21 isis dis-priority
Syntax
isis dis-priority value [ level-1 | level-2 ]
undo isis dis-priority [ level-1 | level-2 ]
View
Interface view
4-19
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
Parameter
value: Specifies the priority for selecting DIS, ranging from 0 to 127, with the default as
64.
level-1: Specifies the priority for selecting level-1 DIS.
level-2: Specifies the priority for selecting level-2 DIS.
If neither level-1 nor level-2 is specified in this command, then the level-1 and level-2
priority is configured by default.
Description
Use the isis dis-priority command to specify the priority for selecting corresponding
DIS.
Use the undo isis dis-priority command to resume the default priority.
Unlike DR of OSPF, there is no backup DIS for IS-IS and the router with 0 priority can
also select DIS.
Related command: area-authentication-mode, and domain authentication-mode.
Example
# Configure the priority as 127 for Vlan-interface 10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] isis dis-priority 127 level-2
4.1.22 isis enable
Syntax
isis enable [ tag ]
undo isis enable [ tag ]
View
Interface view
Parameter
tag: Name assigned to the IS-IS routing process when the isis command is executed
in system view. If this argument is not specified, it is null.
Description
Use the isis enable command to enable the corresponding IS-IS routing process for
the interface.
4-20
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
Use the undo isis enable command to disable this configuration.
The interface does not enable the IS-IS routing process by default.
Before running IS-IS protocol normally, you must use the isis command to enable
IS-IS process, and use the network-entity command to configure a network entity
title (NET) for the router, and then use the isis enable command to enable each
interface that need to run the IS-IS process.
Related command: isis, and network-entity.
Example
# Enable the IS-IS routing process on Vlan-interface 10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis 3Com
[3Com-isis] network-entity 10.0001.1010.1020.1030.00
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] isis enable 3Com
4.1.23 isis mesh-group
Syntax
isis mesh-group { mesh-group-number | mesh-blocked }
undo isis mesh-group
View
Interface view
Parameter
mesh-group-number: Mesh group number, ranging from 1 to 4,294,967,295.
mesh-blocked: After this parameter is configured, the interface will be blocked to
flood the received LSP to other interfaces.
Description
Use the isis mesh-group command to add an interface to a specified mesh group.
Use the undo isis mesh-group command to delete an interface from a mesh group.
An interface is not in any mesh group and can flood LSP normally by default.
For an interface not in a mesh group, it follows the normal process to flood the
received LSP to other interfaces. For the NBMA network with high connectivity and
multiple point-to-point links, this will cause repeated LSP flooding and bandwidth
waste.
4-21
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
After an interface is added to a mesh group, it will only flood a received LSP to
interfaces not belonging to the same mesh group.
When you add an interface to a mesh group or block the interface, make sure to retain
some redundancy so that a link failure will not affect the normal LSP packet flooding.
Example
# Add the IS-IS-enabled Vlan-interface 20 to mesh-group 3.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com-Vlan-interface20] isis mesh-group 3
4.1.24 isis timer csnp
Syntax
isis timer csnp seconds [ level-1 | level-2 ]
undo isis timer csnp [ level-1 | level-2 ]
View
Interface view
Parameter
seconds: Interval in seconds of sending CSNP packets over broadcast network,
ranging from 1 to 65,535, with the default as 10 seconds.
level-1: Specifies the Level-1 time interval for sending CSNP packets.
level-2: Specifies the Level-2 time interval for sending CSNP packets.
If neither the level-1 keyword nor the level-2 keyword is specified, both the level-1
interval and the level-2 interval are set.
Description
Use the isis timer csnp command to specify the time interval for sending CSNP
packet over broadcast network.
Use the undo isis timer csnp command to resume the default value of 10 seconds.
This command only applies to the DIS router, which sends CSNP packets periodically.
Besides, DIS is separated to Level-1 and Level-2, and their time intervals should be
configured respectively.
Example
# Configure Level-2 CSNP packets to be sent every 15 seconds over Vlan-interface
10.
<3Com> system-view
4-22
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] isis timer csnp 15 level-2
4.1.25 isis timer hello
Syntax
isis timer hello seconds [ level-1 | level-2 ]
undo isis timer hello [ level-1 | level-2 ]
View
Interface view
Parameter
seconds: Interval in seconds for sending Hello packets, ranging from 3 to 255, with
the default as 10 seconds.
level-1: Specifies the time interval for sending Level-1 Hello packets.
level-2: Specifies the time interval for sending Level-2 Hello packets.
If neither the level-1 keyword nor the level-2 keyword is specified, both the level-1
interval and the level-2 interval are set.
Description
Use the isis timer hello command to specify the time interval for sending the
corresponding level Hello packets.
Use the undo isis timer hello command to resume the default value of 10 seconds.
The hello time interval must be configured respectively for the Level-1 and Level-2
packets on a broadcast network, because these two types of hello packets are sent
separately. A point-to-point link does not require this. The shorter the time interval is,
the more system resources will be occupied to send Hello packets, so you should
configure a proper time interval depending on the specific requirements.
Related command: isis timer holding-multiplier.
Example
# Configure Level-2 Hello packets to be sent every 20 seconds over Vlan-interface
10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] isis timer hello 20 level-2
4-23
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
4.1.26 isis timer holding-multiplier
Syntax
isis timer holding-multiplier value [ level-1 | level-2 ]
undo isis timer holding-multiplier [ level-1 | level-2 ]
View
Interface view
Parameter
value: Number of invalid Hello packets of an IS-IS neighbor, in the range of 3 to 1,000.
level-1: Specifies the number of invalid Hello packets of a Level-1 IS-IS neighbor.
level-2: Specifies the number of invalid Hello packets of a Level-2 IS-IS neighbor.
If neither the level-1 keyword nor the level-2 keyword is specified, the command
takes effect on both level-1 and level-2 IS-IS neighbors.
Description
Use the isis timer holding-multiplier command to configure the number of invalid
Hello packets for an IS-IS neighbor. When a specified number of Hello packets are not
received from a neighbor, the neighbor will be considered as invalid.
Use the undo isis timer holding-multiplier command to resume the default
configuration.
The number of invalid Hello packets is three by default.
You can configure the time intervals of Hello packets separately for Level-1 and
Level-2 peers. But for point-to-point link, as there is only one kind of Hello packet, so
you need not specify Level-1 or Level-2.
In fact, the number of invalid Hello packets is used to configure Holddown time. If a
router receives no Hello packet from peer router within Holddown time, it will take the
peer router as invalid. Depending on the interface configuration, the Holddown time
can be configured differently for different routers within an area. You can adjust the
Holddown time by changing either the time interval for sending Hello packets or the
number of invalid Hello packets.
Related command: isis timer hello.
Example
# Configure the number of Level-2 Hello packets signifying peer invalid as 5 for
Vlan-interface, that is, if no Hello packet is received from the interface within 5 Hello
packet time intervals, the IS-IS peer is considered as invalid.
<3Com> system-view
System View: return to User View with Ctrl+Z.
4-24
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] isis timer holding-multiplier 5
4.1.27 isis timer lsp
Syntax
isis timer lsp time
undo isis timer lsp
View
Interface view
Parameter
time: Minimum time interval in millisecond for sending link-state packets, ranging from
1 to 1000, with the default as 33 milliseconds.
Description
Use the isis timer lsp command to configure the time interval for sending link-state
packets over interface.
Use the undo isis timer lsp command to resume the default configuration.
Related command: isis timer retransmit.
Example
# Configure the time interval as 500 milliseconds for Vlan-interface 10 to send LSP.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] isis timer lsp 500
4.1.28 isis timer retransmit
Syntax
isis timer retransmit seconds
undo isis timer retransmit
View
Interface view
Parameter
seconds: Interval in seconds for retransmitting LSP packets, ranging from 1 to 300,
with the default as 5 seconds.
4-25
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
Description
Use the isis timer retransmit command to configure the time interval for
retransmitting LSP packets over point-to-point link.
Use the undo isis timer retransmit command to resume the default configuration.
You should be careful when configuring this parameter to avoid unnecessary
retransmission.
You need not use this command over a broadcast link, because a LAP packet
requires response from the peer only over a point-to-point link, but not over a
broadcast link,
Related command: isis timer lsp.
Example
# Configure the time interval as 10 seconds for Vlan-interface 10 to retransmit LSP.
<3Com> system-view
System View: return to User View with Ctrl+Z..
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] isis timer retransmit 10
4.1.29 is-level
Syntax
is-level { level-1 | level-1-2 | level-2 }
undo is-level
View
IS-IS view
Parameter
level-1: Indicates the router works in Level-1, which means it only calculates routes
within the area, and maintains L1 LSDB.
level-1-2: Indicates the router works in Level-1-2, which means it calculates routes
and maintains LSDB for both L1 and L2.
level-2: Indicates the router works in Level-2, which means it calculates LSP
switching and routes and maintains LSDB for L2 only.
Description
Use the is-level command to configure IS-IS router type.
Use the undo is-level command to resume the default configuration.
The configuration is level-1-2 by default.
4-26
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
It is recommended to configure system level when you configure IS-IS.
You can configure all the routers as either Level-1 or Level-2 if there is only one area,
because there is no need for all routers to maintain two identical databases at the
same time. You are advised to configure all routers as Level-2 in IP network so as to
facilitate extending later.
Related command: isis circuit-level.
Example
# Configure the current route to work in Level-1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] is-level level-1
4.1.30 log-peer-change
Syntax
log-peer-change
undo log-peer-change
View
IS-IS view
Parameter
None
Description
Use the log-peer-change command to enable the IS-IS adjacency state change
output.
Use the undo log-peer-change command to disable the output.
The output is disabled by default.
When the adjacency state output is enabled, the IS-IS adjacency state change will be
sent to the configuration terminal.
Example
# Enable the IS-IS adjacency state change output on the current router.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] log-peer-change
4-27
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
4.1.31 md5-compatible
Syntax
md5-compatible
undo md5-compatible
View
IS-IS view
Parameter
None
Description
Use the md5-compatible command to specify IS-IS to adopt the MD5 algorithm
compatible with other manufacturers.
Use the undo md5-compatible command to specify IS-IS to adopt the default MD5
algorithm.
By default, IS-IS adopt the MD5 algorithm compatible with 3Com.
This command must be configured when the switch needs to perform IS-IS MD5
authentication with the devices of manufacturers except 3Com.
Example
# Specify IS-IS to adopt the MD5 algorithm compatible with other manufacturers.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] md5-compatible
4.1.32 network-entity
Syntax
network-entity network-entity-title
undo network-entity network-entity-title
View
IS-IS view
4-28
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
Parameter
network-entity-title: Network entity title in the form of X…X.XXXX....XXXX.00, with the
12 “X” in the middle as system ID of the router, the last “00” as the SEL and the "X…X"
in the front as the area address.
Description
Use the network-entity command to configure the network entity title (NET) for an
IS-IS routing process.
Use the undo network-entity command to delete a NET.
There is no NET by default.
A NET is a network service access point (NSAP), and it is in the range of 8 to 20 bytes
for IS-IS.
A NET has three parts: The first part is area ID, which ranges from 1 to 13 bytes. The
routes of the same area have the same area ID. The second part is the router’s
system ID of 6 bytes, which is unique within the whole area and backbone area. The
third part is SEL, the ending byte with the value of 00. You need to configure only 1
NET for a router. When repartitioning an area, such as merging or splitting, you can
reconfigure the router to ensure correct and continuous routing.
Related command: isis, and isis enable.
Example
# Specify the NET as 10.0001.1010.1020.1030.00, of which 10.0001 is the area ID
and 1010.1020.1030 is the system ID.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] network-entity 10.0001.1010.1020.1030.00
4.1.33 preference
Syntax
preference value [ clns | ip ]
undo preference [ clns | ip ]
View
IS-IS view
Parameter
value: Preference value in the range of 1 to 255. It is 15 by default.
4-29
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
clns: IS-IS routing preference based on OSI protocol stack, in the range of 1 to 1,255.
It is IP-based preference by default.
ip: IS-IS routing preference based on IP protocol stack, in the range of 1 to 255.
Description
Use the preference command to configure IS-IS protocol preference.
Use the undo preference command to resume the default IS-IS protocol preference.
When a router runs multiple dynamic routing protocols at the same time, the system
will configure a preference for each routing protocol. If several protocols find routes to
the same destination, the one with the highest preference dominates.
Example
# Configure the preference of IS-IS protocol as 25.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] preference 25
4.1.34 reset isis all
Syntax
reset isis all
View
User view
Parameter
None
Description
Use the reset isis all command to clear all ISIS data structure information.
The IS-IS data information will not be cleared by default.
This command is used when a LSP need to be updated immediately. For example,
after performing the area-authentication-mode and domain-authentication-mode
commands, if the router still has some old LSPs, you can use this command to clear
these LSPs.
Related command: area-authentication-mode, and domain authentication-mode.
Example
# Clear all IS-IS data structure.
4-30
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
<3Com> reset isis all
4.1.35 reset isis peer
Syntax
reset isis peer system-id
View
User view
Parameter
system-id: System ID for an IS-IS peer, in the range of one bit to 128 bits.
Description
Use the reset isis peer command to clear the data information of a specific IS-IS
peer.
The IS-IS peer is not cleared by default.
This command is used when you need to re-establish a specific peer.
Example
# Clear the IS-IS peer with system ID as 0000.0c11.1111.
<3Com> reset isis peer 0000.0c11.1111
4.1.36 set-overload
Syntax
set-overload
undo set-overload
View
IS-IS view
Parameter
None
Description
Use the set-overload command to set overload flag for the current router.
Use the undo set-overload command to clear overload flag.
No overload flag is set by default.
4-31
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
When the overload flag is set for a router, the routes calculated by the router will be
ignored by other routes when they calculate SPF. (But the routes directly connected to
the router will not be ignored.)
When a router is set overload flag, other routers will not transmit the packets that
should be forwarded by the router.
Example
# Set overload flag on the current router.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] set-overload
4.1.37 silent-interface
Syntax
silent-interface interface-type interface-number
undo silent-interface interface-type interface-number
View
IS-IS view
Parameter
interface-type interface-number: Interface index.
Description
Use the silent-interface command to prohibit IS-IS packet sending on the specified
interface.
Use the undo silent-interface command to permit IS-IS packet sending on the
specified interface.
By default, IS-IS packet sending is permitted on all interfaces.
The silent-interface command just suppresses IS-IS packet sending. However,
these IS-IS packets can still be sent on other interfaces.
Example
# Prohibit IS-IS packet sending on Vlan-interface 3.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] silent-interface Vlan-interface 3
4-32
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
4.1.38 spf-delay-interval
Syntax
spf-delay-interval number
undo spf-delay-interval
View
IS-IS view
Parameter
number: Interval of releasing CPU during routing calculation, in the range of 1,000
routes to 50,000 routes. It is 5,000 routes by default.
Description
Use the spf-delay-interval command to set the interval of releasing CPU during SPF
calculation.
Use the undo spf-delay-interval command to restore the default value.
When there are two many routes in the routing table, you can use this command to
release CPU automatically after a certain number of routes are processed in order to
prevent the SPF calculation from occupying the system resources for a long time to
affect the response of the console. The unprocessed routes are to be processed in
one second.
You can adjust the number argument according to the size of the routing table. If the
spf-slice-size command is configured at the same time, the SPF calculation will be
paused if the SPF calculation matches any of the setting.
By default, CPU is released when every 5,000 routes are processed.
Related command: spf-slice-size.
Example
# Set IS-IS to release CPU when every 3,000 routes are processed.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] spf-delay-interval 3000
4.1.39 spf-slice-size
Syntax
spf-slice-size seconds
undo spf-slice-size
4-33
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
View
IS-IS view
Parameter
seconds: Duration time in milliseconds during SPF calculation, ranging from 150 to
50,000. A calculation is ended when the duration time is reached or exceeded. If the
second argument is set to 0, then the SPF calculation will continue until it finishes. It is
0 by default.
Description
Use the spf-slice-size command to configure whether the SPF routing calculation is
fragmented and the duration time for each fragment.
Use the undo spf-slice-size command to resume the default configuration.
When there are too many routes in the routing table, you can use this command to
fragment the SPF calculation to avoid taking up the system resources for too long.
You are not recommended to change the default configuration.
If the spf-delay-interval command is configured at the same time, the SPF
calculation will be paused if the SPF calculation matches any of the setting.
Related command: spf-delay-interval.
Example
# Set SPF duration time to one second.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] spf-slice-size 1
4.1.40 summary
Syntax
summary ip-address mask [ level-1 | level-1-2 | level-2 ]
undo summary ip-address mask [ level-1 | level-1-2 | level-2 ]
View
IS-IS view
Parameter
ip-address: Address range to generate summarized routes.
mask: Mask of an aggregate route.
level-1: Specifies to summarize only the routes imported to level-1 area.
4-34
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
level-1-2: Specifies to summarize all the routes imported to level-1 area and
backbone area.
level-2: Specifies to summarize only the routes imported to backbone area.
If none of the level-1 keyword, level-2 keyword, and level-1-2 keyword is specified,
the routes imported to backbone area are summarized.
Description
Use the summary command to configure IS-IS to generate summarized routes.
Use the undo summary command to disable summary.
No route is summarized by default.
You can summarize the routes having the same next hop into one to reduce the
routing table size, as well as the LSP and LSDB generated by the router. It is possible
to summarize native IS-IS routes and imported routes. After summarization, the route
cost is the minimum cost of those summarized routes.
Example
# Set an aggregate route 202.0.0.0/8.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] summary 202.0.0.0 255.0.0.0
4.1.41 timer lsp-max-age
Syntax
timer lsp-max-age seconds
undo timer lsp-max-age
View
IS-IS view
Parameter
seconds: Maximum valid time of a LSP, in the range of 1 to 65,535 in seconds. It is
1,200 seconds by default.
Description
Use the timer lsp-max-age command to set the maximum valid time of the LSPs
generated on the current router.
Use the undo timer lsp-max-age command to restore the default setting.
4-35
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
When the router generates system LSPs, the LSPs are generated with the maximum
valid time in them. When a LSP is received by other routers, the maximum valid time
will be smaller and smaller. If the maximum valid time decreases to 0, this LSP will be
removed from LSDB.
Related command: timer lsp-refresh.
Example
# Set the maximum valid time of the LSPs generated by the current system to 25
minutes, namely, 1,500 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] timer lsp-max-age 1500
4.1.42 timer lsp-refresh
Syntax
timer lsp-refresh seconds
undo timer lsp-refresh
View
IS-IS view
Parameter
seconds: LSP updating period in seconds, ranging from 1 to 65,535. It is 900 seconds
by default.
Description
Use the timer lsp-refresh command to set LSP updating period.
Use the undo timer lsp-refresh to resume the default configuration.
You can keep LSP in synchronization for the whole area with this mechanism.
Related command: timer lsp-max-age.
Example
# Set the updating period to 1,500 seconds for the current system LSP.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] timer lsp-refresh 1500
4-36
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 4 Integrated IS-IS Configuration Commands
4.1.43 timer spf
Syntax
timer spf seconds [ level-1 | level-2 ]
undo timer spf [ level-1 | level-2 ]
View
IS-IS view
Parameter
seconds: Maximum time interval (in seconds) for SPF calculation, ranging from 1 to
120, with the default as 10.
level-1: Specifies to set the time interval for only Level-1 SPF calculation.
level-2: Specifies to set the time interval for only Level-2 SPF calculation.
If neither the level-1 keyword nor the level-2 keyword is specified, the interval of both
level-1 SPF calculation and the level-2 SPF calculation are set.
Description
Use the timer spf command to set the time interval for SPF calculation.
Use the undo timer spf command to resume the default configuration.
In the IS-IS protocol, the short path must be calculated again when the LSDB changes.
If the SPF calculation is performed frequently, plenty of system resources will be
occupied and the router efficiency will be affected. Comparatively, performing SPF
calculation periodically can improve the efficiency. You can set the time interval of
performing SPF calculation as required.
Example
# Set the time interval of performing SPF calculation to three seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] isis
[3Com-isis] timer spf 3
4-37
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Chapter 5 BGP Configuration Commands
Note:
Routers in this manual refer to common routers or Ethernet switches that run routing
protocols, unless otherwise specified.
5.1 BGP Configuration Commands
Note:
For the commands defining routing policies in BGP, refer to the next chapter “IP
Routing Policy Configuration Commands".
5.1.1 aggregate
Syntax
aggregate ip-address
mask [ as-set | attribute-policy route-policy-name |
detail-suppressed
origin-policy
|
route-policy-name
|
suppress-policy
route-policy-name ]*
undo aggregate ip-address mask [ as-set | attribute-policy route-policy-name |
detail-suppressed
|
origin-policy
route-policy-name
|
suppress-policy
route-policy-name ]*
View
BGP view
Parameter
ip-address: Address of the aggregated route.
mask: Network mask of the aggregated route.
as-set: Creates a route with segment of AS_SET.
detail-suppressed: Only advertises the aggregated route.
suppress-policy route-policy-name: Suppresses the specific route selected.
5-1
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
origin-policy route-policy-name: Selects the original routes used for aggregation.
attribute-policy route-policy-name: Sets the attributes of the aggregated route. The
length of route-policy-name parameter ranges from 1 to 16 character string.
Description
Use the aggregate command to establish an aggregated record in the BGP routing
table.
Use the undo aggregate command to disable the function.
By default, there is no route aggregation.
The keywords are explained as follows:
Table 5-1 Description on keywords of the aggregate command
keywords
Description
as-set
Used to produce an aggregated route whose AS path
information includes detailed routes. Use this keyword carefully
when many AS paths need to be aggregated, for frequent
change of routes may lead to route vibration.
detail-suppress
ed
This keyword does not establish any aggregated route, but it
restrains the advertisement of all the specific routes. If only some
specific routes are to be restrained, use the peer filter-policy
command carefully.
suppress-policy
Create an aggregated route with this keyword, at the same time,
the advertisement of the specified route is restrained. If you want
to restrain some specific routes selectively and leaves other
routes still being advertised, use the if-match sub-statement of
the route-policy command.
origin-policy
This keyword is used to select only the specific routes in
accordance with the route-policy to create an aggregated route.
attribute-policy
This keyword is used to set attributes of the aggregated route.
The same work can be done by using peer route-policy, etc.
Example
# Create an aggregated route in BGP routing table.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] aggregate 192.213.0.0 255.255.0.0
5-2
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
5.1.2 bgp
Syntax
bgp as-number
undo bgp [ as-number ]
View
System view
Parameter
as-number: Specified local AS number, in the range of 1 to 65535.
Description
Use the bgp command to enable BGP and enter the BGP view.
Use the undo bgp command to disable BGP.
By default, the BGP is disabled.
This command is used to enable/disable BGP and specify the local AS number of
BGP.
Example
# Enable BGP.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp]
5.1.3 balance
Syntax
balance num
undo balance
View
BGP view
Parameter
num: Number of BGP routes used for load balance. This argument ranges from 1 to 4.
Value 1 means the system does not adopt load balance.
Description
Use the balance command to configure BGP load balance.
5-3
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Use the undo balance command to cancel the load balance configuration.
Example
# Configure BGP load balance.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] balance
2
5.1.4 compare-different-as-med
Syntax
compare-different-as-med
undo compare-different-as-med
View
BGP view
Parameter
None
Description
Use the compare-different-as-med command to enable comparison of MED values
from different AS neighboring routes when determining the best route.
Use the undo compare-different-as-med command to disable the comparison.
By default, it is not allowed to compare the MED attribute values from the routing
paths of different AS peers.
If there are several routes available to one destination address, the route with a
smaller MED can be selected as the final route.
Do not use this command unless it is determined that the same IGP and routing
selection mode are adopted by different autonomous systems.
Example
# Enable comparison of MED values from different AS neighboring routes.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] compare-different-as-med
5-4
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
5.1.5 confederation id
Syntax
confederation id as-number
undo confederation id
View
BGP view
Parameter
as-number: The ID of BGP AS confederation. It is equal to the AS number which
contains the AS numbers of multiple sub-ASs. The range is 1 to 65535.
Description
Use the confederation id command to configure confederation identifier.
Use the undo confederation id command to cancel the BGP confederation specified
by the as-number argument.
By default, no confederation ID is configured.
Confederation can be adopted to solve the problem of too many IBGP full connections
in a large AS domain. The solution is, first dividing the AS domain into several smaller
sub-ASs, and each sub-ASs remains full-connected. These sub-ASs form a
confederation. Key BGP attributes of the route, such as next hop, MED, local
preference, are not discarded across each sub-ASs. The sub-ASs still look like a
whole from the point of view of a confederation although these sub-ASs have EBGP
relations. This can assure the integrality of the former AS domain, and ease the
problem of too many connections in the domain
Related command: confederation nonstandard, confederation peer-as.
Example
# Confederation 9 consists of four sub-ASs, namely, 38, 39, 40, and 41. Here, the
peer 10.1.1.1 is an internal member of the AS confederation while the peer 200.1.1.1
is an external member of the AS confederation. For external members, Confederation
9 is a unified AS domain. The following gives an example of the configuration of AS
41.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 41
[3Com-bgp] confederation id 9
[3Com-bgp] confederation peer-as 38 39 40
[3Com-bgp] group Confed38 external
[3Com-bgp] peer Confed38 as-number 38
5-5
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
[3Com-bgp] peer 10.1.1.1 group Confed 38
[3Com-bgp] group Remote98 external
[3Com-bgp] peer Remote98 as-number 98
[3Com-bgp] peer 200.1.1.1 group Remote98
5.1.6 confederation nonstandard
Syntax
confederation { nonstandard | standard1965 | standard3065 }
undo confederation { nonstandard | standard1965 | standard3065 }
View
BGP view.
Parameter
None
Description
Use the confederation { nonstandard | standard1965 | standard3065 } command
to configure the standard type of confederation.
Use the undo confederation { nonstandard | standard1965 | standard3065 }
command to cancel the configuration.
By default, the configured confederations are in compliance with RFC1965.
For the communication with nonstandard devices, you must execute the
confederation nonstandard command on all the 3Com routers in the confederation.
Related command: confederation id and confederation peer-as.
Example
# AS100 contains routers following nonstandard, which is composed of two sub-ASs,
64000 and 65000.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 64000
[3Com-bgp] confederation id 100
[3Com-bgp] confederation peer-as 65000
[3Com-bgp] confederation nonstandard
5.1.7 confederation peer-as
Syntax
confederation peer-as as-number-list
5-6
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
undo confederation peer-as [ as-number-list ]
View
BGP view
Parameter
as-number-list: List of sub-AS numbers. A maximum of 32 sub-ASs can be configured
for a confederation in the command.
Description
Use the confederation peer-as command to configure a confederation consisting of
which Sub-ASs.
Use the undo confederation peer-as command to delete the specified Sub-AS in
the confederation.
By default, no autonomous system is configured as a member of the confederation.
Before this command is performed, the confederation ID should be configured by
using the confederation id command. Otherwise this configuration is invalid. The
configured ASs in this command are inside the confederation and each AS uses fully
meshed network. The confederation appears as a single AS to the routers outside it.
Related command: confederation nonstandard and confederation id.
Example
# Configure the confederation contains AS 2001 and 2002.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] confederation peer-as 2000 2001
5.1.8 dampening
Syntax
dampening [ half-life-reachable half-life-unreachable reuse suppress ceiling ]
[ route-policy route-policy-name ]
undo dampening
View
BGP view
Parameter
half-life-reachable: Semi-dampening of a reachable route, in the range of 1 to 45
minutes. The default value is 15 minutes.
5-7
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
half-life-unreachable: Semi-dampening of an unreachable, in the range of 1 to 45
minutes. The default value is 15 minutes.
reuse: Threshold for disabling route suppression. When the penalty value is below
this threshold, the route will be reused. The range is 1 to 20000. The default value is
750.
suppress: Threshold for enabling route suppression. When the penalty value is above
the threshold, the route is suppressed. The range is 1 to 20000. The default value is
2000.
ceiling: Upper penalty threshold, that is, the penalty value stops increasing when it
reaches the upper threshold. The range is 1001 to 20000. The default value is 16000.
route-policy-name: Name of a route policy, in the range of 1 to 19 characters.
If no value is specified for the arguments, their default values will take effect. The
half-life-reachable, half-life-unreachable, reuse, suppress, and ceiling arguments are
independent of each other.. Therefore, if you specify a value for any of these
arguments, you must specify a value for all the others.
Description
Use the dampening command to make BGP route attenuation valid or modify various
BGP route attenuation parameters.
Use the undo dampening command to make the characteristics invalid.
By default, no route attenuation is configured.
Related command: reset bgp dampening, reset bgp flap-info, display bgp
routing-table dampened, and display bgp routing-table flap-info.
Example
#Configure BGP route dampening parameters.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] dampening 15 15 1000 2000 10000
5.1.9 default local-preference
Syntax
default local-preference value
undo default local-preference
View
BGP view
5-8
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Parameter
value: Default local preference to be configured. The range is 0 to 4294967295. By
default, its value is 100.
Description
Use the default local-preference command to configure the default local preference.
Use the undo default local-preference command to restore the default value.
Configuring different local preferences will affect BGP routing selection.
Example
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] default local-preference 180
5.1.10 default med
Syntax
default med med-value
undo default med
View
BGP view/BGP multicast address family view
Parameter
med-value: Specified MED value, in the range of 0 to 4294967295. The default
med-value is “0”.
Description
Use the default med command to configure the default MED value of the system.
Use the undo default med command to restore the default MED value of the system.
The multi-exit discriminator (MED) is an external route metric. Different from the local
preference, the MED is exchanged between autonomous systems. After the MED
enters an autonomous system, it will not be sent out of this autonomous system. The
MED attribute is used to select the optimal route, that is, the route with a smaller MED
value is selected. When a router running the BGP obtains routes with the same
destination address but different next hops through different external peers, the route
selection will be based on the MED value. In the case that all other conditions are the
same, the system first selects the route with the smaller MED value as an external
route of the autonomous system.
5-9
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Example
# Set the MED value to “25”..
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com-bgp] default med 25
5.1.11 display bgp group
Syntax
display bgp [ multicast ] group [ group-name ]
View
Any view
Parameter
multicast: Specifies multicast address family.
group-name: Name of a peer group, a string of 1 to 47 alphanumeric characters.
Description
Use the display bgp group command to view the information of peer groups.
Example
# View the information of the peer group aaa.
<3Com> display bgp group aaa
Group : aaa
type : external
as-number : 200
members in this group :
10.1.1.1
11.1.1.1
configuration within the group :
no export policy route-policy
no export policy filter-policy
no export policy acl
no export policy ip-prefix
no import policy route-policy
no import policy filter-policy
no import policy acl
no import policy ip-prefix
no default route produce
5-10
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Table 5-2 Description on fields of the display bgp group command
Field
Description
Group
Name of peer group
type
Type of peer group: IBGP or EBGP
as-number
AS number of peer group
members in this group
Members in this peer group
route-policy
Name of configured route policy
filter-policy
Configured export and import route filter for BGP
acl
Configured access control list
ip-prefix
Configured IP address prefix list
default route produce
Whether or not to advertise default routing information
5.1.12 display bgp network
Syntax
display bgp [ multicast ] network
View
Any view
Parameter
multicast: Specifies multicast address family.
Description
Use the display bgp network command to view the routing information that has been
configured.
Example
# Display the routing information that has been configured.
<3Com> display bgp network
Network
Mask
Route-policy
--------------------------------------------------------168.10.24.0
255.255.255.0
None
10.0.0.0
255.0.0.0
None
5-11
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Table 5-3 Description on fields of the display bgp network command
Field
Description
Network
Network address
Mask
Mask
Route-policy
Configured route policy
5.1.13 display bgp paths
Syntax
display bgp paths as-regular-expression
View
Any view
Parameter
as-regular-expression: Matched AS path regular expression.
Description
Use the display bgp paths command to view the information about AS paths
Example
# Display the information about the AS paths.
<3Com> display bgp paths 500
Id
Hash-index References Aggregator Origin As-Path
--------------------------------------------------153 80
100
IGP
500 {500,400,600}
Table 5-4 Description on fields of the display bgp paths command
Field
Description
Id
Value of sequence number
Hash-Index
Value of Hash-index
References
Number of routes with reference
Aggregator
Mask length of aggregate route
Origin
Origin attribute of route, which indicates that the route updates its
origin relative to the route originating it from AS. It has three
optional values:
IGP
The route belongs to inside of AS. BGP treats aggregate
route and the route defined by the command network as
inside of AS, and origin type as IGP.
5-12
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Field
Description
EGP
The route is learned from exterior gateway protocol
(EGP).
INC
Short for INCOMPLETE: indicates that the original
source of the route information is unknown (learned by
other methods). BGP sets the origin of the route
imported through other IGP protocols as INCOMPLETE
AS-path attribute of route, which records all AS areas that the
route passes. With it, route loop can be avoided
As-path
5.1.14 display bgp peer
Syntax
display bgp [ multicast ] peer [ ip-address [ verbose ] ]
display bgp [ multicast ] peer [ verbose ]
View
Any view
Parameter
multicast: Specifies multicast address family.
ip-address: IP address of the peer to be displayed.
verbose: Displays detailed information of the specified peer.
Description
Use the display bgp peer command to display the information about the specified
BGP peer.
Example
# Display detailed information of the peer 10.110.25.20.
<3Com> display bgp peer 10.110.25.20 verbose
Peer: 10.110.25.20 Local: Unspecified
Type: External
State: Idle
Flags:
Last State: NoState
Last Event: NoEvent
Last Error: None
Options: <>
Configuration within the peer :
no export policy route-policy
5-13
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
no export policy ip-prefix
no export policy filter-policy
no export policy acl
no import policy route-policy
no import policy ip-prefix
no import policy filter-policy
no import policy acl
no default route produce
Table 5-5 Description on fields of the display bgp peer command
Field
Description
Peer
IP address of peer and port number used by the peer to establish TCP
connection
Local
IP address and port number used to establish TCP connection of local
end
Type
Type of peer: Internal for IBGP, and External for EBGP
State
State of peer
Flags
Flags of peer
Last State
Last state before entering current state
Last Event
Last event of neighbor state machine
Last Error
Last error of neighbor state machine
Options
Options
5.1.15 display bgp routing-table
Syntax
display bgp [ multicast ] routing-table [ ip-address [ mask ] ]
View
Any view
Parameter
multicast: Specifies multicast address family.
ip-address: Destination of the network.
mask: Mask of the network.
5-14
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Description
Use the display bgp routing-table command to display all the BGP routing
information.
Example
# Display all the BGP routing information.
<3Com> display bgp routing-table
Flags:
# - valid
^ - active
I - internal
D - damped
H - history
S - aggregate suppressed
Dest/Mask
Next-hop
Med
Local-pref Origin As-path
----------------------------------------------------------------------#^
129.1.1.0/24
5.5.5.5
IGP
600
#^
129.1.2.0/24
5.5.5.5
IGP
600
#^
129.1.3.0/24
5.5.5.5
IGP
600
#^
129.1.4.0/24
5.5.5.5
IGP
600
#^
129.1.5.0/24
5.5.5.5
IGP
600
#^
129.1.6.0/24
5.5.5.5
IGP
600
#^
129.1.7.0/24
5.5.5.5
IGP
600
#^
129.1.8.0/24
5.5.5.5
IGP
600
#^
129.1.9.0/24
5.5.5.5
IGP
600
#^
129.1.10.0/24
5.5.5.5
IGP
600
Routes total: 10
Table 5-6 Description on fields of the display bgp routing-table command
Field
Description
Status code:
# – valid (valid route)
^ – active (selected optimal route)
Flags
I – internal (IBGP route)
D – damped (attenuation dampened)
H – history (history record)
S – aggregate suppressed (aggregation suppressed)
Dest/Mask
Destination address/mask
Next Hop
IP address of the next hop
Med
Value of the MULTI_EXIT_DISC attribute, which ranges from 0 to
4294967295
Local-Pref
Local preference, which ranges from 0 to 4294967295
5-15
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Field
Description
Origin attribute of a route, which indicates that the route updates its
origin relative to the route originating it from the AS. It has three
optional values:
IGP
The route is inside the AS. BGP treats the aggregation
route and the route defined by the network command
inside AS, and the origin type as IGP.
EGP
The route is learned from exterior gateway protocol (EGP).
INC
Short for INCOMPLETE: indicates that the original source
of the route information is unknown (learned by other
methods). BGP sets the origin of the route imported
through other IGP protocols as INCOMPLETE
Origin
AS-path attribute of a route, which records all AS areas that the
route passes to void route loop.
As-path
5.1.16 display bgp routing-table as-path-acl
Syntax
display bgp [ multicast ] routing-table as-path-acl acl-number
View
Any view
Parameter
acl-number: Matched AS path list number, in the range of 1 to 199.
multicast: Specifies multicast address family.
Description
Use the display bgp routing-table as-path-acl command to view routes that match
an as-path acl.
Example
# Display routes that match as-path-acl 1.
<3Com> display bgp routing-table as-path-acl 1
Flags:
# - valid
^ - active
I - internal
D - damped
H - history
S - aggregate suppressed
Dest/Mask
Next-Hop
Med
Local-pref
Origin
As-path
-------------------------------------------------------------------#^ 1.1.1.0/24
10.10.10.1
0
IGP
200
#^ 1.1.2.0/24
10.10.10.1
0
IGP
200
5-16
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
#^ 1.1.3.0/24
10.10.10.1
0
IGP
200
#^ 2.2.3.0/24
10.10.10.1
0
INC
200
#^ 4.4.4.0/24
10.10.10.1
0
INC
200
#^ 9.9.9.0/24
10.10.10.1
0
INC
200
#^ 10.10.10.0/24
10.10.10.1
0
IGP
200
#^
22.1.0.0/16
200.1.7.2
100
INC
200
#
88.1.0.0/16
60
0.0.0.0
IGP
Table 5-7 Description on fields of the display bgp routing-table as-path-acl
command
Field
Description
Dest/Mask
Destination address/Mask
Pref
Preference
Nexthop
IP address of next hop
Med
MULTI_EXIT_DISC attribute value
Local-pref
Local preference
Origin attribute of route, which indicates that the route updates its
origin relative to the route originating it from AS. It has three optional
values:
IGP
The route belongs to inside of AS. BGP treats aggregate
route and the route defined by the command network as
inside of AS, and origin type as IGP.
EGP
The route is learned from exterior gateway protocol (EGP).
INC
Short for INCOMPLETE: indicates that the original source
of the route information is unknown (learned by other
methods). BGP sets the origin of the route imported
through other IGP protocols as INCOMPLETE
Origin
As-path
AS-path attribute of route, which records all AS areas that the route
passes. With it, route loop can be avoided
5.1.17 display bgp routing-table cidr
Syntax
display bgp [ multicast ] routing-table cidr
View
Any view
Parameter
multicast: Specifies multicast address family.
5-17
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Description
Use the display bgp routing-table cidr command to view the routing information
about the non-natural mask (namely the classless inter-domain routing, CIDR).
Example
<3Com> display bgp routing-table cidr
Flags:
# - valid
^ - active
I - internal
D - damped
H - history
S - aggregate suppressed
Dest/Mask
Next-Hop
Med
Local-pref
Origin
As-path
------------------------------------------------------------------------#^
22.1.0.0/16
200.1.7.2
30
#
88.1.0.0/16
0.0.0.0
30
100
INC
200
IGP
For detailed description of the fields in the output information, see Table 5-6.
5.1.18 display bgp routing-table community
Syntax
display bgp [ multicast ] routing-table community [ aa:nn | no-export-subconfed
| no-advertise | no-export ]* [ whole-match ]
View
Any view
Parameter
multicast: Specifies multicast address family.
aa:nn: Community number.
no-export-subconfed: Specifies not to export a route to the outside of the local AS or
to other sub-ASs in the confederation after the route is received.
no-advertise: Specifies not to advertise a route to other BGP peers after the route is
received.
no-export: Specifies not to export a route to the outside of the local AS after the route
is received. If the confederation is used, the router cannot be exported to the outside
of the confederation, but can be exported to other sub-ASs in the confederation.
whole-match: Displays the exactly matched routes.
5-18
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Description
Use the display bgp routing-table community command to view the routing
information related to the specified BGP community number in the routing table.
Example
# Display the routing information matching BGP community number 11:22.
<3Com> display bgp routing-table community 11:22
Flags:
# - valid
^ - active
I - internal
D - damped
H - history
S - aggregate suppressed
Dest/Mask
Next-Hop
Med
Local-pref
Origin
As-path
------------------------------------------------------------------#^
1.0.0.0/8
172.10.0.2
100
IGP
#^
2.0.0.0/8
172.10.0.2
100
IGP
For detailed description of the fields in the output information, see Table 5-6.
5.1.19 display bgp routing-table community-list
Syntax
display bgp [ multicast ] routing-table community-list community-list-number
[ whole-match ]
View
Any view
Parameter
multicast: Specifies multicast address family.
community-list-number: Community list number, in the range of 1 to 999.
whole-match: Displays the exactly matched routes.
Description
Use the display bgp routing-table community-list command to view the routing
information matching the specified BGP community list.
Example
# Display the routing information matching BGP community list 1.
<3Com> display bgp routing-table community-list 1
Flags:
# - valid
^ - active
I - internal
D - damped
H - history
S - aggregate suppressed
5-19
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Destination/Mask
Chapter 5 BGP Configuration Commands
Next-hop
Med
Local-Pref
Origin
As-Path
------------------------------------------------------------------1.1.1.0/24
10.10.10.1
0
IGP
200
1.1.2.0/24
10.10.10.1
0
IGP
200
1.1.3.0/24
10.10.10.1
0
IGP
200
2.2.3.0/24
10.10.10.1
0
INC
200
4.4.4.0/24
10.10.10.1
0
INC
200
9.9.9.0/24
10.10.10.1
0
INC
200
10.10.10.0/24
10.10.10.2
0
IGP
10.10.10.0/24
10.10.10.1
0
IGP
200
For detailed description of the fields in the output information, see Table 5-6.
5.1.20 display bgp routing-table dampened
Syntax
display bgp routing-table dampened
View
Any view
Parameter
None
Description
Use the display bgp routing-table dampened command to display BGP dampened
routes.
Example
# Display BGP dampened routes.
<3Com> display bgp routing-table dampened
Flags:
# - valid
^ - active
I - internal
D - damped
H - history
S - aggregate suppressed
Dest/Mask
Source
Damping-limit
Origin
As-path
----------------------------------------------------------------#D
11.1.0.0
133.1.1.2
1:20:00
5-20
IGP
200
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Table 5-8 Description on the fields of the display bgp routing-table dampened
command
Field
Description
Status code:
# – valid (valid route)
^ – active (optimal route selected)
Flags
I – internal (IBGP route)
D – damped
H – history
S – aggregate suppressed
B – balance (load balance)
#D
Valid and dampened route
Dest/Mask
The route to this network segment is dampened.
Source
Next hop of the route
Damping-limit
Time when damping is invalid, that is, time when the route can be
reused.
The ORIGIN attribute of the route, which indicates the routing update
origination of the route relative to the AS the route sourced from. It can
be one of the three value:
IGP
This is an AS interior route. BGP regards both aggregated
routes and routes defined by the network command as AS
interior routes and set their origin type to IGP.
EGP
This route is learned from EGP (exterior gateway protocol).
INC
INCOMPLETE: indicates the route is obtained from an
unknown source (that is, learned from a different source). BGP
set the origin of the routes imported from other IGP protocols to
INCOMPLETE
Origin
As-path
AS_PATH attribute of the route, which records all the ASs the route
passes through and can be used to avoid route ring.
5.1.21 display bgp routing-table different-origin-as
Syntax
Display bgp [ multicast ] routing-table different-origin-as
View
Any view
Parameter
multicast: Specifies multicast address family.
5-21
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Description
Use the display bgp routing-table different-origin-as command to display routes
that have different source autonomous systems.
Example
# Display the routes that have different source ASs.
<3Com> display bgp routing-table different-origin-as
Flags:
# - valid
^ - active
I - internal
D - damped
H - history
S - aggregate suppressed
Destination/Mask
Next-hop
Med
Local-Pref
Origin
As-Path
-----------------------------------------------------------------------10.10.10.0/24
10.10.10.2
0
IGP
10.10.10.0/24
10.10.10.1
0
IGP
200
For detailed description of the fields in the output information, see Table 5-6.
5.1.22 display bgp routing-table flap-info
Syntax
display bgp routing-table flap-info [ { regular-expression as-regular-expression } |
{ as-path-acl acl-number } | { network-address [ mask [ longer-match ] ] } ]
View
Any view
Parameter
as-regular-expression: Route flap-info matching AS path regular expression.
acl-number: Number of the specified AS path to be matched, in the range of 1 to 199.
network-address: Network IP address related to the dampening information to be
shown
mask: Network mask.
longer-match: Displays the flap-info of the route that has a mask longer than that
specified by the network-address mask argument.
Description
Use the display bgp routing-table flap-info command to view BGP flap-info.
Example
# Display BGP flap-info.
5-22
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
<3Com> display bgp routing-table flap-info
Flags:
# - valid
^ - active
I - internal
D - damped
H - history
S - aggregate suppressed
Dest/Mask
Source
Keepup-time
Damping-limit
Flap-times
Origin
As-path
-------------------------------------------------------------------#D
11.1.0.0/16 133.1.1.2
48
1:20:30
4
IGP
200
Table 5-9 Description on fields of the display bgp routing-table flap-info command
Field
Description
State flags:
# – valid (valid)
^ – active (selected)
Flags
D – damped (discarded)
H – history (history)
I – internal (interior gateway protocol)
S – aggregate suppressed (suppressed)
B – balance (load balance)
#D
The valid and damped route
Dest/Mask
The dampened route to the destination network 11.1.0.0
Source
The nexthop of the route
Keepup-time
The time that route damping has continued
Damping-limi
t
The time before dampening turns invalid and the route can be
reused.
Flap-times
The times of the route flap
Origin attribute of route, which indicates that the route updates its
origin relative to the route originating it from AS. It has three optional
values:
IGP
The route belongs to inside of AS. BGP treats aggregate
route and the route defined by the command network as
inside of AS, and origin type as IGP.
EGP
The route is learned from exterior gateway protocol (EGP).
INC
Short for INCOMPLETE: indicates that the original source
of the route information is unknown (learned by other
methods). BGP sets the origin of the route imported through
other IGP protocols as INCOMPLETE
Origin
As-path
AS-path attribute of route, which records all AS areas that the route
passes. With it, route loop can be avoided
5-23
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
5.1.23 display bgp routing-table peer
Syntax
display bgp [ multicast ] routing-table peer ip-address { advertised | received }
[ network-address [ mask ] | statistic ]
View
Any view
Parameter
multicast: Specifies multicast address family.
ip -address: Specifies the peer to be displayed.
advertised: Routing information advertised by the specified peer.
received: Routing information the specified peer received.
network-address mask : IP address and address mask of destination network.
statistic: Statistic routing information of peer.
Description
Use the display bgp routing-table peer command to view the routing information
the specified BGP peer advertised or received.
Example
# Display the routing information advertised by BGP peer 1.1.1.2.
<3Com> display bgp routing table peer 1.1.1.2 advertised
Dest/Mask
Next-hop
Med
Local-pref
Origin As-path
------------------------------------------------------------------------Appendant Flags: @ - Queued
1.1.1.0/24
1.1.1.1
0
100
INC
Here, Appendant Flags indicates the appended flag, @ the route to be sent, ! the
reachable route, and ~ to cancel route. For detailed description of the fields in the
output information, see Table 5-6.
5.1.24 display bgp routing-table regular-expression
Syntax
display bgp [ multicast ] routing-table regular-expression as-regular-expression
View
Any view
5-24
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Parameter
multicast: Specifies multicast address family.
as-regular-expression: Matched AS regular expression.
Description
Use the display bgp routing-table regular-expression command to view the
routing information matching the specified AS regular expression
Example
# Display the routing information matched with ^200$.
<3Com> display bgp routing-table regular-expression ^200$
Flags:
# - valid
^ - active
I - internal
D - damped
H - history
S - aggregate suppressed
Dest/Mask
Next-hop
Med
Local-Pref
Origin AS-Path
-------------------------------------------------------------------1.1.1.0/24
10.10.10.1
0
IGP
200
1.1.2.0/24
10.10.10.1
0
IGP
200
1.1.3.0/24
10.10.10.1
0
IGP
200
2.2.3.0/24
10.10.10.1
0
INC
200
4.4.4.0/24
10.10.10.1
0
IGP
200
9.9.9.0/24
10.10.10.1
0
INC
200
10.10.10.0/24
10.10.10.1
0
IGP
200
For detailed description of the fields in the output information, see Table 5-6.
5.1.25 display bgp routing-table statistic
Syntax
display bgp [ multicast ] routing-table statistic
View
Any view
Parameter
multicast: Specifies multicast address family.
Description
Use the display bgp routing-table statistic command to view the statistics of BGP
routing information.
5-25
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Example
# Display the statistics of BGP routing information.
<3Com> display bgp routing-table statistic
Routes total: 4
5.1.26 filter-policy export
Syntax
filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol [ process-id ] ]
undo filter-policy { acl-number | ip-prefix ip-prefix-name } export [ protocol
[ process-id ] ]
View
BGP view
Parameter
acl-number: Number of IP access control list.
ip-prefix-name: Name of ip prefix list, containing 1 to 19 characters.
protocol: Routing protocol, specifying a protocol whose routing information is filtered.
Currently, the routing protocols includes direct, ospf, ospf-ase, ospf-nssa, rip, isis,
and static.
process-id: Routing protocol process ID, in the range of 1 to 65535. This argument is
valid only when the protocol is ospf.
Description
Use the filter-policy export command to filter the advertised routes and only the
routes passing the filter can be advertised by BGP.
Use the undo filter-policy export command to cancel the filtration to the advertised
routes.
By default, filtration to the received routing information is not configured.
If a value is specified for the protocol argument, only the imported route generated by
the specified protocol is filtered and the imported routes generated by other protocols
are not affected. If no value is specified for the protocol argument, the imported route
generated by any protocol will be filtered.
Example
# Use ACL 2000 to filter the routing information advertised by BGP.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bpg 100
5-26
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
[3Com-bgp] filter-policy 2000 export
5.1.27 filter-policy import
Syntax
filter-policy gateway ip-prefix-name import
undo filter-policy gateway ip-prefix-name import
filter-policy { acl-number | ip-prefix ip-prefix-name } import
undo filter-policy { acl-number | ip-prefix ip-prefix-name } import
View
BGP view
Parameter
acl-number: Number of IP access control list, in the range of 2000 to 3999.
ip-prefix-name: Name of address prefix list, containing 1 to 19 characters.
Description
Use the filter-policy gateway import command to filter the learned routing
information advertised by the peer with the specified address.
Use the undo filter-policy gateway import command to cancel the filtration to the
routing information advertised by the peer with specified address.
Use the filter-policy import command to filter the received global routing information.
Use the undo filter-policy import command to remove the filtration to the received
global routing information.
By default, filtration to the received routing information is not configured.
This command can be used to filter the routes received by BGP and determines
whether to add the routes to the BGP routing table.
Example
# Use ACL 2000 to filter all imported BGP routes.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] filter-policy 2000 import
5.1.28 group
Syntax
group group-name [ internal | external ]
5-27
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
undo group group-name
View
BGP view
Parameter
group-name: Name of the peer group, an alphanumeric string of 1 to 47 characters. It
means only locally.
internal: Creates an IBGP peer group.
external: Creates an EBGP peer group, including other sub-ASs in the confederation.
Description
Use the group group-name command to configure a peer group.
Use the undo group group-name command to cancel the configuration.
If no parameter is specified with the group command, an IBGP peer group is created.
The basic configurations of members in a peer group must be the same as those of
the peer group. The BGP peer cannot exist independently, and it must belong to a
peer group. Therefore, when configuring a BGP peer, create a peer group first and
then add the BGP peer to the group.
Routing update policies of peer members must be the same as those of the peer
group. However, entry policies can be different.
Example
# Create a BGP group named test.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] group test
5.1.29 import-route
Syntax
import-route
protocol
[
process-id
route-policy-name ]*
undo import-route protocol
View
BGP view
5-28
]
[
med
med-value
|
route-policy
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Parameter
protocol: Source routing protocols which can be imported, including direct, ospf,
ospf-ase, ospf-nssa, rip, isis and static at present.
process-id: Specific process ID, in the range of 1 to 65535. This argument is valid only
when the protocol argument is “ospf”.
med-value: MED value of an imported route, in the range of 0 to 4294967295.
Route-policy-name: Name of a route policy used for filtering routes generated by
other routing protocols, containing 1 to 19 characters.
med med-value: Specifies the MED value loaded by the imported route.
route-policy route-policy-name: Specifies a route-policy to filter routes before
importing. The route-policy-name argument is an alphanumeric string of 1 to 19
characters.
Description
Use the import-route command to import and advertise routes of other protocols.
Use the undo import-route command to cancel the existing configuration.
By default, BGP does not import and advertise routes of other protocols.
Example
# Import routes of RIP.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] import-route rip
5.1.30 network
Syntax
network network-address [ mask ] [ route-policy route-policy-name ]
undo network network-address [ mask ] [ route-policy route-policy-name ]
View
BGP view
Parameter
network-address: IP address of the destination network segment.
mask: Subnet mask.
Route-policy-name: Route policy used for the advertised route, containing 1 to 19
characters.
5-29
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Description
Use the network command to advertise the network segment route to the BGP
routing table.
Use the undo network command to cancel the existing configuration.
By default, the BGP does not advertise any network segment routes.
Example
# Advertise routes to the network segment 10.0.0.0/16.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] network 10.0.0.0 255.255.0.0
5.1.31 peer advertise-community
Syntax
peer group-name advertise-community
undo peer group-name advertise-community
View
BGP view
Parameter
group-name: Name of a peer group, containing 1 to 47 characters.
Description
Use the peer advertise-community command to enable the transmission of the
community attribute to a peer group.
Use the undo peer advertise-community command to cancel the existing
configuration.
By default, the community attribute is not transmitted to any peer group.
Related command: if-match community-list and apply community.
Example
# Transmit the community attribute to the peer group named test.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test advertise-community
5-30
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
5.1.32 peer allow-as-loop
Syntax
peer { group-name | ip-address } allow-as-loop [ number ]
undo peer { group-name | ip-address } allow-as-loop
View
BGP view
Parameter
group-name: Name of a peer group, containing 1 to 47 characters.
ip-address: IP address of the peer.
number: Times of repeating the local AS number, in the range of 1 to 10.
Description
Use the peer allow-as-loop command to allow the local AS number to appear in the
AS_Path attribute of the received route and configure the repeated times.
Use the undo peer allow-as-loop command to cancel the function.
Related command: display current-configuration, display bgp routing-table peer,
and display bgp routing-table group
Example
# Set the times of repeating the local AS that learns routes from 1.1.1.1 to “2”.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer 1.1.1.1 allow-as-loop 2
5.1.33 peer as-number
Syntax
peer group-name as-number as-number
undo peer group-name as-number
View
BGP view
Parameter
group-name: Name of a peer group, containing 1 to 47 characters.
as-number: AS number of the peer or peer group, in the range of 1 to 65535.
5-31
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Description
Use the peer as-number command to configure the AS number of a peer group.
Use the undo peer as-number command to delete the AS number of a peer group.
By default, no AS number is configured for a peer group.
Example
# Set the AS number for the peer named test to 100.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test as-number 100
5.1.34 peer as-path-acl export
Syntax
peer { group-name | ip-address } as-path-acl acl-number export
undo peer { group-name | ip-address } as-path-acl acl-number export
View
BGP view/BGP multicast address family view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
ip-address: IP address of a peer.
acl-number: AS path ACL number, in the range of 1 to 199.
export: Filter the advertised routes.
Description
Use the peer as-path-acl export command to configure filtering Policy of BGP
advertised routes based on AS path list.
Use the undo peer as-path-acl command to cancel the existing configuration.
By default, no AS path ACL is configured for a peer group.
You can use the peer as-path-acl export command on a peer group. In the peer
as-path-acl export command, the acl-number argument is the AS path list number. It
is configured by using the ip as-path-acl command, instead of the acl command.
Related command: peer as-path-acl import and ip as-path-acl.
Example
# Filter routes exported to the peer group (named test) based on AS path ACL 1.
5-32
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test as-path-acl 1 export
5.1.35 peer as-path-acl import
Syntax
peer { group-name | ip-address } as-path-acl acl-number import
undo peer { group-name | ip-address } as-path-acl acl-number import
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
ip-address: IP address of the peer, in dotted decimal format.
acl-number: AS path list number, in the range of 1 to 199.
import: Applies the AS path list in filtering the received routes.
Description
Use the peer as-path-acl import command to configure filtering Policy of BGP
received routes based on AS path list.
Use the undo peer as-path-acl import command to cancel the existing
configuration.
By default, the peer/peer group has no AS path list.
Related command: peer as-path-acl export and ip as-path-acl
Example
# Apply AS path ACL 1 in the peer group named test to filter BGP received routes.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test as-path-acl 1 import
5.1.36 peer connect-interface
Syntax
peer { group-name | ip-address } connect-interface { interface-type interface-num }
undo peer { group-name | ip-address } connect-interface
5-33
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
ip-address: IP address of the peer.
interface-type interface-num: Interface type and interface number.
Description
Use the peer connect-interface command to specify the source interface of a route
update packet.
Use the undo peer connect-interface command to restore the best source interface.
By default, BGP uses the interface directly connected to the peer as the source
interface of route update packets.
Generally, BGP uses the optimal source interface for route update packets. In order
for the system to be able to send route update packets in the case that this interface is
faulty, you can configure the loopback interface as the source interface of route
update packets.
Example
# Specify the source interface that sends route update packets to the peer group
named test as Loopback 0.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test connect-interface loopback 0
5.1.37 peer default-route-advertise
Syntax
peer group-name default-route-advertise
undo peer group-name default-route-advertise
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
5-34
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Description
Use the peer default-route-advertise command to send the default route to the
peer/peer group.
Use the undo peer default-route-advertise command to cancel the existing
configuration.
By default, the default route is not sent to the peer group.
For this command, no default route needs to exist in the routing table. A default route
is sent unconditionally to a peer/peer group with the next hop as itself.
Example
# Configure a peer group named test to generate a default route.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test default-route-advertise
5.1.38 peer description
Syntax
peer { group-name | ip-address } description description-text
undo peer { group-name | ip-address } description
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
ip-address: IP address of the peer.
description-text: Description information configured, , containing 1 to 79 characters.
Description
Use the peer description command to configure the description information of the
peer/peer group.
Use the undo peer description command to cancel the description information of the
peer/peer group.
By default, no description information is configured for peers/peer group.
You need to create a peer group before you can configure the description of the peer
group.
5-35
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Related command: display current-configuration, display bgp peer, and display
bgp routing-table group.
Example
# Configure the description information of an existing peer group named group1 as
ISP1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer group1 description ISP1
5.1.39 peer ebgp-max-hop
Syntax
peer group-name ebgp-max-hop [ hop-count ]
undo peer group-name ebgp-max-hop
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
hop-count: Maximum hop value, in the range of 1 to 255. By default, the value is 64.
Description
Use the peer ebgp-max-hop command to establish EBGP connection with the peer
on indirectly connected network.
Use the undo peer ebgp-max-hop command to cancel the existing configuration.
By default, it is not allowed to establish any EBGP connection with a peer on an
indirectly connected network.
By setting hop-count, you can also configure the maximum hop value of an EBGP
connection.
Example
# Allow to establishing EBGP connection with the peer group named test indirectly
connected.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test ebgp-max-hop
5-36
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
5.1.40 peer enable
Syntax
peer { group-name | ip-address } enable
undo peer { group-name | ip-address } enable
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
ip-address: IP address of the peer.
Description
Use the peer enable command to enable the specified peer/peer group.
Use the undo peer enable command to disable the specified peer/peer group.
By default, BGP peer/peer group is enabled.
If the specified peer/peer group is disabled, the router will not exchange routing
information with the specified peer/peer group.
Example
# Disable the specified peer 18.10.0.9. After the configuration, the local router does
not exchange BGP routing information with the peer 18.10.0.9..
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer 18.10.0.9 group group1
[3Com-bgp] undo peer 18.10.0.9 enable
5.1.41 peer filter-policy export
Syntax
peer group-name filter-policy acl-number export
undo peer group-name filter-policy acl-number export
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
5-37
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
acl-number: Basic or advanced ACL number, ranging from 2000 to 3999.
export: Applies a filtering policy on advertised routes. It applies to a peer group only.
Description
Use the peer filter-policy export command to configure the filter-policy list of routes
advertised by a peer group.
Use the undo peer filter-policy export command to cancel the existing
configuration.
By default, a peer/peer group has no access control list (acl).
You can configure the peer filter-policy export command on a peer group only.
Related command: acl and peer filter-policy import.
Example
# Configure to filter the routes advertised by the peer group named test by using ACL
2000..
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test filter-policy 2000 export
5.1.42 peer filter-policy import
Syntax
peer { group-name | ip-address } filter-policy acl-number import
undo peer { group-name | ip-address } filter-policy acl-number import
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
ip-address: IP address of the peer, in dotted decimal format.
acl-number: Basic or advanced ACL number, ranging from 2000 to 3999.
Description
Use the peer filter-policy import command to configure the filter-policy list of the
routes received by a peer/peer group.
Use the undo peer filter-policy import command to cancel the existing
configuration.
5-38
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
By default, a peer/peer group has no access control list (acl).
Related command: peer filter-policy export, ip as-path-acl, peer as-path-acl
export and peer as-path-acl import.
Example
# Set the filter-policy list of a peer group test.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test filter-policy 2000 import
5.1.43 peer group
Syntax
peer ip-address group group-name [ as-number as-number ]
undo peer ip-address
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
ip-address: IP address of the peer.
as-number: Peer AS number of the peer/peer group, in the range of 1 to 65535.
Description
Use the peer group command to add a peer to the existing peer group.
Use the undo peer ip-address command to delete a peer.
When adding a peer to a EBGP peer group without AS number, you should also
specify the peer’s AS number. While adding a peer to a IBGP peer group or to a
EBGP peer group with AS number, you need not specify the AS number for the peer.
Example
# Add a peer to the peer group test.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] group test external
[3Com-bgp] peer test as-number 2004
[3Com-bgp] peer 10.1.1.1 group test
5-39
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
5.1.44 peer ip-prefix export
Syntax
peer group-name ip-prefix ip-prefix-name export
undo peer group-name ip-prefix ip-prefix-name export
View
BGP view
Parameter
group-name: Name of peer group, containing 1 to 47 characters.
ip-prefix-name: Name of the specified ip-prefix, containing 1 to 19 characters.
Description
Use the peer ip-prefix export command to configure the route filtering policy of
routes advertised by the peer group based on the ip-prefix.
Use the undo peer ip-prefix export command to cancel the route filtering policy of
the peer/peer group based on the ip-prefix.
By default, the route filtering policy of the peer group is not specified.
Related command: ip ip-prefix, peer ip-prefix import.
Example
# Configure the route filtering policy of the peer group based on the ip-prefix 1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer group1 ip-prefix list1 export
5.1.45 peer ip-prefix import
Syntax
peer { group-name | ip-addess } ip-prefix ip-prefix-name import
undo peer { group-name | ip-addess } ip-prefix ip-prefix-name import
View
BGP view
Parameter
group-name: Name of peer group, containing 1 to 47 characters.
ip-address: IP address of the peer, in dotted decimal format.
5-40
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
ip-prefix-name: Name of the specified ip-prefix, containing 1 to 19 characters.
Description
Use the peer ip-prefix import command to configure the route filtering policy of
routes received by the peer/peer group based on the ip-prefix.
Use the undo peer ip-prefix import command to cancel the route filtering policy of
the peer/peer group based on the ip-prefix.
By default, the route filtering policy of the peer/peer group is not specified.
Related command: ip ip-prefix, peer ip-prefix export.
Example
# Configure the route filtering policy of the peer group based on the ip-prefix 1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer group1 ip-prefix list1 import
5.1.46 peer next-hop-local
Syntax
peer group-name next-hop-local
undo peer group-name next-hop-local
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
Description
Use the peer next-hop-local command to configure the peer group to take its own
address as the next hop when routes are advertised to the peer group..
Use the undo peer next-hop-local command to cancel the existing configuration.
Example
# When BGP distributes the routes to the peer group “test”, it will take its own address
as the next hop.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test next-hop-local
5-41
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
5.1.47 peer password
Syntax
peer { group-name | ip-address } password { cipher | simple } password
undo peer { group-name | ip-address } password
View
BGP view
Parameter
group-name: Name of the peer group, containing 1 to 47 characters.
ip-address: IP address of the peer.
cipher: Displays the configured password in cipher text mode.
simple: Displays the configured password in simple text mode.
password: Password in character string form with 1 to 16 characters when parameter
simple is configured in the command or in the event of inputting the password in
simple text mode but parameter cipher is configured in the command; with 24
characters in the event of inputting the password in cipher text mode when parameter
cipher is configured in the command.
Description
Use the peer password command to configure MD5 authentication for BGP during
TCP connection setup.
Use the undo peer password command to cancel the configuration.
By default, BGP does not perform MD5 authentication when TCP connection is set
up.
Once MD5 authentication is enabled, both parties involved in the authentication must
be configured with identical authentication modes and passwords. Otherwise, TCP
connection will not be set up because of the failed authentication.
This command is used to configure MD5 authentication for the specific peer only
when the peer group to which the peer belongs is not configured with MD5
authentication. Otherwise, the peer should be consistent with the peer group.
Example
# Adopt MD5 authentication on the TCP connection set up between the local router at
10.1.100.1 and the peer router at 10.1.100.2.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer 10.1.100.2 password simple 3Com
5-42
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
# Perform the similar configuration on the peer.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer 10.1.100.1 password simple 3Com
5.1.48 peer public-as-only
Syntax
peer group-name public-as-only
undo peer group-name public-as-only
View
BGP view
Parameter
group-name: Name of a peer group, containing 1 to 47 characters.
Description
Use the peer public-as-only command to configure not to carry the AS number when
transmitting BGP update packets.
Use the undo peer public-as-only command to configure to carry the AS number
when transmitting BGP update packets.
By default, private AS number is carried when transmitting BGP update packets.
Generally, BGP transmits BGP update packets with the AS number (either public AS
number or private AS number). To enable some outbound routers to ignore the AS
number when transmitting update packets, you can configure not to carry the AS
number when transmitting BGP update packets.
Example
# Configure not to carry the private AS number when transmitting BGP update
packets to the peer group named test.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test public-as-only
5.1.49 peer reflect-client
Syntax
peer group-name reflect-client
5-43
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
undo peer group-name reflect-client
View
BGP view
Parameter
group-name: Name of peer group, containing 1 to 47 characters.
Description
Use the peer reflect-client command to configure the local device as a route reflector
and configure a peer/peer group as the route reflector client.
Use the undo peer reflect-client command to cancel the existing configuration.
By default, no route reflector or client is configured.
This command only applies to peer group.
Related command: reflect between-clients, reflector cluster-id.
Example
# Configure the peer group “test” as the route reflector client.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test reflect-client
5.1.50 peer route-policy export
Syntax
peer group-name route-policy route-policy-name export
undo peer group-name route-policy route-policy-name export
View
BGP view
Parameter
group-name: Name of peer group, containing 1 to 47 characters.
route-policy-name: The specified Route-policy. The length of route-policy-name
parameter ranges from 1 to 19 character string.
Description
Use the peer route-policy export command to assign the Route-policy to the routes
advertised to the peer group.
5-44
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Use the undo peer route-policy export command to delete the specified
Route-policy.
By default, the peer/peer group has no Route-policy association.
Related command: peer route-policy import.
Example
# Apply the Route-policy named test-policy to the route advertised from the peer
group named test.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test route-policy test-policy export
5.1.51 peer route-policy import
Syntax
peer { group-name | ip-address } route-policy route-policy-name import
undo peer { group-name | ip-address } route-policy route-policy-name import
View
BGP view
Parameter
group-name: Name of peer group, containing 1 to 47 characters.
ip-address: IP address of the peer, in dotted decimal format.
route-policy-name: Specified Route-policy. The length of route-policy-name
parameter ranges from 1 to 19 character string.
Description
Use the peer route-policy import command to assign the Route-policy to the route
coming from the peer/peer group.
Use the undo peer route-policy import command to delete the specified
Route-policy.
By default, the peer/peer group has no Route-policy association.
The priority of the ingress routing policy configured for the peer is higher than that for
the peer group.
Related command: peer route-policy export.
5-45
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Example
# Apply the Route-policy named test-policy to the route coming from the peer/peer
group test.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test route-policy test-policy import
5.1.52 peer route-update-interval
Syntax
peer group-name route-update-interval seconds
undo peer group-name route-update-interval
View
BGP view
Parameter
group-name: Peer group name, containing 1 to 47 characters.
seconds: Minimum interval at which UPDATE packets are sent. It is in the range of 0
to 600 seconds. By default, the advertisement interval is 5 seconds for internal peer
group and 30 seconds for external peer group.
Description
Use the peer route-update-interval command to configure the interval at which the
same route update packet is sent to the peer group. .
Use the undo peer route-update-interval command to restore the default interval.
Example
# Configure the interval of the BGP peer group “test” sending the route update packet
as 10 seconds.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test route-update-interval 10
5-46
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
5.1.53 peer timer
Syntax
peer { group-name | ip-address } timer keep-alive keepalive-interval hold
holdtime-interval
undo peer { group-name | ip-address } timer
View
BGP view
Parameter
group-name: Name of peer group, containing 1 to 47 characters.
ip-address: IP address of the peer.
Keepalive-interval: Keepalive timer in seconds. It is in the range of 1 to 65535 and
defaults to 60 seconds.
Holdtime-interval: Holdtime timer in seconds. It is in the range of 3 to 65535 and
defaults to 180 seconds.
Description
Use the peer timer command to configure the Keepalive and holdtime timers for a
peer/peer group.
Use the undo peer timer command to restore the default value of the timer.
The timer configured by using this command has a higher priority than the one
configured by using the timer command.
Example
# Configure Keepalive and Holdtime intervals of the peer group “test”.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] peer test timer keep-alive 60 hold 180
5.1.54 preference
Syntax
preference ebgp-value ibgp-value local-value
undo preference
View
BGP view
5-47
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Parameter
ebgp-value: Preference value for EBGP. It is in the range of 1 to 256 and defaults to
256.
ibgp-value: Preference value for IBGP routes. It is in the range of 1 to 256 and
defaults to 256.
local-value: Preference value for locally-originated routes. It is in the range of 1 to 256
and defaults to 130.
Description
Use the preference command to set preference values for. routes learned from
external peers, routes learned from internal peers, and local-originated routes.
Use the undo preference command to restore the default preference values.
Example
# Set the preferences of EBGP, IBGP and locally generated routes to 170.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] preference 170 170 170
5.1.55 reflect between-clients
Syntax
reflect between-clients
undo reflect between-clients
View
BGP view
Parameter
None
Description
Use the reflect between-clients command to configure the between-client reflection
of a route.
Use the undo reflect between-clients command to disable this function.
After a route reflector is configured, it reflects the route of a client to another client.
By default, the clients of a route reflector are not fully interconnected and the route is
reflected from a client to another client by default via the route reflector. If the clients
are fully interconnected, you do not need to configure route reflection.
5-48
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Related command: reflector cluster-id, and peer reflect-client.
Example
# Disable the reflection between clients.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] undo reflect between-clients
5.1.56 reflector cluster-id
Syntax
reflector cluster-id cluster-id
undo reflector cluster-id
View
BGP view
Parameter
cluster-id: Cluster ID of the route reflector, an integer number ranging from 1 to
4294967295, or an IP address in dotted decimal notation.
Description
Use the reflector cluster-id command to configure the cluster ID of the route
reflector.
Use the undo reflector cluster-id command to delete the cluster ID of the route
reflector.
By default, each route reflector uses its Router ID as the cluster ID.
Generally, there is only one route reflector in a cluster. In this case, Router ID of the
route reflector is used to identify the cluster. Setting multiple route reflectors enhances
network stability. If multiple route reflectors are in a cluster, use this command to
configure the same cluster ID for all the route reflectors to prevent route loop.
Related command: reflect between-clients, and peer reflect-client.
Example
# A local router is one of the route reflectors in a cluster. Set the cluster ID of the route
reflector as 80.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] reflector cluster-id 80
5-49
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
5.1.57 refresh bgp
Syntax
refresh bgp { all | ip-address | group group-name } [ multicast ] { import | export }
View
User view
Parameter
all: Refreshes all peers.
ip-address: Refreshes connection with a specified BGP peer.
group-name: Peer group name, containing 1 to 47 characters.
multicast: Specifies multicast address family.
import: Sends a ROUTE-REFRESH packet to the peer, requesting the peer to
refresh the routes.
export: Refreshes routes advertised to the peers.
Description
Use the refresh bgp command to manually refresh BGP connections. Refreshing
BGP connections can refresh the BGP routing table without interruption any BGP
connection and apply a new policy.
After a BGP connection is created, only incremental routes are sent. However, in
some cases, such as when BGP routing policy changes, the peer needs to
re-advertise .routes or to be resent routes so that the routes are filtered again
according to the new policy.
Example
# Refresh all BGP connections.
<3Com> refresh bgp all import
5.1.58 reset bgp
Syntax
reset bgp { all | ip-address | group group-name }
View
User view
Parameter
all: Resets all the connections with BGP.
5-50
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
ip-address: Resets connection with a specified BGP peer.
group group-name: Resets the connection with a specified peer group.
Description
Use the reset bgp ip-address command to reset the connection of BGP with a
specified BGP peer.
Use the reset bgp all command to reset all the connections with BGP.
Use the reset bgp group group-name command to reset the BGP connection with a
specified peer group.
After a BGP routing policy or protocol configuration changes, resetting the BGP
connection will make the new configured policy take effect immediately.
Example
# After using the timer command to configure new Keepalive and Holdtime intervals,
you can reset all BGP connections for the new configuration to take effects
immediately.
<3Com> reset bgp all
5.1.59 reset bgp dampening
Syntax
reset bgp dampening [ network-address [ mask ] ]
View
User view
Parameter
network-address: IP address of the network segment, in dotted decimal notation.
mask: Network mask.
Description
Use the reset bgp dampening command to reset the flapping attenuation
information of a route and release the suppression of a suppressed route.
Related command: dampening, and display bgp routing-table dampened.
Example
# Reset the route attenuation information of the specified route.
<3Com> reset bgp dampening 20.1.0.0 255.255.0.0
5-51
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
5.1.60 reset bgp flap-info
Syntax
reset bgp flap-info [ regular-expression as-regular-expression | as-path-acl
acl-number | ip-address [ mask ] ]
View
User view
Parameter
regular-expression as-regular-expression: Reset the flap-info matching the AS path
regular expression.
as-path-acl acl-number: Resets the flap-info in consistency with a specified filter list.
The range of the parameter acl-number is 1 to 199.
ip-address: Resets the flap-info of a record at this IP address.
mask: Network mask.
Description
Use the reset bgp flap-info command to reset the flap info of a route.
If no value is specified, the flap info of all routes will be reset.
Related command: dampening.
Example
# Reset the flap-info of all the routes that go through filter list 10.
<3Com> reset bgp flap-info as-path-acl 10
5.1.61 reset bgp group
Syntax
reset bgp group group-name
View
User view
Parameter
group-name: Name of the peer group.
Description
Use the reset bgp group command to reset the connections between the BGP and
all the members of a group.
5-52
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Related command: peer group.
Example
# Reset BGP connections of all members from group1.
<3Com> reset bgp group group1
5.1.62 summary
Syntax
summary
undo summary
View
BGP view
Parameter
None
Description
Use the summary command to configure auto aggregation of sub-network routes.
Use the undo summary command to disable it.
By default, no auto aggregation of sub-network routes is executed.
After the summary is configured, BGP cannot receive the sub-network routes
imported from the IGP, so the amount of the routing information can be reduced.
Example
# Make the auto aggregation of the sub-network routes.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] summary
5.1.63 timer
Syntax
timer keep-alive keepalive-interval hold holdtime-interval
undo timer
View
BGP view
5-53
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Parameter
keepalive-interval: Set the interval time value for keepalive time. The range is 1 to
65535. By default, its value is 60 seconds.
holdtime-interval: Set the interval time value for hold time. The range is 3 to 65535. By
default, its value is 180 seconds.
Description
Use the timer command to configure the Keep-alive and Hold-time timer of BGP.
Use undo timer command to restore the default value of the Keep-alive and
Hold-time of the timer.
Example
# Configure the Keep-alive timer as 30 seconds and Hold-time timer as 90 seconds.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] timer keepalive 120 hold 360
5.1.64 undo synchronization
Syntax
undo synchronization
View
BGP view
Parameter
None
Description
Use the undo synchronization command to cancel the synchronization of BGP and
IGP.
By default, BGP does not synchronize with IGP.
If the local BGP is not set synchronous with the IGP and the next hop of the learned
BGP route is reachable, the local BGP will add this BGP route into its routing table
immediately after it learns the route, rather than waiting till the IGP also learns the
route.
This command means BGP does not synchronize with IGP in current system. You
need not configure it for Switch 7750 Series Ethernet Switches don’t support
synchronization of BGP and IGP at present.
5-54
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 5 BGP Configuration Commands
Example
# Cancel the synchronization of BGP and IGP.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] bgp 100
[3Com-bgp] undo synchronization
5-55
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Chapter 6 IP Routing Policy Configuration
Commands
Note:
The word “router” covered in the following text represent routers in common sense
and Ethernet switches running a routing protocol. To improve readability, this will not
be mentioned again in this manual.
6.1 IP Routing Policy Configuration Commands
6.1.1 apply as-path
Syntax
apply as-path as-number-list
undo apply as-path
View
Route policy view
Parameter
as-number-list: AS number list, in the form of as-number&<1-10>. Here, as-number is
an AS number, which ranges from 1 to 65535, and &<1-10> means you can input 1 to
10 AS numbers in one command.
Description
Use the apply as-path command to add AS number before original AS path in
Router-policy.
Use the undo apply as-path command to remove the added AS number.
By default, AS number is not set.
If the Route-policy matching conditions are met, AS attributes of the transmission
route will be changed by the apply as-path command. A maximum of ten AS
numbers can be added.
6-1
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Example
# Add AS number 200 before the original AS path
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]route-policy 10 permit node 10
[3Com-route-policy] apply as-path 200
6.1.2 apply community
Syntax
apply community { none | [ aa:nn | no-export-subconfed | no-export |
no-advertise ]* [ additive ] }
undo apply community
View
Route policy view
Parameter
none: No community attribute
aa:nn: Community number. The value ranges of aa and nn are both from 1 to 65535.
no-export-subconfed: Specifies not to send matching routes out of sub-autonomous
system.
no-advertise: Specifies not to send matching routes to any peer entities.
no-export: Specifies not to send routes out of sub-autonomous system or federation
but to send to the other sub-autonomous systems in the federation.
additive: Additive community attributes
Description
Use the apply community command to set BGP community attributes in
Route-policy.
Use the undo apply community command to cancel the BGP community attribute
setting .
By default, BGP community attributes are not set.
If the Route-policy matching conditions are met, BGP community attributes will be
changed by the apply community command.
Related command: ip community-list, if-match community-list, route-policy and
display bgp routing-table community.
6-2
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Example
#Create a Route-policy named setcommunity and set its node sequence number as
16 and matching mode as permit. Enter route policy view and set matching conditions
and execute attribute change command
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]route-policy 10 permit node 10
[3Com] route-policy setcommunity permit node 16
[3Com-route-policy] if-match as-path 8
[3Com-route-policy] apply community no-export
6.1.3 apply cost
Syntax
apply cost value
undo apply cost
View
Route policy view
Parameter
value: Route cost value of route information. The value ranges from 0 to 4294967295.
Description
Use the apply cost command to configure the route cost value of route information.
Use the undo apply cost command to cancel the apply statement.
By default, no apply statement is defined.
An apply statement of Route-policy sets the cost of the routes passing the filtering.
Related command: if-match interface, if-match acl, if-match ip-prefix, if-match ip
next-hop, if-match cost, if-match tag, route-policy, apply ip next-hop, apply
local-preference, apply origin, and apply tag.
Example
# Define an apply statement. When it is used for setting route information attribute, it
sets the route cost value of route information as 120.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] route-policy policy_10 permit node 12
%New sequence of this list
[3Com-route-policy] apply cost 120
6-3
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
6.1.4 apply cost-type
Syntax
apply cost-type [ internal | external ]
undo apply cost-type
View
Route policy view
Parameter
internal: Used in BGP, indicates that the IGP cost will be used as the BGP MED value
when BGP peer entity advertises routes to the EBGP peer entity. This keyword is
used only for IS-IS (representing that IS-IS interior cost will be used) and is invalid for
other protocols.
External: This keyword is used only for IS-IS and is invalid for other protocols.
Description
Use the apply cost-type command to set the routing cost type of routing information.
Use the undo apply cost-type command to cancel the setting argument.
By default, routing cost is not set.
Example
# Set IGP cost as the BGP MED value.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]route-policy 10 permit node 10
[3Com-route-policy] apply cost-type internal
6.1.5 apply ip next-hop
Syntax
apply ip next-hop ip-address
undo apply ip next-hop
View
Route policy view
Parameter
ip-address: IP address of next hop
6-4
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Description
Use the apply ip next-hop command to set the IP address of next hop.
Use the undo apply ip next-hop command to cancel the setting argument.
By default, no next hop is defined.
An apply statement of Route-policy sets the next hop of the filtered packets.
Related command: if-match interface, if-match acl, if-match ip-prefix, if-match ip
next-hop, if-match cost, if-match tag, route-policy, apply local-preference,
apply cost, apply origin and apply tag.
Example
# Define an apply statement to set the next hop in the routing information to 193.1.1.8.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]route-policy 10 permit node 10
[3Com-route-policy] apply ip next-hop 193.1.1.8
6.1.6 apply isis
Syntax
apply isis [ level-1 | level-2 | level-1-2 ]
undo apply isis
View
Route-policy view
Parameter
level-1: Imports routes to level-1 area.
level-2: Imports routes to level-2 area.
level-1-2: Imports routes to both level-1 area and level-2 area.
Description
Use the apply isis command to define an apply clause to import routing information
into the IS-IS area(s) at specified level(s).
Use the command to cancel the clause setting.
By default, no apply clause is defined.
Related command: if-match interface, if-match acl, if-match ip-prefix, if-match ip
next-hop, if-match cost, if-match tag, route-policy, apply cost, apply origin and
apply tag
6-5
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Example
# Define an apply clause to import routes to level-2 area.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]route-policy 10 permit node 10
[3Com-route-policy] apply isis level-2
6.1.7 apply local-preference
Syntax
apply local-preference local-preference
undo apply local-preference
View
Route policy view
Parameter
local-preference: local preference, ranging from 0 to 4294967295.
Description
Use the apply local-preference command to set local preference for routing
information.
Use the undo apply local-preference command to cancel the apply statement
setting.
Related command: if-match interface, if-match acl, if-match ip-prefix, if-match ip
next-hop, if-match cost, if-match tag, route-policy, apply ip next-hop, apply
local-preference, apply origin and apply tag.
Example
# Define an apply statement to set local preference for the routing information to 130.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]route-policy 10 permit node 10
[3Com-route-policy] apply local-preference 130
6.1.8 apply origin
Syntax
apply origin { igp | egp as-number | incomplete }
undo apply origin
6-6
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
View
Route policy view
Parameter
igp: Specifies that BGP routing information source is internal route
egp: Specifies that BGP routing information source is external route
as-number: Specifies autonomous system number of external routes. The value
ranges from 1 to 65535.
incomplete: Specifies that BGP routing information source is unknown.
Description
Use the apply origin command to set BGP routing information source.
Use the undo apply origin command to cancel the apply statement setting.
Related command: if-match interface, if-match acl, if-match ip-prefix, if-match ip
next-hop, if-match cost, if-match tag, route-policy, apply ip next-hop, apply
local-preference, apply cost and apply tag.
Example
# Define an apply statement to specify that the BGP routing information source is igp.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]route-policy 10 permit node 10
[3Com-route-policy] apply origin igp
6.1.9 apply tag
Syntax
apply tag value
undo apply tag
View
Route policy view
Parameter
value: Tag value of route information. The value ranges from 0 to 4294967295.
Description
Use the apply tag command to configure to set the tag area of RIP or OSPF route
information.
Use the undo apply tag command to cancel the apply statement.
6-7
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Related command: if-match interface, if-match acl, if-match ip-prefix, if-match ip
next-hop, if-match cost, if-match tag, route-policy, apply ip next-hop, apply
local-preference, apply cost, and apply origin.
Example
# Define an apply statement. When it is used for setting route information attribute, it
sets the tag area of route information as 100.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] route-policy policy_10 permit node 12
%New sequence of this list
[3Com-route-policy] apply tag 100
6.1.10 display ip ip-prefix
Syntax
display ip ip-prefix [ ip-prefix-name ]
View
Any view
Parameter
ip-prefix-name: Name of the address prefix list to be displayed, containing 1 to 19
characters.
Description
Use the display ip ip-prefix command to display an address prefix list.
Related command: ip ip-prefix.
Example
# Display the information about the address prefix list named p1.
<3Com> display ip ip-prefix p1
name
index
conditions
ip-prefix / mask
GE
LE
p1
10
permit
10.1.0.0/16
17
18
Table 6-1 Description on the fields of the display ip ip-prefix command
Field
Description
name
Name of ip-prefix
index
Internal sequence number of ip-prefix
conditions
Mode: permit or deny
6-8
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Field
Description
ip-prefix / mask
Address and network segment length of
ip-prefix
GE
Greater-equal value of ip-prefix network
segment length
LE
Less-equal value of ip-prefix network
segment length
6.1.11 display route-policy
Syntax
display route-policy [ route-policy-name ]
View
Any view
Parameter
route-policy-name: Name of the route-policy to be displayed, containing 1 to 19
characters.
Description
Use the display route-policy command to display the configured Route-policy.
If you do not specify a route policy name, this command displays all route-policies
configured.
Related command: route-policy.
Example
# Display the information about Route-policy named policy1.
<3Com> display route-policy policy1
Route-policy : policy1
Permit 10 : if-match (prefixlist) p1
apply cost 100
matched : 0
denied : 0
Table 6-2 Description on the fields of the display route-policy command
Field
Description
Route-policy
Name of ip-prefix
Permit 10
Information about the route-policy with the mode configured as
permit and the node as 10:
6-9
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Field
Description
if-match
(prefixlist) p1
if-match statement configured
apply cost 100
Apply routing cost 100 to the routes matching
the conditions defined by if-match statement
matched
Number of routes matching the conditions set by
if-match statement
denied
Number of routes not matching the conditions
set by if-match statement
6.1.12 if-match { acl | ip-prefix }
Syntax
if-match { acl acl-number | ip-prefix ip-prefix-name }
undo if-match { acl | ip-prefix }
View
Route policy view
Parameter
acl-number: Number of the ACL used for filter
ip-prefix-name: Name of the prefix address list used for filter, containing 1 to 19
characters.
Description
Use the if-match { acl | ip-prefix } command to configure a rule for the route-policy
and specify an matching IP address range.
Use the undo if-match { acl | ip-prefix } command to cancel the setting of the rule.
The if-match { acl | ip-prefix } command implements a filter by referencing an ACL or
a prefix address list.
Related command: if-match interface, if-match ip next-hop, if-match cost,
if-match tag, route-policy, apply ip next-hop, apply cost, apply local-preference,
apply origin, and apply tag.
Example
# Define an if-match statement. When the statement is used for filtering route
information, the route information filtered by route destination address through
address prefix list p1 is permitted to pass the if-match statement.
<3Com> system-view
6-10
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] route-policy policy_10 permit node 12
%New sequence of this list
[3Com-route-policy] if-match ip-prefix p1
6.1.13 if-match as-path
Syntax
if-match as-path as-path-number
undo if-match as-path
View
Route policy view
Parameter
as-path-number: AS path number, ranging from 1 to 199.
Description
Use the if-match as-path command to match the AS path field of BGP routing
information.
Use the undo if-match as-path command to cancel the AS path field matching.
By default, AS regular expression is not set for matching in Route-policy.
An if-match statement of Route-policy sets AS path attributes as matching conditions
to filter BGP routing information.
Example
# Create as-path 2, which permits the routing information of AS 200 and AS 300. Then
create a Route-policy named test, and define an if-match statement quoting the
definitions of as-path 2 for node 10 of the Route-policy.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ip as-path-acl 2 permit 200:300
[3Com] route-policy test permit node 10
[3Com-route-policy] if-match as-path 2
6.1.14 if-match community
Syntax
if-match
community
{
basic-community-list-number
adv-community-list-number }
undo if-match community
6-11
[
whole-match
]
|
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
View
Route policy view
Parameter
basic-community-list-number: Basic community list number, ranging from 1 to 99.
adv-community-list-number: Advanced community list number, ranging from 100 to
199.
whole-match: Exact match, which means that all communities and only these
communities must be displayed.
Description
Use the if-match community command to match community attributes of BGP
routing information.
Use the undo if-match community command to cancel community attribute
matching settings.
Be default, community attributes are not set for matching.
An if-match statement of Route-policy sets community attributes as matching
conditions to filter BGP routing information.
Related command: route-policy and ip community-list.
Example
# Create community-list 1, which permits routing information of AS 100 and AS 200.
Then create a Route-policy named test and define an if-match statement quoting the
definitions of community-list 1 for node 10 of the Route-policy.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ip community-list 1 permit 100:200
[3Com] route-policy test permit node 10
[3Com-route-policy] if-match community 1
6.1.15 if-match cost
Syntax
if-match cost value
undo if-match cost
View
Route policy view
6-12
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Parameter
value: Route cost value, ranging from 0 to 4,294,967,295.
Description
Use the if-match cost command to configure one of the match rules of the
route-policy to match the cost of routing information.
Use the undo if-match cost command to cancel the configuration of the match rule.
By default, no if-match statement is defined.
An if-match statement of the route-policy specifies the route cost of the routing
information meeting the condition.
Related command: if-match interface, if-match acl, if-match ip-prefix, if-match ip
next-hop, if-match tag, route-policy, apply ip next-hop, apply cost, apply
local-preference, apply origin, and apply tag.
Example
# Define an if-match statement and allow the routing information with a routing cost of
8 to pass this if-match statement.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] route-policy policy permit node 1
%New sequence of this list
[3Com-route-policy] if-match cost 8
6.1.16 if-match interface
Syntax
if-match interface { interface-type interface-number }
undo if-match interface
View
Route policy view
Parameter
interface-type: Interface type.
interface-number: Interface number.
Description
Use the if-match interface command to configure to match the route whose next hop
is the designated interface.
6-13
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Use the undo if-match interface command to cancel the setting of matching
condition.
By default, no if-match statement is defined.
As an if-match statement of route-policy, it matches the corresponding interface of
route next hop when filtering route.
Related command: if-match acl, if-match ip-prefix, if-match ip next-hop, if-match
cost, if-match tag, route-policy, apply ip next-hop, apply cost, apply
local-preference, apply origin, and apply tag.
Example
# Define an if-match statement to match the route whose next hop interface is
Vlan-interface 1
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] route-policy policy permit node 1
%New sequence of this list
[3Com-route-policy] if-match interface Vlan-interface 1
6.1.17 if-match ip next-hop
Syntax
if-match ip next-hop { acl acl-number | ip-prefix ip-prefix-name }
undo if-match ip next-hop [ ip-prefix ]
View
Route policy view
Parameter
acl-number: Number of the ACL used for filter. It ranges from 2,000 to 2,999.
ip-prefix-name: Name of the prefix address list used for filter.
Description
Use the if-match ip next-hop command to configure one of the match rules of
route-policy on the next hop address of the routing information.
Use the undo if-match ip next-hop command to cancel the setting of ACL matching
condition.
Use the undo if-match ip next-hop ip-prefix command to cancel the setting of
address prefix list matching condition.
By default, no if-match statement is defined.
6-14
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
An if-match statement of route-policy is used to specify the next hop matching the
routing information when filtering the routes. It performs filter by referencing an ACL or
an address prefix list.
Related command: if-match interface, if-match acl, if-match ip-prefix, if-match
cost, if-match tag, route-policy, apply ip next-hop, apply cost, apply
local-preference, apply origin, and apply tag.
Example
# Define an if-match statement. It permits the routing information whose route next
hop address filtered through prefix address list p1 to pass this if-match statement.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] route-policy policy permit node 1
%New sequence of this list
[3Com-route-policy] if-match ip next-hop ip-prefix p1
6.1.18 if-match tag
Syntax
if-match tag value
undo if-match tag
View
Route policy view
Parameter
value: Tag field value, ranging from 0 to 4,294,967,295.
Description
Use the if-match tag command to configure to match the tag field of route
information.
Use the undo if-match tag command to cancel the existing matching rules.
Related command: if-match interface, if-match acl, if-match ip-prefix, if-match ip
next-hop, if-match cost, route-policy, apply ip next-hop, apply cost, apply
local-preference, apply origin, and apply tag.
Example
# Define an if-match statement to permit the OSPF route information whose tag value
is 8 to pass the if-match statement.
<3Com> system-view
System View: return to User View with Ctrl+Z.
6-15
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
[3Com] route-policy policy permit node 1
%New sequence of this list
[3Com-route-policy] if-match tag 8
6.1.19 ip as-path-acl
Syntax
ip as-path-acl acl-number { permit | deny } as-regular-expression
undo ip as-path-acl acl-number
View
System view
Parameter
acl-number: AS path list number, ranging from 1 to 199.
as-regular-expression: AS path regular expression
Description
Use the ip as-path-acl command to configure an AS regular expression.
Use the undo ip as-path-acl command to cancel the defined regular expression.
The defined AS path list can be used in GBP policy.
Related command: peer as-path-acl and display bgp routing-table as-path-acl.
Example
# Configure an AS path list
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ip as-path-acl 10 permit 200,300
6.1.20 ip community-list
Syntax
ip community-list basic-comm-list-number { permit | deny } [ aa:nn | internet |
no-export-subconfed | no-advertise | no-export ]*
ip community-list adv-comm-list-number { permit | deny }
comm-regular-expression
undo ip community-list { basic-comm-list-number | adv-comm-list-number }
View
System view
6-16
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Parameter
basic-comm-list-number: Basic community list number, ranging from 1 to 99.
adv-comm-list-number: Advanced community list number, ranging from 100 to 199.
permit: Specifies to allow access to matching conditions.
deny: Specifies to deny access to matching conditions.
aa:nn: Community number. The value ranges of aa and nn are both from 1 to 65535.
internet: Specifies to advertise all routes.
no-export-subconfed: Specifies not to send matching routes out of sub-autonomous
system.
no-advertise: Specifies not to send matching routes to any peer entities.
no-export: Specifies not to send routes out of sub-autonomous system or federation
but to send to the other sub-autonomous systems in the federation.
comm-regular-expression: Community attribute in regular expression.
Description
Use the ip community-list command to set a BGP community list.
Use the undo ip community-list command to cancel the community list settings.
The defined community list can be used in BGP policy.
Related command: apply community, display bgp routing-table community-list
Example
# Define a community list, and specify not to send the routes with the community
attributes out of the local autonomous system.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ip community-list 6 permit no-export-subconfed
6.1.21 ip ip-prefix
Syntax
ip ip-prefix ip-prefix-name [ index index-number ] { permit | deny } network len
[ greater-equal greater-equal | less-equal less-equal ] *
undo ip ip-prefix ip-prefix-name [ index index-number | permit | deny ]
View
System view
6-17
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Parameter
ip-prefix-name: Name of address prefix list, containing 1 to 19 characters. It identifies
an address prefix list uniquely.
index-number: Identifier of an item in the prefix address list. The item with a smaller
index-number will be tested first.
permit: Specifies the match mode of the defined address prefix list items as permit
mode. If the permit mode is specified and the IP address to be filtered is in the
ip-prefix range specified by the item, the item is filtered through and the next item is
not tested. If the IP address to be filtered is not in the ip-prefix range specified by the
item, the next item is tested
deny: Specifies the match mode of the defined address prefix list items as deny mode.
If the deny mode is specified and the IP address to be filtered is in the ip-prefix range
specified by the item, the item is not filtered through and the next item is not tested;
otherwise, the next item is tested.
network: IP address prefix range (IP address). If it is specified as 0.0.0.0 0, all the IP
addresses are matched.
len: IP address prefix range (mask length). If it is specified as 0.0.0.0 0, all the IP
addresses are matched.
greater-equal, less-equal: Address prefix range [greater-equal, less-equal] to be
matched after the address prefix network len has been matched. The meaning of
greater-equal is "greater than or equal to" , and the meaning of less-equal is "less
than or equal to". The range is len <= greater-equal <= less-equal <= 32. When only
greater-equal is used, it denotes the prefix range [greater-equal, 32]. When only
less-equal is used, it denotes the prefix range [len, less-equal].
Description
Use the ip ip-prefix command to configure an address prefix list or one of its items.
Use the undo ip ip-prefix command to delete an address prefix list or one of its
items.
An address prefix list is used for IP address filtering. An address prefix list may
contain several items, and each item specifies one address prefix range. The
inter-item filtering relation is "OR". That is, passing an item means filtering through
this address prefix list. Not filtering through any item means not filtering through this
prefix address list.
The address prefix range may contain two parts, which are determined by len and
[greater-equal, less-equal], respectively. If the prefix ranges of these two parts are
both specified, the IP to be filtered must match the prefix ranges of these two parts.
If you specify network len as 0.0.0.0 0, it matches the default route only.
6-18
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
Example
# Define an ip-prefix named p1 to permit only the routes whose mask lengths are 17
or 18 on network segment 10.0.192.0 8 to pass.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ip ip-prefix p1 permit 10.0.192.0 8 greater-equal 17 less-equal 18
6.1.22 route-policy
Syntax
route-policy route-policy-name { permit | deny } node { node-number }
undo route-policy route-policy-name [ permit | deny | node node-number ]
View
System view
Parameter
route-policy-name: Name of the Route-policy, containing 1 to 19 characters. It
identifies a Route-policy uniquely.
permit: Specifies the match mode of the defined Route-policy node as permit mode.
When a route entry meets all the if-match statements of the node, the entry is
permitted to filter through the node and the apply statement of the node will be
performed. If a route entry does not meet the if-match statement of the node, the next
node of the route-policy will be tested.
deny: Specifies the match mode of the defined Route-policy node as deny mode.
When a route entry meets all the if-match statements of the node, the entry is
prohibited from filtering through the node and the next node will not be tested.
node: Specifies the node of the route policy.
node-number: Index of the node in the route-policy. When this route-policy is used for
routing information filter, the node with smaller node-number will be tested first.
Description
Use the route-policy command to enter the Route-policy view.
Use the undo route-policy command to delete the created Route-policy.
By default, no Route-policy is defined.
Route-policy is used for route information filter or route policy. A Route-policy
comprises some nodes and each node comprises some if-match statements and
apply statements.
6-19
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 6 IP Routing Policy Configuration Commands
An if-match statement defines the match rules of this node. An apply statement
defines the actions after filtering through this node. The filtering relationship between
the if-match statements of the node is "and". That is, all if-match statements of the
node must be met.
The filtering relation between Route-policy nodes is "OR". That is, filtering through
one node means filtering through this Route-policy. If the information does not filter
through any node, it cannot filter through this Route-policy.
Related command: if-match interface, if-match acl, if-match ip-prefix, if-match ip
next-hop, if-match cost, if-match tag, apply ip next-hop, apply local-preference,
apply cost, apply origin, and apply tag.
Example
# Configure Route-policy policy_10, with the node number of 12 and the match mode
of permit, and enter Route policy view.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]route-policy policy_10 permit node 12
%New sequence of this list
[3Com-route-policy]
6-20
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 7 Route Capacity Configuration Commands
Chapter 7 Route Capacity Configuration
Commands
Note:
The word “router” covered in the following text represent routers in common sense
and Ethernet switches running a routing protocol. To improve readability, this will not
be mentioned again in this manual.
7.1 Route Capacity Configuration Commands
7.1.1 display memory
Syntax
display memory [ slot slot_number ]
View
Any view
Parameter
slot_number: Number of the slot whose route capacity information is displayed.
Description
Use the display memory command to display the memory setting.
Example
# Display the current memory setting of the switch.
<3Com> display memory
System Total Memory(bytes): 203563008
Total Used Memory(bytes): 77852012
Used Rate: 38%
The following table shows describes the fields of the command:
7-1
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 7 Route Capacity Configuration Commands
Table 7-1 Description on the fields of the display memory command
Field
Description
System Total Memory(bytes)
Free memory size, in bytes, of the switch
Total Used Memory(bytes)
Occupied memory size, in bytes, of the
switch
Used Rate
Memory occupation rate
7.1.2 display memory limit
Syntax
display memory limit
View
Any view
Parameter
None
Description
Use the display memory limit command to display the memory setting and state
information related to route capacity.
This command displays the current memory limit configuration, free memory, and
state information about connections, such as times of disconnection, times of
reconnection, and whether the current state is normal.
Example
# Display the current memory setting and state information.
<3Com>display memory limit
Current memory limit configuration information:
system memory safety: 40 (MBytes)
system memory limit: 30 (MBytes)
auto-establish enabled
Free Memory: 111571652 (Bytes)
The state information about connection:
The times of disconnect: 0
The times of reconnect: 0
The current state: Normal
7-2
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 7 Route Capacity Configuration Commands
The information displayed by this command includes Ethernet switch memory limit,
size of free memory, times of disconnection, times of reconnection, and the current
state.
The following table describes the fields of the command:
Table 7-2 Description on the fields of the display memory limit command
Field
Description
system memory safety
Safety value of the switch memory.
system memory limit
Lower limit of the switch memory.
auto-establish enabled
Automatic connection restoration is enabled (If
automatic connection restoration is disabled,
"auto-establish disabled" is displayed).
Free Memory
Size of the current free memory in bytes
The times of disconnect: 0
The times of the disconnection of the routing protocol is
0.
The times of reconnect: 0
The times of reconnection of the routing protocol is 0.
The current state: Normal
The current state is normal (If the current state is
emergent, "Exigence" is displayed).
7.1.3 memory auto-establish disable
Syntax
memory auto-establish disable
View
System view
Parameter
None
Description
Use the memory auto-establish disable command to disable the automatic
restoration of routing protocol connection (even if the free memory recovers to a
safety value).
By default, when the free memory of the switch recovers to a safety value,
connections of all the routing protocols will always recover (when the free memory of
the switch decreases to a lower limit, the connection will be disconnected forcibly).
7-3
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 7 Route Capacity Configuration Commands
After this command is used, connections of all the routing protocols will not recover
when the free memory of the switch recovers to a safety value. In this case, you need
to restart the routing protocol to recover the connections.
Use this command with caution.
Related command: memory auto-establish enable, memory { safety | limit },
display memory limit.
Example
# Disable automatic restoration of the routing protocol connections when the free
memory of the current switch recovers.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] memory auto-establish disable
7.1.4 memory auto-establish enable
Syntax
memory auto-establish enable
View
System view
Parameter
None
Description
Use the memory auto-establish enable command to enable automatic restoration
of routing protocol connections when the free memory of the switch recovers to the
specified value.
Use the memory auto-establish disable command to disable this function.
By default, when the free memory of the switch recovers to a safety value,
connections of all the routing protocols will always recover (when the free memory of
the switch decreases to a lower limit, the connection will be disconnected forcibly).
By default, this function is enabled.
Related command: memory auto-establish disable, memory { safety | limit },
display memory limit.
Example
# Enable automatic restoration of the connections of all the routing protocols when the
free memory of the current switch recovers..
7-4
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 7 Route Capacity Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] memory auto-establish enable
7.1.5 memory { safety | limit }*
Syntax
memory { safety safety-value | limit limit-value }*
undo memory [ safety | limit ]
View
System view
Parameter
safety-value: Safety free memory of the switch , in Mbytes. Its value range depends
on the free memory of the current switch.
limit-value: Lower limit of the switch free memory, in Mbytes. Its value range depends
on the free memory of the current switch.
Description
Use the memory limit limit-value command to configure the lower limit of the switch
free memory.
When the free memory of the switch is less than this limit, all the routing protocol
connections will be disconnected forcibly. The limit-value argument in the command
must be less than the current free memory safety value; otherwise, the configuration
will fail.
Use the memory safety safety-value command to configure the safety value of the
switch free memory.
If you use the memory auto-establish enable command (the default configuration),
the routing protocol connection that is forcibly disconnected automatically recovers
when the free memory of the switch reaches this value. The safety-value argument in
the command must be greater than the current free memory lower limit; otherwise, the
configuration will fail.
Use the memory safety safety-value limit limit-value command to change both the
safety value and lower limit of the switch free memory. The value of safety-value must
be greater than that of limit-value; otherwise, the configuration will fail.
Use the undo memory command to restore the default safety value and lower limit of
the switch free memory.
Related command: memory auto-establish disable, memory auto-establish
enable, and display memory limit.
7-5
3Com Switch 7750 Series
Command Reference Guide – Routing Protocol
Chapter 7 Route Capacity Configuration Commands
Example
# Set the lower limit of the switch free memory to 2 MB and the safety value to 4 MB.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] memory safety 4 limit 2
7-6
3Com Switch 7750 Series
Command Reference Guide – Multicast
Table of Contents
Table of Contents
Chapter 1 IGMP Snooping Configuration Commands............................................................... 1-1
1.1 IGMP Snooping Configuration Commands ....................................................................... 1-1
1.1.1 display igmp-snooping configuration....................................................................... 1-1
1.1.2 display igmp-snooping group .................................................................................. 1-2
1.1.3 display igmp-snooping statistics.............................................................................. 1-3
1.1.4 display multicast-vlan .............................................................................................. 1-4
1.1.5 igmp-snooping......................................................................................................... 1-4
1.1.6 igmp-snooping fast-leave ........................................................................................ 1-5
1.1.7 igmp-snooping group-limit....................................................................................... 1-6
1.1.8 igmp-snooping group-policy .................................................................................... 1-7
1.1.9 igmp-snooping host-aging-time............................................................................... 1-9
1.1.10 igmp-snooping max-response-time..................................................................... 1-10
1.1.11 igmp-snooping report-aggregation ...................................................................... 1-10
1.1.12 igmp-snooping router-aging-time ........................................................................ 1-11
1.1.13 multicast-vlan enable .......................................................................................... 1-12
1.1.14 multicast-vlan subvlan......................................................................................... 1-13
1.1.15 reset igmp-snooping statistics............................................................................. 1-14
Chapter 2 Common IP Multicast Configuration Commands..................................................... 2-1
2.1 Common IP Multicast Configuration Commands............................................................... 2-1
2.1.1 display mpm forwarding-table ................................................................................. 2-1
2.1.2 display mpm group.................................................................................................. 2-2
2.1.3 display multicast forwarding-table ........................................................................... 2-5
2.1.4 display multicast routing-table................................................................................. 2-6
2.1.5 display multicast-source-deny................................................................................. 2-8
2.1.6 multicast load-sharing enable ................................................................................. 2-9
2.1.7 multicast route-limit ............................................................................................... 2-10
2.1.8 multicast routing-enable ........................................................................................ 2-10
2.1.9 multicast static-router-port..................................................................................... 2-11
2.1.10 multicast static-router-port vlan ........................................................................... 2-12
2.1.11 multicast wrongif-holdtime................................................................................... 2-13
2.1.12 multicast-source-deny ......................................................................................... 2-14
2.1.13 reset multicast forwarding-table .......................................................................... 2-15
2.1.14 reset multicast routing-table ................................................................................ 2-16
Chapter 3 Multicast MAC Address Entry Configuration Commands....................................... 3-1
3.1 Multicast MAC Address Entry Configuration Commands .................................................. 3-1
3.1.1 display mac-address multicast ................................................................................ 3-1
3.1.2 mac-address multicast interface ............................................................................. 3-1
i
3Com Switch 7750 Series
Command Reference Guide – Multicast
Table of Contents
Chapter 4 IGMP Configuration Commands ................................................................................ 4-1
4.1 IGMP Configuration Commands........................................................................................ 4-1
4.1.1 display igmp group .................................................................................................. 4-1
4.1.2 display igmp interface ............................................................................................. 4-2
4.1.3 igmp enable............................................................................................................. 4-3
4.1.4 igmp group-limit....................................................................................................... 4-4
4.1.5 igmp group-policy.................................................................................................... 4-5
4.1.6 igmp group-policy vlan ............................................................................................ 4-6
4.1.7 igmp host-join port................................................................................................... 4-7
4.1.8 igmp host-join vlan .................................................................................................. 4-8
4.1.9 igmp lastmember-queryinterval............................................................................... 4-9
4.1.10 igmp max-response-time..................................................................................... 4-10
4.1.11 igmp proxy........................................................................................................... 4-11
4.1.12 igmp report-aggregation...................................................................................... 4-12
4.1.13 igmp robust-count ............................................................................................... 4-13
4.1.14 igmp timer other-querier-present......................................................................... 4-14
4.1.15 igmp timer query.................................................................................................. 4-15
4.1.16 igmp version ........................................................................................................ 4-16
4.1.17 reset igmp group ................................................................................................. 4-16
Chapter 5 PIM Configuration Commands ................................................................................... 5-1
5.1 PIM Configuration Commands........................................................................................... 5-1
5.1.1 bsr-policy ................................................................................................................. 5-1
5.1.2 c-bsr ........................................................................................................................ 5-2
5.1.3 c-rp .......................................................................................................................... 5-3
5.1.4 crp-policy ................................................................................................................. 5-4
5.1.5 display pim bsr-info ................................................................................................. 5-5
5.1.6 display pim interface ............................................................................................... 5-6
5.1.7 display pim neighbor ............................................................................................... 5-7
5.1.8 display pim routing-table ......................................................................................... 5-8
5.1.9 display pim rp-info ................................................................................................... 5-9
5.1.10 pim....................................................................................................................... 5-10
5.1.11 pim bsr-boundary ................................................................................................ 5-11
5.1.12 pim dm................................................................................................................. 5-12
5.1.13 pim neighbor-limit................................................................................................ 5-13
5.1.14 pim neighbor-policy ............................................................................................. 5-13
5.1.15 pim sm................................................................................................................. 5-14
5.1.16 pim timer hello ..................................................................................................... 5-15
5.1.17 register-policy ...................................................................................................... 5-16
5.1.18 spt-switch-threshold ............................................................................................ 5-16
5.1.19 reset pim neighbor .............................................................................................. 5-18
5.1.20 reset pim routing-table ........................................................................................ 5-18
5.1.21 source-policy ....................................................................................................... 5-19
ii
3Com Switch 7750 Series
Command Reference Guide – Multicast
Table of Contents
5.1.22 static-rp................................................................................................................ 5-20
iii
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
Chapter 1 IGMP Snooping Configuration
Commands
Note:
Ethernet switches serve as routers when an IP multicast protocol is running on them.
The routers mentioned here refer to common routers and Layer 3 Ethernet switches
where the IP multicast protocol is running.
1.1 IGMP Snooping Configuration Commands
1.1.1 display igmp-snooping configuration
Syntax
display igmp-snooping configuration
View
Any view
Parameter
None
Description
Use the display igmp-snooping configuration command to display IGMP Snooping
configuration information.
When IGMP Snooping is enabled on the switch, this command displays the following
information: IGMP Snooping status, aging time of the router port, query response
timeout time, and aging time of multicast member ports.
Related command: igmp-snooping.
Example
# Display IGMP Snooping configuration information on the switch.
<3Com> display igmp-snooping configuration
Enable IGMP-Snooping.
The router port timeout
is 105 second(s).
1-1
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
The max response timeout is 1 second(s).
The host port timeout is 260 second(s).
The above information shows: IGMP Snooping is enabled, the aging time of the router
port is 105 seconds, the query response timeout time is one second, and the aging time
of multicast member ports is 260 seconds.
1.1.2 display igmp-snooping group
Syntax
display igmp-snooping group [ vlan vlan-id ]
View
Any view
Parameter
vlan-id: ID of the specified VLAN.
Description
Use the display igmp-snooping group command to display information about the IP
and MAC multicast groups under one specified VLAN (with vlan vlan-id) or all VLANs
(without vlan vlan-id).
This command displays the following information: VLAN ID, router port, IP multicast
group address, member ports included in the IP multicast group, MAC multicast group,
MAC multicast group address, and member ports included in the MAC multicast group.
Example
# Display information about the multicast groups under VLAN 2.
<3Com> display igmp-snooping group vlan 2
Total 1 IP Group(s).
Total 1 MAC Group(s).
Vlan(id):2.
Total 1 IP Group(s).
Total 1 MAC Group(s).
Static router port(s):
Dynamic router port(s):
IP group(s):the following ip group(s) match to one mac group.
IP group address:225.1.1.1
Host port(s):GigabitEthernet2/0/1
MAC group(s):
MAC group address:0100-5e01-0101
Host port(s):GigabitEthernet2/0/1
1-2
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
The information above means:
z
Multicast groups exist in VLAN 2.
z
The address of the IP multicast group is 255.1.1.1.
1.1.3 display igmp-snooping statistics
Syntax
display igmp-snooping statistics
View
Any view
Parameter
None
Description
Use the display igmp-snooping statistics command to display IGMP Snooping
message statistics.
This command displays the following information: the numbers of the IGMP general
query messages, IGMP group-specific query messages, IGMP V1 report messages,
IGMP V2 report messages, IGMP leave messages and error IGMP messages received,
and the number of the IGMP group-specific query messages sent.
Related command: igmp-snooping.
Example
# Display IGMP Snooping message statistics.
<3Com> display igmp-snooping statistics
Received IGMP general query packet(s) number:0.
Received IGMP specific query packet(s) number:0.
Received IGMP V1 report packet(s) number:0.
Received IGMP V2 report packet(s) number:0.
Received IGMP leave packet(s) number:0.
Received error IGMP packet(s) number:0.
Sent IGMP specific query packet(s) number:0.
The information above shows that IGMP receives:
z
zero IGMP general query packets
z
zero IGMP specific query packets
z
zero IGMP V1 report packets
z
zero IGMP V2 report packets
1-3
3Com Switch 7750 Series
Command Reference Guide – Multicast
z
zero IGMP leave packets
z
zero IGMP error packets
Chapter 1 IGMP Snooping Configuration Commands
IGMP Snooping sends:
z
zero IGMP specific query packets
1.1.4 display multicast-vlan
Syntax
display multicast-vlan [ vlan-id ]
View
Any view
Parameter
vlan-id: ID of the specified VLAN.
Description
Use the display multicast-vlan command to display the configuration of the multicast
VLAN.
If the vlan-id argument is not provided when the command is executed, the
configuration information about all the VLANs in the network is displayed.
Example
# Display the configuration of multicast VLAN 2.
<3Com> display multicast-vlan 2
multicast vlan 2's subvlan list:
Vlan 1024
The information above means:
z
VLAN 2 exists
z
VLAN 1024 is the subvlan of VLAN 2
1.1.5 igmp-snooping
Syntax
igmp-snooping { enable | disable }
View
System view
1-4
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
Parameter
enable: Enables the IGMP Snooping feature.
disable: Disables the IGMP Snooping feature.
Description
Use the igmp-snooping enable command to enable the IGMP Snooping feature.
Use the igmp-snooping disable command to disable the IGMP Snooping feature.
By default, the IGMP Snooping feature is disabled.
Example
# Enable the IGMP Snooping feature on the switch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] igmp-snooping enable
Enable IGMP-Snooping ok.
1.1.6 igmp-snooping fast-leave
Syntax
igmp-snooping fast-leave [ vlan vlan-list ]
undo igmp-snooping fast-leave [ vlan vlan-list ]
View
System view, Ethernet port view
Parameter
vlan-list: Multiple VLANs in the form of vlan-list = { vlan-id [ to vlan-id ] } & < 1-10 >. The
vlan-id argument is the ID of the VLAN, in the range of 1 to 4,094. &<1-10> means that
you can provide the argument repeatedly for up to ten times.
Description
Use the igmp-snooping fast-leave command to enable IGMP fast leave processing.
Use the undo igmp-snooping fast-leave command to cancel the configuration.
By default, IGMP fast leave processing is disabled.
Normally, when receiving an IGMP Leave message, IGMP Snooping does not
immediately remove the port from the multicast group, but sends a group-specific query
message. If no response is received in a given period, it then removes the port from the
multicast group.
1-5
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
If this command is executed, when receiving an IGMP Leave packet, IGMP Snooping
removes the port from the multicast group directly. When the port has only one user,
enabling IGMP fast leave processing can save bandwidth.
Note:
z
This feature is effective for IGMP-V2-enabled clients.
z
When this feature is enabled, if one of the multiple users on a port leaves, the
multicast services for the other users in the same multicast group may be
interrupted.
Example
# Enable IGMP fast leave processing on Ethernet1/0/1 port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] igmp-snooping fast-leave
1.1.7 igmp-snooping group-limit
Syntax
igmp-snooping
group-limit
limit
[
vlan
vlan-list
[
overflow-replace
]
|
overflow-replace ]
undo igmp-snooping group-limit [ vlan vlan-list ]
View
Ethernet port view
Parameter
limit: Maximum number of multicast groups the port can join, in the range of 1 to 256.
overflow-replace: Allows a new multicast group to replace an old multicast group or
old multicast groups. If this keyword is not provided in the specified VLAN, all multicast
groups are replaced by default. If this keyword is provided in the specified VLAN, the
multicast group with the smallest IP address is replaced preferentially.
vlan-list: Multiple VLANs in the form of vlan-list = { vlan-id [ to vlan-id ] } & < 1-10 >. The
vlan-id argument is the ID of the VLAN, in the range of 1 to 4,094. &<1-10> means that
you can provide the argument repeatedly for up to ten times.
1-6
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
Description
Use the igmp-snooping group-limit command to define the maximum number of
multicast groups the port can join.
Use the undo igmp-snooping group-limit command to restore the default setting.
By default, there is no limit on the number of multicast groups the port can join.
Example
# Allow the GigabitEthernet1/0/1 port to join at most 200 multicast groups.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface GigabitEthernet 1/0/1
[3Com-GigabitEthernet1/0/1] igmp-snooping group-limit 200
1.1.8 igmp-snooping group-policy
Syntax
igmp-snooping group-policy acl-number [ vlan vlan-list ]
undo igmp-snooping group-policy [ vlan vlan-list ]
View
System view, Ethernet port view
Parameter
acl-number: Basic ACL number, in the range of 2000 to 2999.
vlan-id: ID of the VLAN for the Ethernet port, in the range of 1 to 4094.
Description
Use the igmp-snooping group-policy command to configure an IGMP Snooping
filtering ACL.
Use the undo igmp-snooping group-policy command to remove the IGMP Snooping
filtering ACL.
By default, no IGMP Snooping filtering ACL is configured.
You can configure multicast filtering ACLs globally or on the switch ports connected to
user ends so as to use the IGMP Snooping filter function to limit the multicast streams
that the users can access. With this function, you can treat different VoD users in
different ways by allowing them to access the multicast streams in different multicast
groups.
In practice, when a user orders a multicast program, an IGMP host report message is
generated. When the message arrives at the switch, the switch examines the multicast
1-7
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
filtering ACL configured on the access port to determine if the port can join the
corresponding multicast group or not. If yes, it adds the port to the forward port list of
the multicast group. If not, it drops the IGMP host report message and does not forward
the corresponding data stream to the port. In this way, you can control the multicast
streams that users can access.
An ACL rule defines a multicast address or a multicast address range (for example
224.0.0.1 to 239.255.255.255) and is used to.
z
Allow the port(s) to join only the multicast group(s) defined in the rule by a permit
statement.
z
Inhibit the port(s) from joining the multicast group(s) defined in the rule by a deny
statement.
Note:
z
One port can belong to multiple VLANs. But for each VLAN on the port, you can
configure only one ACL.
z
If the port does not belong to the specified VLAN, the filter ACL you configured does
not take effect on the port.
z
If no ACL rule is configured in the command, the system will reject the multicast
packets from all the multicast groups.
z
Since most devices broadcast unknown multicast packets, this function is often
used together with the unknown multicast packet drop function to prevent multicast
streams from being broadcasted to a filtered port as unknown multicast.
Example
# Configure ACL 2000 to allow users under port Ethernet 1/0/1 to access the multicast
streams in groups 225.0.0.0 to 225.255.255.255.
z
Configure ACL 2000.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] acl number 2000
[3Com-acl-basic-2000] rule permit source 225.0.0.0 0.255.255.255
[3Com-acl-basic-2000] quit
z
Create VLAN 2 and add Ethernet 1/0/1 port to VLAN 2.
[3Com] vlan 2
[3Com-vlan2] port Ethernet 1/0/1
Gigabit[3Com-vlan2] quit
z
Configure ACL 2000 on Ethernet 1/0/1 to allow this VLAN 2 port to join only the
IGMP multicast groups defined in the rule of ACL 2000.
[3Com] interface Ethernet 1/0/1
1-8
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
[3Com-Ethernet1/0/1] igmp-snooping group-policy 2000 vlan 2
[3Com-Ethernet1/0/1] quit
# Configure ACL 2001 to allow users under Ethernet 1/0/2 to access the multicast
streams in any groups except groups 225.0.0.0 to 225.0.0.255.
z
Configure ACL 2001.
[3Com] acl number 2001
[3Com-acl-basic-2001] rule deny source 225.0.0.0 0.0.0.255
[3Com-acl-basic-2001] rule permit source any
[3Com-acl-basic-2001] quit
z
Create VLAN 2 and add Ethernet 1/0/2 to VLAN 2.
[3Com] vlan 2
[3Com-vlan2] port Ethernet 1/0/2
[3Com-vlan2] quit
z
Configure ACL 2001 on Ethernet 1/0/2 to allow this VLAN 2 port to join any IGMP
multicast groups except those defined in the deny rule of ACL 2001.
[3Com] interface Ethernet 1/0/2
[3Com-Ethernet1/0/2] igmp-snooping group-policy 2001 vlan 2
1.1.9 igmp-snooping host-aging-time
Syntax
igmp-snooping host-aging-time seconds
undo igmp-snooping host-aging-time
View
System view
Parameter
seconds: Aging time of multicast member ports, in the range of 200 to 1000 in seconds.
Description
Use the igmp-snooping host-aging-time command to configure the aging time of
multicast member port.
Use the undo igmp-snooping host-aging-time command to restore the default aging
time.
By default, the aging time of multicast member ports is 260 seconds.
The aging time of multicast member ports determines the refresh frequency of multicast
group members. In an environment where multicast group members change frequently,
a relatively shorter aging time is required.
Related command: igmp-snooping.
1-9
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
Example
# Set the aging time of multicast member ports to 300 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] igmp-snooping host-aging-time 300
1.1.10 igmp-snooping max-response-time
Syntax
igmp-snooping max-response-time seconds
undo igmp-snooping max-response-time
View
System view
Parameter
seconds: Query response timeout time, in the range of 1 to 25 in seconds.
Description
Use the igmp-snooping max-response-time command to configure the query
response timeout time.
Use the undo igmp-snooping max-response-time command to restore the default
timeout time.
By default, the query response timeout time is 10 seconds.
The maximum response time you configured determines how long the switch can wait
for a response to an IGMP Snooping query message.
Related command: igmp-snooping, igmp-snooping router-aging-time.
Example
# Set the query response timeout time to 15 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] igmp-snooping max-response-time 15
1.1.11 igmp-snooping report-aggregation
Syntax
igmp-snooping report-aggregation
1-10
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
View
System view
Parameter
None
Description
Use the igmp-snooping report-aggregation command to enable suppression on
Layer 2 multicast IGMP report packets. In the IGMP-snooping-enabled VLAN, only one
IGMP report packet is sent to the upstream router port in an interval.
Use the undo igmp-snooping report-aggregation command to disable suppression
on Layer 2 multicast IGMP report packets.
By default, suppression on IGMP report packets is disabled.
Note:
z
IGMP snooping must be enabled globally before the suppression on IGMP report
packets is enabled.
z
If IGMP snooping is disabled globally, the suppression on IGMP report packets is
disabled simultaneously.
Example
# Enable suppression on Layer 2 multicast IGMP report packets on the switch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] igmp-snooping enable
[3Com] igmp-snooping report-aggregation
1.1.12 igmp-snooping router-aging-time
Syntax
igmp-snooping router-aging-time seconds
undo igmp-snooping router-aging-time
View
System view
Parameter
seconds: Aging time of the router port, in the range of 1 to 1000 in seconds.
1-11
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
Description
Use the igmp-snooping router-aging-time command to configure the aging time of
the router port.
Use the undo igmp-snooping router-aging-time command to restore the default
aging time.
By default, the aging time of the router port is 105 seconds.
The router port here refers to the port connecting the Layer 2 switch to the router. The
Layer 2 switch receives IGMP general query messages from the router through this
port. The aging time of the router port should be a value about 2.5 times of the general
query interval.
Related command: igmp-snooping max-response-time, igmp-snooping.
Example
# Set the aging time of the router port to 500 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] igmp-snooping router-aging-time 500
1.1.13 multicast-vlan enable
Syntax
multicast-vlan enable
undo multicast-vlan enable
View
VLAN view
Parameter
None
Description
Use the multicast-vlan enable command to configure the current VLAN as a multicast
VLAN.
Use the undo multicast-vlan enable command to disable the current VLAN from
being a multicast VLAN.
By default, the multicast VLAN feature is disabled.
1-12
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
Caution:
z
A multicast VLAN cannot be configured as a multicast sub-VLAN.
z
A multicast sub-VLAN cannot be configured as a multicast VLAN.
z
A multicast sub-VLAN cannot be configured as the sub-VLAN of other multicast
VLANs.
z
One multicast sub-VLAN is corresponding to only one multicast VLAN.
z
If multicast routing is enabled on a VLAN interface, the corresponding VLAN cannot
be configured as a multicast VLAN.
Example
# Configure VLAN 2 as a multicast VLAN.
<3Com> system-view
Enter system view, return to user view with Ctrl+Z
[3Com] igmp-snooping enable
[3Com] vlan 2
[3Com-vlan2] multicast-vlan enable
1.1.14 multicast-vlan subvlan
Syntax
multicast-vlan vlan-id subvlan vlan-list
undo multicast-vlan vlan-id subvlan vlan-list
View
System view
Parameter
vlan-id: ID of the specified VLAN.
vlan-list: Multiple VLANs in the form of vlan-list = { vlan-id [ to vlan-id ] } & < 1-10 >. The
vlan-id argument is the ID of the VLAN, in the range of 1 to 4,094. &<1-10> means that
you can provide the argument repeatedly for up to ten times.
Description
Use the multicast-vlan subvlan command to configure one or multiple VLANs as the
sub-VLAN(s) of the multicast VLAN.
Use the undo multicast-vlan subvlan command to cancel the sub-VLANs of the
multicast VLAN.
1-13
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
By default, no sub-VLAN is configured for a multicast VLAN.
Caution:
z
A multicast VLAN cannot be configured as a multicast sub-VLAN.
z
A multicast sub-VLAN cannot be configured as a multicast VLAN.
z
A multicast sub-VLAN cannot be configured as the sub-VLAN of other multicast
VLANs.
z
One multicast sub-VLAN is corresponding to only one multicast VLAN.
z
If multicast routing is enabled on a VLAN interface, the corresponding VLAN cannot
be configured as a multicast VLAN.
Example
# Configure VLAN 2 to VLAN 5 as the sub-VLANs of the multicast VLAN 10.
<3Com> system-view
Enter system view, return to user view with Ctrl+Z
[3Com] igmp-snooping enable
[3Com] vlan 10
[3Com-vlan10] igmp-snooping enable
[3Com-vlan10] multicast-vlan enable
[3Com-vlan10] quit
[3Com] multicast-vlan 10 subvlan 2 to 5
1.1.15 reset igmp-snooping statistics
Syntax
reset igmp-snooping statistics
View
User view
Parameter
None
Description
Use the reset igmp-snooping statistics command to clear IGMP Snooping statistics.
Related command: igmp-snooping.
1-14
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 1 IGMP Snooping Configuration Commands
Example
# Clear IGMP Snooping statistics.
<3Com> reset igmp-snooping statistics
1-15
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
Chapter 2 Common IP Multicast Configuration
Commands
2.1 Common IP Multicast Configuration Commands
2.1.1 display mpm forwarding-table
Syntax
display mpm forwarding-table [ group-address | source-address ]
View
Any view
Parameter
group-address: Multicast group address to specify a multicast group, in the range of
224.0.0.0 to 239.255.255.255.
source-address: IP address of the multicast source.
Description
Use the display mpm forwarding-table command to display the information about
multicast forwarding tables containing port information.
Only the (S, G) entry is displayed when the group address or source address is
specified. Otherwise, the command displays all the entries.
If you want to query the information about multicast forwarding tables without port
information, you can use the display multicast forwarding-table command.
Example
# Query the information about the multicast forwarding table containing port
information.
<3Com> display mpm forwarding-table
Multicast Forwarding Cache Table
Total 1 entry(entries)
00001. (120.0.0.2, 225.0.0.2)
iif Vlan-interface1200
1 oif(s):
Vlan-interface32
2-1
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
GigabitEthernet3/0/19
Total 1 entry(entries) Listed
Multicast Forwarding Cache Table
Total 1 entry(entries)
00001. (10.11.113.110, 226.1.1.1)
in-vlan Vlan1
2 out-vlan(s):
Vlan20
Ethernet5/1/33
Vlan10
Ethernet5/1/31
Total 1 entry(entries) Listed
Table 2-1 describes the fields in the displayed information above:
Table 2-1 Description on the fields of the display mpm forwarding-table command
Field
Description
Multicast Forwarding Cache Table
Multicast forwarding table
Total 1 entries
Total number of entries
00001
Serial number of an entry
(120.0.0.2, 225.0.0.2)
(s,g), namely, (source address, group
address)
iif Vlan-interface1200
The incoming VLANM of the multicast
forwarding table is VLAN 1200.
2 out-vlan(s):
There are two outgoing VLANs in the
multicast forwarding table.
2 out-vlan(s):
The first outgoing VLAN is VLAN 20, with
the outgoing port Ethernet5/1/33.
Vlan20
The second outgoing VLAN is VLAN 10,
with the outgoing port Ethernet5/1/31.
Ethernet5/1/33
Vlan10
Ethernet5/1/31
Total 1 entry(entries) Listed
One (S, G) entry is listed.
2.1.2 display mpm group
Syntax
display mpm group [ vlan vlan-id [ ip-address ] ]
2-2
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
View
Any view
Parameter
vlan vlan-id: Displays the VLAN where the multicast group information lies. If this
keyword is not specified, the command displays the multicast group information in all
VLANs.
ip-address: IP address of the multicast group to be displayed.
Description
Use the display mpm group command to display the information about the IP
multicast groups and MAC multicast groups in the specified VLAN or all the VLANs on
the switch.
The displayed information includes:
z
VLAN identifier
z
Router port
z
Address of the IP multicast group
z
Member ports in the IP multicast group
z
MAC multicast group
z
Address of the MAC multicast group
z
Member ports in the MAC multicast group
Caution:
z
The fields of this command are similar to those of the display igmp group
command, except that the information of the specific ports is added.
z
The fields of this command are the same as those of the display igmp-snooping
group command except that the displayed VLANs are of different attributes.
z
The display igmp-snooping group command displays the information about ports
joining in layer-2 multicast groups in IGMP-snooping-enabled VLANs, while the
display mpm group command displays the information about ports joining in
layer-3 multicast groups in IGMP-enabled VLANs.
Example
# Display the information about multicast groups in VLAN 2.
<3Com> display mpm group vlan 1200
2-3
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
Total 2 IP Group(s).
Total 2 MAC Group(s).
Vlan(id):1200.
Total 2 IP Group(s).
Total 2 MAC Group(s).
Static router port(s):
Dynamic router port(s):
IP group(s):the following ip group(s) match to one mac group.
IP group address:228.0.0.1
Host port(s):GigabitEthernet2/0/12
MAC group(s):
MAC group address:0100-5e00-0001
Host port(s):GigabitEthernet2/0/12
IP group(s):the following ip group(s) match to one mac group.
IP group address:228.0.0.0
Host port(s):GigabitEthernet2/0/12
MAC group(s):
MAC group address:0100-5e00-0000
Host port(s):GigabitEthernet2/0/12
Table 2-2 Description on the fields of the display mpm group command
Field
Description
Vlan(id):1200.Vlan(id):2.
Multicast groups in VLAN 1200
Static router port(s)
Static router port(s)
Dynamic router port(s):
Dynamic router port(s)
IP group(s): the following ip group(s)
match to one mac group.
The following IP multicast groups match
the same MAC multicast group.
IP group address:228.0.0.1
The addresses of the IP multicast group
is 228.0.0.1.
Host port(s):GigabitEthernet2/0/12
The host port in the IP multicast group is
Ethernet2/0/12.
MAC group address:0100-5e00-0001
The address of the MAC multicast group
is 0100-5e00-0001.
Host port(s):GigabitEthernet2/0/12
The host port in the MAC multicast group
is Ethernet2/0/12.
2-4
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
2.1.3 display multicast forwarding-table
Syntax
display multicast forwarding-table [ group-address [ mask { group-mask |
mask-length } ] | source-address [ mask { group-mask | mask-length } ] |
incoming-interface { interface-type interface-number ] register } ]*
View
Any view
Parameter
group-address: Address of the specified multicast group, in the range of 224.0.0.0 to
239.255.255.255.
source-address: Unicast IP address of the multicast source.
incoming-interface: Incoming interface of the specified multicast forwarding entry.
register: Registration VLAN interface of the PIM-SM protocol.
Description
Use the display multicast forwarding-table command to display the information
about MAC forwarding tables.
Related command: display multicast routing-table.
Example
# Display the information about MAC forwarding tables.
<3Com> display multicast forwarding-table
Multicast Forwarding Cache Table
Total 1 entry: 0 entry created by IP, 1 entry created by protocol
00001. (10.0.0.4, 225.1.1.1), iif Vlan-interface2, 0 oifs,
Protocol Create
Matched 122 pkts(183000 bytes), Wrong If 0 pkts
Forwarded 122 pkts(183000 bytes)
Total 1 entry Listed
Table 2-3 describes the displayed information above.
Table 2-3 Description on the fields of the display multicast forwarding-table
command
Field
Description
Multicast Forwarding Cache Table
2-5
Multicast forwarding table
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
Field
Description
Total 1 entries
Total number of entries
00001
Serial number of an entry
(10.0.0.4, 225.1.1.1)
(s,g)
iif Vlan-interface2, 0 oifs
The incoming interface of the multicast
forwarding table is Vlan-interface 2, and
the multicast forwarding table does not
have an outgoing interface.
Matched 122 pkts(183000 bytes), Wrong
If 0 pkts
Forwarded 122 pkts(183000 bytes)
122 packets which are 183,000 bytes in
all match the (s, g) entry, and 0 wrong
packet matches with the (s, g) entry.
122 packets which are 183,000 bytes in
all are forwarded.
2.1.4 display multicast routing-table
Syntax
display multicast routing-table [ group-address [ mask { mask | mask-length } ] |
source-address [ mask { mask | mask-length } ] | incoming-interface { interface-type
interface-number | register } ]*
View
Any view
Parameter
group-address: Multicast group address to specify a multicast group and display the
routing table information corresponding to this group, in the range of 224.0.0.0 to
239.255.255.255.
source-address: Unicast IP address of the multicast source.
incoming-interface: Specifies the incoming interface of the multicast routing entry.
register: Registration interface of PIM-SM.
Description
Use the display multicast routing-table command to display the information about
the IP multicast routing table.
This command is used to display the information about the multicast routing table, while
the display multicast forwarding-table command is used to display the information
about the multicast forwarding table.
2-6
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
Example
# Query the information about the routing entries corresponding to the multicast group
225.1.1.1.1 in the multicast routing table.
<3Com> display multicast routing-table
Multicast Routing Table
Total 3 entries
(4.4.4.4, 224.2.149.17)
Uptime: 00:15:16, Timeout in 272 sec
Upstream interface: Vlan-interface1(4.4.4.6)
Downstream interface list:
Vlan-interface2(2.2.2.4), Protocol 0x1: IGMP
(4.4.4.4, 224.2.254.84)
Uptime: 00:15:16, Timeout in 272 sec
Upstream interface: Vlan-interface1(4.4.4.6)
Downstream interface list: NULL
(4.4.4.4, 239.255.2.2)
Uptime: 00:02:57, Timeout in 123 sec
Upstream interface: Vlan-interface1(4.4.4.6)
Downstream interface list: NULL
Matched 3 entries
The following table describes the fields in the displayed information.
2-7
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
Table 2-4 Description on the fields of the display multicast routing-table command
Field
Description
Multicast Routing Table
Multicast routing table
Total 3 entries
There are 3 entries in all in the multicast
routing table.
(4.4.4.4, 224.2.149.17)
(s,g) of the multicast routing table
Uptime: 00:15:16, Timeout in 272 sec
The entry is up for 15 minutes and 16
seconds, and it times out in 272 seconds.
Upstream
Vlan-interface1(4.4.4.6)
interface:
The IP address of the upstream interface
is 4.4.4.6.
Downstream interface list:
Vlan-interface2(2.2.2.4),
0x1: IGMP
Protocol
Downstream interface list:
The IP address of the downstream
interface is 2.2.2.4.
The downstream interface is added by
the IGMP protocol.
Matched 3 entries
Three entries match the configuration.
2.1.5 display multicast-source-deny
Syntax
display multicast-source-deny [ interface interface-type [ interface-number ] ]
View
Any view
Parameter
interface-type: Port type.
interface-number: Port number.
Description
Use the display multicast-source-deny command to display the configuration
information about the multicast source port check.
When you use this command to display the information,
z
If you specify neither the port type nor the port number, the multicast source port
check information about all the ports on the switch is displayed.
z
If you specify the port type only, the multicast source port check information about
all ports of this type is displayed.
2-8
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
If you specify both the port type and the port number, the multicast source port
z
check information about the specified port is displayed.
Example
# Display the multicast source port suppression state of Ethernet 1/0/1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] display multicast-source-deny Ethernet 1/0/1
# Display the multicast source port suppression state of all the 100M Ethernet ports.
[3Com] display multicast-source-deny interface Ethernet
2.1.6 multicast load-sharing enable
Syntax
multicast load-sharing enable
undo multicast load-sharing enable
View
System view
Parameter
None
Description
Use the multicast load-sharing enable command to enable multicast load sharing.
Use the undo multicast load-sharing enable command to disable multicast load
sharing.
Multicast load sharing is disabled by default.
Caution:
z
If layer-3 multicast or multicast VLAN is enabled, multicast load sharing is enabled
by default, that is, this command does not take effect.
Example
# Enable multicast load sharing.
<3Com>system-view
2-9
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] multicast load-sharing enable
2.1.7 multicast route-limit
Syntax
multicast route-limit limit
undo multicast route-limit
View
System view
Parameter
limit: Limit on the capacity of the multicast routing table, in the range of 0 to 1,024.
Description
Use the multicast route-limit command to limit the capacity of the multicast routing
table. The router will drop the protocols and packets of the new (S, G).
Use the undo multicast route-limit command to restore the default limit on the
capacity of the multicast routing table.
The limit on the capacity of the multicast routing table is 256 by default.
If the number of existing routing entries exceeds the value to be configured when you
configure this command, the existing entries in the routing table will not be removed.
Instead, the system will prompt that the number of existing routing entries is more than
the limit to be configured.
If you execute this command again, the new configuration will overlap the former
configuration.
Example
# Set the limit on the capacity of the multicast routing table to 100.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast route-limit 100
2.1.8 multicast routing-enable
Syntax
multicast routing-enable
undo multicast routing-enable
2-10
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
View
System view
Parameter
None
Description
Use the multicast routing-enable command to enable the IP multicast routing feature.
Use the undo multicast routing-enable command to disable the IP multicast routing
feature.
The IP multicast routing feature is disabled by default.
Example
# Enable the IP multicast routing feature.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
2.1.9 multicast static-router-port
Syntax
multicast static-router-port interface-type interface-number
undo multicast static-router-port interface-type interface-number
View
VLAN view
Parameter
interface-type: Port type.
interface-number: Port number.
Description
Use the multicast static-router-port command to specify the Ethernet port as the
static router port of the current VLAN.
Use the undo multicast static-router-port command to disable the static router port
configuration.
By default, no static router port is configured for the VLAN.
2-11
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
Caution:
z
Up to 256 static router ports can be configured in a system.
z
Reflection ports cannot be configured as static router ports.
z
A port in a multicast sub-VLAN cannot be configured as a static router port.
Example
# Configure Ethernet1/0/1 in VLAN 2 as a static router port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 2
[3Com-vlan2] multicast static-router-port Ethernet 1/0/1
2.1.10 multicast static-router-port vlan
Syntax
multicast static-router-port vlan vlan-id
undo multicast static-router-port vlan vlan-id
View
Ethernet port view
Parameter
vlan-id: ID of the specified VLAN, in the range of 1 to 4,094.
Description
Use the multicast static-router-port vlan command to specify the current port in the
VLAN as a static router port.
Use the undo multicast static-router-port vlan command to disable the static router
port configuration.
By default, an Ethernet port is not specified as a static router port.
2-12
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
Caution:
z
Up to 256 static router ports can be configured in a system.
z
Reflection ports cannot be configured as static router ports.
z
A port in a multicast sub-VLAN cannot be configured as a static router port.
Example
# Configure Ethernet1/0/1 in VLAN 2 as a static router port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] multicast static-router-port vlan 2
2.1.11 multicast wrongif-holdtime
Syntax
multicast wrongif-holdtime seconds
undo multicast wrongif-holdtime
View
System view
Parameter
seconds: Holdtime to prevent wrongif packets from being reported to the CPU, in the
range of 0 to 300 seconds. During the configuration, if the seconds argument is less
than 15, the system sets the holdtime to 15; if the seconds argument is more than 15,
the system sets the holdtime to the multiples of 15 according to the user-defined range.
For example, if you set the seconds argument to 14, the system sets the holdtime to 15;
if you set the seconds argument to 16, the system sets the holdtime to 30; if you set the
seconds argument to 31, the system sets the holdtime to 45, and so on.
Description
Use the multicast wrongif-holdtime command to set the holdtime to prevent wrongif
packets from being reported to the CPU.
Use the undo multicast wrongif-holdtime command to restore the default holdtime.
By default, the holdtime to prevent wrongif packets from being reported to the CPU is
15 seconds.
2-13
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
When the switch receives a multicast packet, the switch will search the multicast
forwarding entry according to the source address and destination address of the packet.
If the matching forwarding entry is found and the packet is received on the right ingress
of the forwarding entry, the packet will be forwarded according to the forwarding entry. If
the packet is not received on the right ingress of the forwarding entry, the packet is
regarded as a wrongif packet. The wrongif packet will be reported to the CPU.
In some network, many wrongif packets will be reported to the CPU of the switch, thus
aggravating the workload of the switch. In this case, you can configure the holdtime of
wrongif packets, so that the wrongif packets will be dropped instead of being forwarded
to the CPU of the switch, and the CPU will be prevented from being stricken by too
many packets.
In the configured holdtime, wrongif packets are not reported to the CPU, so that the
CPU can be prevented from being stricken by too many multicast packets.
Example
# Set the holdtime of wrongif packets to 60 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast wrongif-holdtime 60
2.1.12 multicast-source-deny
Syntax
multicast-source-deny enable [ interface interface-list ]
undo multicast-source-deny enable [ interface interface-list ]
View
System view, Ethernet port view
Parameter
interface-list: Specifies Ethernet port list, expressed in the form of interface-list =
{ { interface-type interface-num | interface-name } [ to { interface-type interface-num |
interface-name } ] }&<1-10>. The interface-number argument refers to one single
Ethernet port, expressed in the form of interface-number = { interface-type
interface-number | interface-name }, where the interface-type argument refers to the
port type, the interface-number argument refers to the port number, and the
interface-name argument refers to the port name. For meanings and value ranges of
interface-type, interface-number and interface-name, refer to the parameters in the
section “Port Basic Configuration” in this manual.
2-14
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
Description
Use the multicast-source-deny enable command to enable the multicast source port
suppression feature.
Use the undo multicast-source-deny enable command to restore the default setting.
By default, the multicast source port suppression feature is disabled on all the ports.
The multicast source port suppression feature can filter multicast packets on the
unauthorized multicast source port in order to avoid the case that the user connected to
the port sets the multicast server privately.
In the system view, if the interface-list argument is not specified, the multicast source
port suppression feature is enabled globally, that is, the feature is enabled on all the
ports of the switch; if the interface-list argument is specified, the multicast source port
suppression feature is enabled on the specified ports. In Ethernet port view, the
interface-list argument cannot be specified in the command and you can use the
command to enable the multicast source port suppression feature on the current port
only.
Example
# Enable the multicast source port suppression feature on all the ports of the switch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast-source-deny enable
# Enable the multicast source port suppression feature on Ethernet 1/0/1 through
Ethernet 1/0/10 and Ethernet 1/0/12.
[3Com] multicast-source-deny enable interface Ethernet 1/0/1 to Ethernet
1/0/10 Ethernet 1/0/12
2.1.13 reset multicast forwarding-table
Syntax
reset multicast forwarding-table [ statistics ] { all | { group-address [ mask
{ group-mask | group-mask-length } ] | source-address [ mask { source-mask |
source-mask-length } ] | incoming-interface interface-type interface-number } * }
View
User view
Parameter
statistics: Clears the statistics information about MFC forwarding entries if this
keyword is specified. Otherwise, MFC forwarding entries will be cleared.
all: Refers to all MFC forwarding entries.
2-15
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
group-address: Specifies the group address.
group-mask: Specifies the mask of the group address.
group-mask-length: Specifies the mask length of the group address.
source-address: Specifies the source address.
source-mask: Specifies the mask of the source address.
source-mask-length: Specifies the mask length of the source address.
incoming-interface: Specifies the incoming interface of the forwarding entry.
interface-type interface-number: VLAN interface type and VLAN interface number.
Description
Use the reset multicast forwarding-table command to clear MFC forwarding entries
or the statistics information about MFC forwarding entries.
The order of the group-address argument and the source-address argument can be
turned over. However, you must input valid group addresses and source addresses.
Otherwise, the system prompts error.
Related command: reset pim routing-table, reset multicast routing-table, and
display multicast forwarding-table.
Example
# Clear the forwarding entries whose group address is 225.5.4.3 in the MFC forwarding
table.
<3Com> reset multicast forwarding-table 225.5.4.3
# Clear the statistics information about the forwarding entries whose group address is
225.5.4.3 in the MFC forwarding table.
<3Com> reset multicast forwarding-table statistics 225.5.4.3
2.1.14 reset multicast routing-table
Syntax
reset multicast routing-table { all | { group-address [ mask { group-mask |
group-mask-length } ] | source-address [ mask { source-mask | source-mask-length } ] |
incoming-interface interface-type interface-number } * }
View
User view
Parameter
all: All routing entries in the multicast core routing table.
group-address: Specifies the group address.
2-16
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 2 Common IP Multicast Configuration Commands
group-mask: Specifies the mask of the group address.
group-mask-length: Specifies the mask length of the group address.
source-address: Specifies the source address.
source-mask: Specifies the mask of the source address.
source-mask-length: Specifies the mask length of the source address.
incoming-interface: Specifies the incoming interface of the routing entry.
interface-type interface-number: VLAN interface type and VLAN interface number.
Description
Use the reset multicast routing-table command to clear the routing entries in the
multicast core routing table and remove the corresponding forwarding entries in the
MFC forwarding table.
The order of the group-address argument and the source-address argument can be
turned over. However, you must input valid group addresses and source addresses.
Otherwise, the system prompts error.
Related command: reset pim routing-table, reset multicast forwarding-table and
display multicast forwarding-table.
Example
# Clear the routing entries whose group address is 225.5.4.3 from the multicast core
routing table.
<3Com> reset multicast routing-table 225.5.4.3
2-17
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 3 Multicast MAC Address Entry Configuration
Commands
Chapter 3 Multicast MAC Address Entry
Configuration Commands
3.1 Multicast MAC Address Entry Configuration Commands
3.1.1 display mac-address multicast
Syntax
display mac-address multicast [ count ]
View
Any view
Parameter
count: Number of MAC entries.
Description
Use the display mac-address multicast static command to display the multicast
MAC address entry/entries configured on the switch.
Executing this command with the count keyword will display the information about the
number of multicast MAC address entries configured on the switch.
Example
# Display all the multicast MAC address entries manually added in VLAN 1.
<3Com> display mac-address multicast count
1 mac address(es) found
3.1.2 mac-address multicast interface
Syntax
mac-address multicast mac-address interface interface-list vlan vlan-id
undo mac-address multicast [ mac-address [ interface interface-list ] vlan vlan-id ]
View
System view
Parameter
mac-address: Multicast MAC address.
3-1
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 3 Multicast MAC Address Entry Configuration
Commands
vlan-id: VLAN ID.
interface-list: Forwarding port list, in the format of { { interface-type interface-num } [ to
{ interface-type interface-num } ] }&<1-10>. Where, interface-type is a port type,
interface-number is a port number (refer to the parameter description of the interface
command in the port command module of this document), to is used to specify a port
range, and &<1-10> represents you can totally specify up to 10 ports and port ranges.
Description
Use the mac-address multicast command to manually add a multicast MAC address
entry.
Use the undo mac-address multicast command to remove a multicast MAC address
entry.
Each multicast MAC address entry contains: multicast address, forward port, VLAN ID,
and so on.
Related command: display mac-address multicast static.
Example
# Add a multicast MAC address entry, with multicast address 0100-5e0a-0805, forward
port Ethernet 1/0/1, and VLAN 1 to which the entry belongs.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mac-address multicast 0100-5e0a-0805 interface Ethernet 1/0/1 vlan 1
3-2
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
Chapter 4 IGMP Configuration Commands
Note:
When running IP multicast protocols, Ethernet switches also provide the functions of
switches. We use routers in this manual to stand for not only the common routers but
also the layer 3 Ethernet switches running IP multicast protocols.
4.1 IGMP Configuration Commands
4.1.1 display igmp group
Syntax
display igmp group [ group-address | interface interface-type interface-number ]
View
Any view
Parameter
group-address: Address of the multicast group.
interface-type interface-number: VLAN interface type and VLAN interface number of
the router which are used to specify a VLAN interface. .
Description
Use the display igmp group command to view the member information of the IGMP
multicast group.
You can specify to show the information of a group or the member information of the
multicast group on a VLAN interface. The displayed information contains the multicast
groups which are joined by the downstream hosts through IGMP or through command
line.
Related command: igmp host-join.
Example
# View the member information of multicast group in the system.
<3Com> display igmp group
LoopBack0 (20.20.20.20): Total 3 IGMP Groups reported:
4-1
3Com Switch 7750 Series
Command Reference Guide – Multicast
Group Address
Chapter 4 IGMP Configuration Commands
Last Reporter
Uptime
Expires
225.1.1.1
20.20.20.20
00:02:04
00:01:15
225.1.1.3
20.20.20.20
00:02:04
00:01:15
225.1.1.2
20.20.20.20
00:02:04
00:01:17
Table 4-1 Output description of the display igmp group command
Field
Description
Group address
Multicast group address
Last Reporter
The last host reporting to join in the
multicast group
Uptime
Time passed since multicast group is
discovered (hh: mm: ss).
Expires
Specifies when the member will be
removed from the multicast group (hh:
mm: ss).
4.1.2 display igmp interface
Syntax
display igmp interface [ interface-type interface-number ]
View
Any view
Parameter
interface-type interface-number: VLAN interface type and VLAN interface number of
the router which are used to specify a VLAN interface. If this argument is not specified,
the information about all the VLAN interfaces where IGMP is running is displayed.
Description
Use the display igmp interface command to view the IGMP configuration and running
information on a VLAN interface.
Example
# View the IGMP configuration and running information of all VLAN interfaces.
<3Com> display igmp interface
Vlan-interface1 (10.153.17.99):
IGMP is enabled
Current IGMP version is 2
Value of query interval for IGMP(in seconds): 60
Value of other querier time out for IGMP(in seconds): 120
4-2
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
Value of maximum query response time for IGMP(in seconds): 10
Value of robust count for IGMP: 2
Value of startup query interval for IGMP(in seconds): 15
Value of last member query interval for IGMP(in seconds): 1
Value of query timeout for IGMP version 1(in seconds): 400
Policy to accept IGMP reports: none
Querier for IGMP: 10.153.17.99 (this router)
IGMP group limit is 256
No IGMP group reported
Table 4-2 Description on the fields of the display igmp interface command
Field
Description
IGMP version
IGMP version
query interval
Interval of general query
querier timeout
Timeout time of the querier
max query response time
Maximum time of response to query
robust count
IGMP robust count, that is, the times of
sending IGMP group-specific query
packets before the IGMP querier
receives the IGMP leave packet from the
host
startup query interval
The startup interval of IGMP to send
query packets
last member query interval
The
interval
of
sending
IGMP
group-specific query packets when the
IGMP querier receives the IGMP leave
packets from the host
query timeout
Query timeout in IGMP version 1
Policy to accept IGMP reports
The filtering policy of the IGMP multicast
group to control the access to IP
multicast groups
Querier for IGMP
IGMP querier
IGMP group limit
Limit on the number of IGMP groups
added to the VLAN interface. The router
does not process new IGMP packets
when the number of IGMP packet
exceeds the limit
4.1.3 igmp enable
Syntax
igmp enable
4-3
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
undo igmp enable
View
VLAN interface view
Parameter
None
Description
Use igmp enable command to enable IGMP on an interface.
Use the undo igmp enable command to disable IGMP on the interface.
By default, IGMP is disabled on a VALN interface. .
These commands do not take effect until the multicast routing feature is enabled. After
this configuration, start to configure other IGMP features.
Related command: multicast routing-enable.
Example
# Enable IGMP on Vlan-interface 10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] igmp enable
4.1.4 igmp group-limit
Syntax
igmp group-limit limit
undo igmp group-limit
View
VALN interface view
Parameter
limit: Quantity of multicast groups, in the range of 0 to 256.
Description
Use the igmp group-limit command to limit the number of multicast groups on an
interface. The router does not process new packets when number of IGMP groups
exceeds the limit.
Use the undo igmp group-limit command to restore the default setting.
4-4
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
By default, 256 IGMP groups are added to a VLAN interface.
The new configuration overwrites the old one if you run the command for a second
time.
Caution:
z
New groups cannot be added when the number of IGMP multicast groups has
exceeded the configured limit.
z
If the number of existing multicast groups on the interface is more than the
configured limit, the system will remove some old groups automatically to satisfy the
configured limit.
Example
# Limit the maximum number of IGMP groups on Vlan-interface10 to 100.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] igmp group-limit 100
4.1.5 igmp group-policy
Syntax
igmp group-policy acl-number [ 1 | 2 | port interface-list ]
undo igmp group-policy [ port interface-list ]
View
VLAN interface view
Parameter
acl-number: Number of the basic IP access control list number, defining a multicast
group range. The value ranges from 2000 to 2999.
1: IGMP version 1.
2: IGMP version 2. If IGMP version is not specified, version 2 will be used by default.
port: Limits the IGMP packets passing the port and matching with the ACL rules.
interface-list: Forwarding port list in the form of interface-list = { interface-type
interface-number [ to { interface-type interface-number } ] }&<1-10>. The interface-type
argument refers to the port type, and the interface-number argument refers to the port
number. For the meanings and ranges of the two arguments, refer to the parameter
descriptions in part “Port Basic Configuration” in this manual.
4-5
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
Description
Use the igmp group-policy command to set the filter of multicast groups on the VLAN
interface to control the access to IP multicast groups.
Use undo igmp group-policy command to remove the filter configured.
By default, no filter is configured, that is, a host can join any multicast group.
If you do not want the hosts on the network that the VLAN interface is on to join some
multicast groups and receive packets from the multicast groups to use this command to
limit the range of the multicast groups serviced by the VLAN interface.
Related command: igmp host-join.
Caution:
Ethernet ports must belong to the igmp-group-policy-enabled VLAN interfaces only.
Example
# Configure the access-list 2000.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] acl number 2000
[3Com-acl-basic-2000] rule permit source 225.0.0.0 0.255.255.255
[3Com-acl-basic-2000] quit
# Configure that only the hosts matching ACL 2000 rules on VLAN-interface10 can be
added to the multicast group whose IGMP version is specified to 2.
[3Com-vlan-interface10] igmp group-policy 2000 2
4.1.6 igmp group-policy vlan
Syntax
igmp group-policy acl-number vlan vlan-id
undo igmp group-policy vlan vlan-id
View
Port view
Parameter
acl-number: Number of the basic IP access control list number, defining a multicast
group range. The value ranges from 2000 to 2999.
4-6
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
vlan-id: Specifies the ID for the VLAN to which the port belongs.
Description
Use the igmp group-policy vlan command to set the filter of multicast groups on a
port to control the access to the IP multicast groups.
Use the undo igmp group-policy vlan command to remove the configured filter.
By default, no filter is configured, that is, a host can join any multicast group.
This command has the same function with the igmp group-policy command. Note
that the configured port must belong to the specified VLAN, and the IGMP protocol
must be enabled on this port; otherwise, the configuration does not function.
Related command: igmp group-policy, igmp host-join vlan, and igmp host-join
port.
Example
# Configure that only the hosts matching ACL 2000 rules on Ethernet1/0/1 in
VLAN-interface10 can be added to the multicast group.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] igmp enable
[3Com-Vlan-interface10] quit
[3Com] interface Ethernet 0/1
[3Com-Ethernet0/1] port access vlan 10
[3Com-Ethernet0/1] igmp group-policy 2000 vlan 10
4.1.7 igmp host-join port
Syntax
igmp host-join group-address port interface-list
undo igmp host-join group-address port interface-list
View
VLAN interface view
Parameter
group-address: Multicast address of the multicast group that an interface will join.
port: Specifies the port in the VLAN interface.
interface-list: Forwarding port list in the form of interface-list = { interface-type
interface-number [ to { interface-type interface-number } ] }&<1-10>. The interface-type
argument refers to the port type, and the interface-number argument refers to the port
4-7
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
number. For the meanings and ranges of the two arguments, refer to the parameter
descriptions in part “Port Basic Configuration” in this manual.
Description
Use the igmp host-join port command to enable a port in the VLAN interface of a
switch to join a multicast group.
Use undo igmp host-join port command to disable the configuration.
By default, VLAN interfaces of a switch do not belong to any multicast group.
Related command: igmp group-policy.
Example
# Add port Ethernet 1/0/1 in VLAN-interface10 to the multicast group at 225.0.0.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] igmp host-join 225.0.0.1 port Ethernet 1/0/1
4.1.8 igmp host-join vlan
Syntax
igmp host-join group-address vlan vlan-id
undo igmp host-join group-address vlan vlan-id
View
Port view
Parameter
group-address: Multicast address of the multicast group that an interface will join.
vlan-id: Specifies the ID for the VLAN to which the port belongs.
Description
Use the igmp host-join vlan command to enable an Ethernet port to join a multicast
group.
Use the undo igmp host-join vlan command to disable the configuration.
By default, an Ethernet port does not join any multicast group.
Related command: igmp group-policy.
Example
# Add Ethernet 1/0/1 in VLAN-interface10 to the multicast group at 225.0.0.1.
<3Com> system-view
4-8
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] igmp enable
[3Com-Vlan-interface10] quit
[3Com] interface Ethernet 0/1
[3Com-Ethernet0/1] port access vlan 10
[3Com-Ethernet0/1] igmp host-join 225.0.0.1 vlan 10
4.1.9 igmp lastmember-queryinterval
Syntax
igmp lastmember-queryinterval seconds
undo igmp lastmember-queryinterval
View
VLAN interface view
Parameter
seconds: Interval for the IGMP querier to send IGMP group-specific query packets
when it receives IGMP leave packets from the host. It is in the range of 1 second to 5
seconds.
Description
Use the igmp lastmember-queryinterval command to set the Interval for the IGMP
querier to send IGMP group-specific query packets when it receives IGMP leave
packets from the host.
Use the undo igmp lastmember-queryinterval command to restore the default value.
The interval for the IGMP querier to send IGMP group-specific query packets is one
second by default.
In the shared network, that is, a same network segment including multiple hosts and
multicast routers, the query router (also known as querier) is responsible for
maintaining the IGMP group membership on the interface. When the IGMP v2 host
leaves a group, it sends an IGMP Leave message.
When receiving the IGMP Leave message, the IGMP querier must send the IGMP
group-specific query messages for specified times (by the robust-value argument in the
igmp robust-count command, with default value as 2) in a specified time interval (by
the seconds argument in the igmp lastmember-queryinterval command, with default
value as 1 second). If other hosts which are interested in the specified group receive
the IGMP query message from the IGMP query router, they will send back the IGMP
Membership Report message within the specified maximum response time interval. If it
receives the IGMP Membership Report message within the defined period (equal to
4-9
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
robust-value × seconds), the IGMP query router continue to maintain the membership
of this group. When receiving no IGMP Membership Report message from any hosts
within the defined period, the IGMP query router considers it as timeout and stops
membership maintenance for the group.
This command is only available on the IGMP query router running IGMP v2. For the
host running IGMP v1, this command cannot take effect because the host does not
send the IGMP Leave message when it leaves a group.
For the related command, see igmp robust-count and display igmp interface.
Example
# Set the query interval at the Vlan-interface10 as 3 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] igmp lastmember-queryinterval 3
4.1.10 igmp max-response-time
Syntax
igmp max-response-time seconds
undo igmp max-response-time
View
VLAN interface view
Parameter
seconds: Maximum response time in the IGMP query messages in second in the range
from 1 to 25. By default, the value is 10 seconds.
Description
Use the igmp max-response-time command to configure the maximum response
time contained in the IGMP query messages.
Use the undo igmp max-response-time command to restore the default value.
The maximum query response time is 10 seconds by default.
The maximum query response time determines the period for a router to quickly detect
that there are no more directly connected group members in a LAN.
Related command: display igmp group.
Example
# Set the maximum response time carried in host-query packets to 8 seconds.
4-10
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] igmp max-response-time 8
4.1.11 igmp proxy
Syntax
igmp proxy Vlan-interface interface-number
undo igmp proxy
View
Interface view
Parameter
interface-number: Proxy interface number.
Description
Use the igmp proxy command to specify an interface of the Layer 3 endpoint switch as
the IGMP proxy interface of another interface.
Use the undo igmp proxy command to disable this configuration.
The IGMP proxy feature is disabled by default.
You must enable the PIM protocol on the interface first before enabling the igmp proxy
command on the interface. Only one IGMP proxy interface can be configured for an
interface.
One interface cannot serve as the IGMP proxy interface of two or more interfaces.
If the IGMP proxy feature is configured on the same interface for multiple times, the
latest configuration takes effect.
Related command: pim neighbor-policy.
Caution:
z
Multicast routing protocol IGMP must be enabled on proxy interfaces.
z
You must enable PIM-DM before on the interface before configuring the igmp
proxy command on the interface. Otherwise, IGMP proxy does not take effect.
z
Only one IGMP proxy interface can be configured for an interface.
4-11
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
Example
# Configure VLAN-interface 2 as the IGMP proxy interface of VLAN-interface 1 on the
Layer 3 switch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] interface vlan-interface 1
[3Com-Vlan-interface1] igmp enable
[3Com- Vlan-interface1] igmp proxy vlan-interface 2
4.1.12 igmp report-aggregation
Syntax
igmp report-aggregation
View
System view
Parameter
None
Description
Use the igmp report-aggregation command to enable suppression on Layer 3
multicast IGMP report packets. On an IP-multicast-routing-enabled switch, the VLAN
interface receives only the first IGMP report packet from a multicast group in a query
interval.
Use the undo igmp-snooping report-aggregation command to disable suppression
on Layer 3 multicast IGMP report packets.
By default, suppression on IGMP report packets is disabled.
Note:
z
You must enable IP multicast routing globally before configuring suppression on
IGMP report packets.
z
If IP multicast routing is disabled globally, suppression on IGMP report packets is
disabled simultaneously.
Example
# Enable suppression on Layer 3 multicast IGMP report packets on the switch.
4-12
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] igmp report-aggregation
4.1.13 igmp robust-count
Syntax
igmp robust-count robust-value
undo igmp robust-count
View
VLAN interface view
Parameter
robust-value: IGMP robust value, number of sending the IGMP group-specific query
packets after the IGMP querier receives the IGMP Leave packet from the host. It is in
the range of 2 times to 5 times.
Description
Use the igmp robust-count command to set the number of sending the IGMP group
query message after the IGMP query router receives the IGMP Leave message from
the host.
Use the undo igmp robust-count command to restore the default value.
By default, an IGMP querier sends IGMP group-specific query packets twice.
In the shared network, that is, a same network segment including multiple hosts and
multicast routers, the query router is responsible for maintaining the IGMP group
membership on the interface. When the IGMP v2 host leaves a group, it sends an
IGMP Leave message. When receiving the IGMP Leave message, IGMP query router
must send the IGMP group-specific query message for specified times (by the
robust-value parameter in the igmp robust-count command, with default value as 2)
in
a
specified
time
interval
(by
the
seconds
parameter
in
the
igmp
lastmember-queryinterval command, with default value as 1 second). If other hosts
which are interested in the specific group receive the IGMP group-specific query
packets from the IGMP query router, they will send back the IGMP Membership Report
packets within the specified maximum response time interval. If it receives the IGMP
Membership Report packets within the defined period (equal to robust-value ×
seconds), the IGMP query router continue to maintain the membership of this group.
When receiving no IGMP Membership Report packet from any hosts within the defined
period, the IGMP query router considers it as timeout and stops membership
maintenance for the group.
4-13
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
This command is only available on the IGMP query router running IGMP v2. For the
host running IGMP v1, this command cannot take effect because the host does not
send IGMP Leave packets when it leaves a group.
Related command: igmp lastmember-queryinterval and display igmp interface.
Example
# Set the robust value of the Vlan-interface 10 to 3.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] igmp robust-count 3
4.1.14 igmp timer other-querier-present
Syntax
igmp timer other-querier-present seconds
undo igmp timer other-querier-present
View
VLAN interface view
Parameter
seconds: Presence time of the IGMP querier, in the range of 1 to 131,070 in seconds.
Description
Use the igmp timer other-querier-present command to configure the presence time
of the IGMP querier.
Use the undo igmp timer other-querier-present command to restore the default
value.
By default, the presence time of the IGMP querier is twice the value of IGMP query
message interval, that is, 120 seconds.
On a shared network, i.e., there are multiple multicast routers on the same network
segment, the query router (querier for short) takes charge of sending query messages
periodically on the interface. If other non-queriers receive no query messages within
the valid period, the router will consider the previous querier to be invalid and the router
itself becomes a querier.
In IGMP version 1, the selection of a querier is determined by the multicast routing
protocol. In IGMP version 2, the router with the lowest IP address on the shared
network segment acts as the querier.
Related command: igmp timer query, and display igmp interface.
4-14
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
Example
# Set the querier to expire after 300 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] igmp timer other-querier-present 300
4.1.15 igmp timer query
Syntax
igmp timer query seconds
undo igmp timer query
View
VLAN interface view
Parameter
seconds: Interval at which a router transmits IGMP query messages, in the range of 1
to 65,535 seconds.
Description
Use the igmp timer query command to configure the interval at which a router
interface sends IGMP query messages.
Use the undo igmp timer query command to restore the default value.
By default, a router interface transmits IGMP query messages at the interval of 60
seconds.
A multicast router periodically sends out IGMP query messages to attached segments
to find hosts that belong to different multicast groups. The query interval can be
modified according to the practical conditions of the network.
For the related command, see igmp timer other-querier-present.
Example
# Configure to transmit the host-query message every 150 seconds via
VLAN-interface2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 2
[3Com-Vlan-interface2] igmp timer query 150
4-15
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
4.1.16 igmp version
Syntax
igmp version { 1 | 2 }
undo igmp version
View
VLAN interface view
Parameter
1: IGMP Version 1.
2: IGMP Version 2.
Description
Use the igmp version command to specify the version of IGMP that a router uses.
Use the undo igmp version command to restore the default value.
The default IGMP version is IGMP version 2.
All routers on a subnet must support the same version of IGMP. After detecting the
presence of IGMP Version 1 system, a router cannot automatically switch to Version 1.
Example
# Run IGMP Version 1 on VLAN-interface10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] igmp version 1
4.1.17 reset igmp group
Syntax
reset igmp group { all | interface interface-type interface-number { all |
group-address [ group-mask ] } }
View
User view
Parameter
all: All IGMP groups.
interface-type interface-number: VLAN interface type and VLAN interface number.
group-address: IGMP group address.
4-16
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 4 IGMP Configuration Commands
group-mask: Mask of IGMP group address.
Description
Use the reset igmp group command to delete an existing IGMP group from the VLAN
interface. The deleted group can be added to the VLAN interface again.
Example
# Delete all IGMP groups on all the VLAN interfaces.
<3Com> reset igmp group all
# Delete all IGMP groups on Vlan-interface10.
<3Com> reset igmp group interface Vlan-interface10 all
# Delete the group 225.0.0.1 from Vlan-interface10.
<3Com> reset igmp group interface Vlan-interface10 225.0.0.1
# Delete the IGMP groups ranging from 225.1.1.0 to 225.1.1.255 on Vlan-interface10.
<3Com> reset igmp group interface Vlan-interface10 225.1.1.0 255.255.255.0
4-17
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Chapter 5 PIM Configuration Commands
5.1 PIM Configuration Commands
5.1.1 bsr-policy
Syntax
bsr-policy acl-number
undo bsr-policy
View
PIM view
Parameter
acl-number: ACL number imported in BSR filtering policy, in the range of 2,000 to
2,999.
Description
Use the bsr-policy command to limit the range of legal BSRs to prevent BSR proofing.
Use the undo bsr-policy command to restore the default setting, that is, no range limit
is set and all received messages are taken as legal.
In the PIM SM network using BSR (bootstrap router) mechanism, every router can set
itself as C-BSR (candidate BSR) and take the authority to advertise RP information in
the network once it wins in the contention. To prevent malicious BSR proofing in the
network, the following two measures need to be taken:
z
Prevent the router from being spoofed by hosts though faking legal BSR
messages to modify RP mapping. BSR messages are of multicast type and their
TTL is 1, so this type of attacks often hit edge routers. Fortunately, BSRs are
inside the network, while assaulting hosts are outside, therefore neighbor and
RPF checks can be used to stop this type of attacks.
z
If a router in the network is manipulated by an attacker, or an illegal router is
accessed into the network, the attacker may set itself as C-BSR and try to win the
contention and gain authority to advertise RP information among the network.
Since the router configured as C-BSR shall propagate BSR messages, which are
multicast messages sent hop by hop with TTL as 1, among the network, then the
network cannot be affected as long as the peer routers do not receive these BSR
messages. One way is to configure bsr-policy on each router to limit legal BSR
range, for example, only 1.1.1.1/32 and 1.1.1.2/32 can be BSR, thus the routers
5-1
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
cannot receive or forward BSR messages other than these two. Even legal BSRs
cannot contest with them.
Problems may still exist if a legal BSR is attacked, though these two measures can
effectively guarantee high BSR security.
The source parameter in the rule command is translated as BSR address in the
bsr-policy command.
Related command: acl and rule.
Example
# Configure BSR filtering policy on routers, only 101.1.1.1/32 can be BSR.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] pim
[3Com-pim] bsr-policy 2000
[3Com-pim] quit
[3Com] acl number 2000
[3Com-acl-basic-2000] rule 0 permit source 101.1.1.1 0
5.1.2 c-bsr
Syntax
c-bsr interface-type interface-number hash-mask-len [ priority ]
undo c-bsr
View
PIM view
Parameter
interface-type interface-number: Specifies the VLAN interface. The candidate BSR is
configured on the VLAN interface. PIM-SM must be enabled on the VLAN interface
first.
hash-mask-len: Length of the mask. The value ranges from 0 to 32.
priority: Priority of the candidate BSR. The larger the value of the priority, the higher the
priority of the BSR. The value ranges from 0 to 255. By default, the priority is 0.
Description
Use the c-bsr command to configure a candidate BSR.
Use the undo c-bsr command to remove the candidate BSR configured.
By default, no candidate BSR is set.
5-2
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
When configure the candidate BSR, the larger bandwidth should be guaranteed since a
great amount of information will be exchanged between BSR and other devices in the
PIM domain.
Related command: pim sm.
Example
# Configure the switch as a BSR with priority 2 (and the C-BSR address is designated
as the IP address of VLAN-interface10).
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] pim
[3Com-pim] c-bsr vlan-interface 10 24 2
5.1.3 c-rp
Syntax
c-rp
interface-type
interface-number
[
group-policy
acl-number
|
priority
priority-value ]*
undo c-rp { interface-type interface-number | all }
View
PIM view
Parameter
interface-type interface-number: Specifies the VLAN interface whose IP address is
advertised as a candidate RP address.
acl-number: Number of the basic ACL that defines a group range, which is the service
range of the advertised RP. The value ranges from 2000 to 2999.
priority-value: Priority value of candidate RP, in the range of 0 to 255. The greatest
value corresponds to the lowest priority level
all: Remove all candidate RP configurations.
Description
Use the c-rp command to configure the router to advertise itself as a candidate RP.
Use the undo c-rp command to remove the configuration.
By default, no candidate RP is configured, and the value of RP priority is 0.
When configuring the candidate RP, a relatively large bandwidth should be reserved for
the router and other devices in the PIM domain.
For the related command, see c-bsr.
5-3
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Example
# Configure the switch to advertise the BSR that the switch itself is the C-RP in the PIM.
The standard access list 2000 defines the groups related to the RP. The address of
C-RP is designated as the IP address of VLAN-interface10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] acl number 2000
[3Com-acl-basic-2000] rule permit source 225.0.0.0 0.255.255.255
[3Com] pim
[3Com-pim] c-rp vlan-interface 10 group-policy 2000
5.1.4 crp-policy
Syntax
crp-policy acl-number
undo crp-policy
View
PIM view
Parameter
acl-number: ACL number imported in C-RP filtering policy, ranging from 3000 to 3999.
Description
Use the crp-policy command to limit the range of legal C-RP, as well as target service
group range of each C-RP, prevent C-RP proofing.
Use the undo crp-policy command to restore the default setting, that is, no range limit
is set and all received messages are taken as legal.
In the PIM SM network using BSR mechanism, every router can set itself as C-RP
(candidate rendezvous point) servicing particular groups. If elected, a C-RP becomes
the RP servicing the current group.
In BSR mechanism, a C-RP router unicast C-RP messages to the BSR, which then
propagates the C-RP messages among the network by BSR message. To prevent
C-RP spoofing, you need to configure crp-policy on the BSR to limit legal C-RP range
and their service group range. Since each C-BSR has the chance to become BSR, you
must configure the same filtering policy on each C-BSR router.
This command uses the ACLs numbered between 3000 and 3999. The source
parameter in the rule command is translated as C-RP address in the crp-policy
command, and the destination parameter as the service group range of this C-RP
5-4
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
address. For the C-RP messages received, only when their C-RP addresses match the
source address and their server group addresses are subset of those in ACL, can the
be considered as matched.
Related command: acl, and rule.
Example
# Configure C-RP filtering policy on the C-BSR routers, allowing only 1.1.1.1/32 as
C-RP and to serve only for the groups 225.1.0.0/16.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] pim
[3Com-pim] crp-policy 3000
[3Com-pim] quit
[3Com] acl number 3000
[3Com-acl-adv-3000] rule 0 permit source 1.1.1.1 0 destination 225.1.0.0
0.0.255.255
5.1.5 display pim bsr-info
Syntax
display pim bsr-info
View
Any view
Parameter
None
Description
Use the display pim bsr-info command to view the BSR information.
Related command: c-bsr, and c-rp.
Example
# Display the BSR information.
<3Com> display pim bsr-info
Current BSR Address: 20.20.20.30
Priority: 0
Mask Length: 30
Expires: 00:01:55
Local host is BSR
5-5
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Table 5-1 Description on the fields of the display pim bsr-info command
Field
Description
BSR
Bootstrap router
Priority
Priority of BSR
Mask Length: 30
Length of mask
Expires: 00:01:55
Value of the timer
5.1.6 display pim interface
Syntax
display pim interface [ interface-type interface-number ]
View
Any view
Parameter
interface-type interface-number: Interface type and interface number, used to specify
the VLAN interface.
Description
Use the display pim interface command to view the PIM configuration information of
the interface.
If neither the VLAN interface type nor the VLAN interface number is specified, the PIM
configuration information of all VLAN interfaces is displayed; if both the VLAN interface
type and the VLAN interface number are specified, the PIM configuration information
about the specified VLAN interface is displayed.
Example
# Display the PIM configuration information about the VLAN interface.
<3Com> display pim interface
PIM information of VLAN-interface 2:
IP address of the interface is 10.10.1.20
PIM is enabled on interface
PIM version is 2
PIM mode is Sparse
PIM query interval is 30 seconds
PIM neighbor limit is 128
PIM neighbor policy is none
Total 1 PIM neighbor on interface
5-6
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
PIM DR(designated router) is 10.10.1.20
Table 5-2 Description on the fields of the display pim interface command
Field
Description
PIM version
Version of PIM
PIM mode
PIM mode enabled on the VLAN
interface (DM or SM)
PIM query interval
Hello packet interval
PIM neighbor limit
Limit of the PIM neighbors on the VLAN
interface. No neighbor can be added any
more when the limit is reached
PIM neighbor policy
Filtering policy of the PIM neighbors on
the current interface
PIM DR
Designated router
5.1.7 display pim neighbor
Syntax
display pim neighbor [ interface interface-type interface-number ]
View
Any view
Parameter
interface-type interface-number: Interface type and interface number, used to specify
the VLAN interface.
Description
Use the display pim neighbor command to view the PIM neighbor information
discovered by the VLAN interface of the switch. If the VLAN interface parameter is
specified, only the PIM neighbor information about the specified VLAN interface is
displayed.
Example
# Display the PIM neighbor information discovered by the VLAN interface of the
neighbor.
<3Com> display pim neighbor
Neighbor’s Address
8.8.8.6
Interface Name
VLAN-interface10
5-7
Uptime
1637
Expires
89
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Table 5-3 Description on the fields of the display pim neighbor command
Field
Description
Neighbor’s Address
Neighbor address
Interface name
VLAN interface where the neighbor has
been discovered
Uptime
Time passed since the multicast group
has been discovered
Expires
Specifies when the member will be
removed from the group
5.1.8 display pim routing-table
Syntax
display pim routing-table [ { { *g [ group-address [ mask { mask-length | mask } ] ] |
**rp [ rp-address [ mask { mask-length | mask } ] ] } | { group-address [ mask
{ mask-length | mask } ] | source-address [ mask { mask-length | mask } ] } * } |
incoming-interface { interface-type interface-number | null } | { dense-mode |
sparse-mode } ] *
View
Any view
Parameter
**rp: (*, *, RP) route entry.
*g: (*, G) route entry.
group-address: Address of the multicast group.
source-address: IP address of the multicast source.
incoming-interface interface-type interface-number: View the route entry whose
incoming VLAN interface is the specified VLAN interface.
null: Specifies the VLAN interface type as Null.
dense-mode: Specifies the multicast routing protocol as PIM-DM.
sparse-mode: Specifies the multicast routing protocol as PIM-SM.
Description
Use the display pim routing-table command to view information about the PIM
multicast routing table.
The displayed information about the PIM multicast routing table includes the SPT
information and RPF information.
5-8
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Example
# Display the information about the PIM multicast routing table.
<3Com> display pim routing-table
PIM-SM Routing Table
Total 0 (*,*,RP)entry, 0 (*,G)entry, 2 (S,G)entries
(192.168.1.2, 224.2.178.130),
Protocol 0x20: PIMSM, Flag 0x4: SPT
UpTime: 23:59, Timeout after 196 seconds
Upstream interface: VLAN-interface2, RPF neighbor: NULL
Downstream interface list: NULL
(192.168.1.2, 224.2.181.90),
Protocol 0x20: PIMSM, Flag 0x4: SPT
UpTime: 23:59, Timeout after 196 seconds
Upstream interface: VLAN-interface2, RPF neighbor: NULL
Downstream interface list: NULL
Total 2 entries listed
Table 5-4 Description on the fields of the display routing-table command
Field
Description
RP
Rendezvous Point
(S,G)
(source address, multicast group)
PIM-SM
PIM Sparse Mode
SPT
Shortest Path Tree
RPF
Reverse Path Forwarding
5.1.9 display pim rp-info
Syntax
display pim rp-info [ group-address ]
View
Any view
Parameter
group-address: Specifies the group address to display. If no multicast group is specified,
the RP information about all multicast groups will be displayed.
5-9
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Description
Use the display pim rp-info command to view the RP information of the multicast
group.
In addition, this command can also display the BSR and static RP information.
Example
# View the RP information of the multicast group
<3Com> display pim rp-info
PIM-SM RP-SET information:
BSR is: 4.4.4.6
Group/MaskLen: 224.0.0.0/4
RP 4.4.4.6
Version: 2
Priority: 0
Uptime: 00:39:50
Expires: 00:01:40
Table 5-5 Description on the fields of the display pim rp-info command
Field
Description
PIM-SM RP-SET information:
Combination of RP information sets
BSR is: 4.4.4.6
BSR is the VLAN interface of 4.4.4.6 in
the network
Group/MaskLen: 224.0.0.0/4
The RP whose group address is
224.0.0.0 and mask length is 4 is the
virtual interface of the IP address 4.4.4.6.
RP 4.4.4.6
Version: 2
Priority: 0
The priority of the version 2 RP is 0. It is
up for 39 minutes and 50 seconds and
expires in one minutes and forty seconds
Uptime: 00:39:50
Expires: 00:01:40
5.1.10 pim
Syntax
pim
undo pim
View
System view
5-10
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Parameter
None
Description
Use the pim command to enter PIM view to configure the global PIM parameters. You
cannot use the pim command to enable the PIM protocol.
Use the undo pim command to exit PIM view to system view and clear the global PIM
configuration parameters.
Example
# Enter PIM view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] pim
[3Com-pim]
5.1.11 pim bsr-boundary
Syntax
pim bsr-boundary
undo pim bsr-boundary
View
VLAN interface view
Parameter
None
Description
Use the pim bsr-boundary command to configure a VLAN interface of the switch as
the PIM domain boundary.
Use the undo pim bsr-boundary command to remove the configured PIM domain
boundary.
The switch does not set any PIM domain boundary by default.
After you use this command to set a PIM area boundary on a VLAN interface, all
Bootstrap messages cannot cross this domain boundary. However, the other PIM
packets can pass this domain boundary. In this way, you can divide the
PIM-SM-running network into multiple domains, each of which uses a different
Bootstrap router.
5-11
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Note that you cannot use this command to set up a multicast boundary. Instead, what
you use this command to set up is just a PIM Bootstrap packet boundary.
Related command: c-bsr.
Example
# Configure domain boundary on VLAN-interface10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] pim
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] pim bsr-boundary
5.1.12 pim dm
Syntax
pim dm
undo pim dm
View
VLAN interface view
Parameter
None
Description
Use the pim dm command to enable PIM-DM.
Use the undo pim dm command to disable PIM-DM.
By default, PIM-DM is disabled.
Once enabled PIM-DM on an interface, PIM-SM cannot be enabled on the same
interface and vice versa.
Example
# Enable the PIM-DM protocol on VLAN-interface10 of the Ethernet switch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] pim dm
5-12
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
5.1.13 pim neighbor-limit
Syntax
pim neighbor-limit limit
undo pim neighbor-limit
View
VLAN interface view
Parameter
limit: Upper limit of PIM neighbors on the VLAN interface, in the range of 0~128.
Description
Use the pim neighbor-limit command to limit the number PIM neighbors on a router
interface. No neighbor can be added to the router any more when the limit is reached.
Use the undo pim neighbor-limit command to restore the default setting.
By default, the number of PIM neighbors on a VLAN interface is limited within 128.
If the number of existing PIM neighbors exceeds the configured limit, they will not be
deleted.
Example
# Limit the number of PIM neighbors on Vlan-interface10 within 50.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] pim neighbor-limit 50
5.1.14 pim neighbor-policy
Syntax
pim neighbor-policy acl-number
undo pim neighbor-policy
View
VLAN interface view
Parameter
acl-number: Basic ACL number, in the range of 2000 to 2999.
5-13
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Description
Use the pim neighbor-policy command to configure the router to filter the PIM
neighbors on the current VLAN interface.
Use the undo pim neighbor-policy command to disable the filtering.
Only the routers that match the filtering rule in the ACL can serve as a PIM neighbor of
the current VLAN interface.
The new configuration overwrites the old one if you run the command for a second
time.
Example
# Configure that 10.10.1.2 can serve as a PIM neighbor of the Vlan-interface10, but not
10.10.1.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] pim neighbor-policy 2000
[3Com-Vlan-interface10] quit
[3Com] acl number 2000
[3Com-acl-basic-2000] rule permit source 10.10.1.2 0
[3Com-acl-basic-2000] rule deny source 10.10.1.1 0
5.1.15 pim sm
Syntax
pim sm
undo pim sm
View
VLAN interface view
Parameter
None
Description
Use the pim sm command to enable the PIM-SM protocol.
Use the undo pim sm command to disable the PIM-SM protocol.
By default, the switch disables the PIM-SM protocol.
You must enable the PIM-SM protocol on each VLAN interface respectively. Generally,
the PIM-SM protocol is enabled on each VLAN interface.
5-14
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Related command: multicast routing-enable.
Example
# Enable the PIM-SM protocol on VLAN-interface10.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] pim sm
5.1.16 pim timer hello
Syntax
pim timer hello seconds
undo pim timer hello
View
VLAN interface view
Parameter
seconds: Interval at which a VLAN interface sends Hello packets, in the range of 1
second to 18,000 seconds.
Description
Use the pim timer hello command to set the interval at which a VLAN interface sends
Hello packets.
Use the undo pim timer hello command to restore the default value of the interval.
By default, a VLAN interface sends Hello packets at the interval of 30 seconds.
When the PIM-SM protocol is enabled on a VLAN interface, the switch will periodically
send Hello packets to the network devices supporting PIM. If the VLAN interface
receives Hello packets, it means that the VLAN interface has neighboring network
devices supporting PIM, and the VLAN interface will add the neighbors into its own
neighbor list. If the VLAN interface does not receive any Hello packet from a neighbor in
its neighbor list within the specified time, the neighbor is considered to have left the
multicast group.
Example
# Configure to VLAN-interfaceo10 of the switch to send Hello packet at the interval of
40 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
5-15
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
[3Com] multicast routing-enable
[3Com] interface Vlan-interface 10
[3Com-Vlan-interface10] pim timer hello 40
5.1.17 register-policy
Syntax
register-policy acl-number
undo register-policy
View
PIM view
Parameter
acl-number: Number of IP advanced ACL, defining the rule of filtering the source and
group addresses. The value ranges from 3000 to 3999.
Description
Use the register-policy command to configure a RP to filter the register packets sent
by the DR in the PIM-SM network and to accept the specified packets only.
Use the undo register-policy command to remove the configured packet filtering.
Example
# If the local device is the RP in the network, using the following command can only
accept multicast message register of the source sending multicast address in the range
of 225.1.0.0/16 on network segment 10.10.0.0/16.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] acl number 3010
[3Com-acl-adv-3010] rule permit ip source 10.10.0.0 0.0.255.255 destination
225.1.0.0 0.0.255.255
[3Com-acl-adv-3010] quit
[3Com] multicast routing-enable
[3Com] pim
[3Com-pim] register-policy 3010
5.1.18 spt-switch-threshold
Syntax
spt-switch-threshold { traffic-rate | infinity } [ group-policy acl-number [ order
order-value ] ]
5-16
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
undo spt-switch-threshold { traffic-rate | infinity } [ group-policy acl-number ]
View
PIM view
Parameter
traffic-rate: Rate of sending multicast packets in kbps, in the range of 0 to 65,535. The
threshold for RPT-to-SPT switchover is 0 by default.
infinity: Specifies not to switch traffic from RPT to SPT forever.
acl-number: Number of a basic ACL, in the range of 2,000 to 2,999. This argument
defines a group range. The rate of multicast packets in the range is limited.
Description
Use the spt-switch-threshold command to set the threshold for RPT-to-SPT
switchover.
Use the undo spt-switch-threshold command to restore the threshold to the default
value.
In PIM-SM, an Ethernet switch forwards multicast packets over RPT initially. If the
multicast traffic sent by the multicast source exceeds the threshold value, the multicast
traffic will be switched from RPT to SPT when it passes the last-hop Ethernet switch.
Note:
Currently, the threshold value can be 0 or infinity.
z
If the threshold is to 0, the last-hop router will start RPT-to-SPT switchover when it
receives the first multicast packet.
z
If the threshold is set to infinity, the RPT-to-SPT switchover will never be
performed.
Example
# Specify the last-hop router to start RPT-to-SPT switchover as soon as it receives the
first multicast packet.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] pim
[3Com-pim] spt-switch-threshold 0
5-17
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
5.1.19 reset pim neighbor
Syntax
reset pim neighbor { all | { neighbor-address | interface interface-type
interface-number } * }
View
User view
Parameter
all: All PIM neighbors
neighbor-address: Specifies neighbor address.
interface interface-type interface-number: Specifies VLAN interface.
Description
Use the reset pim neighbor command to clear all PIM neighbors or PIM neighbors on
the specified VLAN interface.
Related command: display pim neighbor.
Example
# Clear the PIM neighbor 25.5.4.3.
<3Com> reset pim neighbor 25.5.4.3
5.1.20 reset pim routing-table
Syntax
reset pim routing-table { all | { group-address [ mask group-mask | mask-length
group-mask-length ] | source-address [ mask source-mask | mask-length
source-mask-length ] | { incoming-interface interface-type interface-number } } * }
View
User view
Parameter
all: All PIM neighbors
group-address: Specifies group address.
mask group-mask: Specifies group mask.
group-mask-length: Specifies mask length of the group address.
source-address: Specifies source address.
mask source-mask: Specifies source mask.
5-18
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
source-mask-length: Specifies mask length of the group address.
incoming-interface: Specifies incoming interface for the route entry in PIM routing
table.
interface-type interface-number: Specifies the VLAN interface.
Description
Use the reset pim routing-table command to clear all PIM route entries or the
specified PIM route entry.
You can type in source address first and group address after in the command, as long
as they are valid. Error information will be given if you type in invalid addresses.
If in this command, the group-address is 224.0.0.0/4 and source-address is the RP
address (where group address can have a mask, but the resulted IP address must be
224.0.0.0, and source address has no mask), then it means only the (*, *, RP) item will
be cleared.
If in this command, the group-address is any a group address, and source-address is 0
(where group address can have a mask, and source address has no mask), then only
the (*, G) item will be cleared.
This command shall clear not only multicast route entries from PIM routing table, but
also the corresponding route entries and forward entries in the multicast core routing
table and MFC.
Related command: reset multicast routing-table, reset multicast forwarding-table,
and display pim routing-table.
Example
# Clear the route entries with group address 225.5.4.3 from the PIM routing table.
<3Com> reset pim neighbor 25.5.4.3
5.1.21 source-policy
Syntax
source-policy acl-number
undo source-policy
View
PIM view
Parameter
acl-number: Basic or advanced ACL, in the range of 2000 to 3999.
5-19
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
Description
Use the source-policy command to configure the router to filter the received multicast
data packets according to the source address or group address.
Use the undo source-policy command to remove the configuration.
If resource address filtering is configured, as well as basic ACLs, then the router filters
the resource addresses of all multicast data packets received. Those not matched will
be discarded.
If resource address filtering is configured, as well as advanced ACLs, then the router
filters the resource and group addresses of all multicast data packets received. Those
not matched will be discarded.
When this feature is configured, the router filters not only multicast data, but the
multicast data encapsulated in the registration packets.
The new configuration overwrites the old one if you run the command for a second
time.
Example
# Set to receive the multicast data packets from source address 10.10.1.2, but discard
those from 10.10.1.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] pim
[3Com-pim] source-policy 2000
[3Com-pim] quit
[3Com] acl number 2000
[3Com-acl-basic-2000] rule permit source 10.10.1.2 0
[3Com-acl-basic-2000] rule deny source 10.10.1.1 0
5.1.22 static-rp
Syntax
static-rp rp-address [ acl-number ]
undo static-rp
View
PIM view
Parameter
rp-address: Static RP address, only being legal unicast IP address.
5-20
3Com Switch 7750 Series
Command Reference Guide – Multicast
Chapter 5 PIM Configuration Commands
acl-number: Basic ACL, used to control the range of multicast group served by static RP,
which ranges from 2000 to 2999. If an ACL is not specified upon configuration, static
RP will serve all multicast groups; if an ACL is specified, static RP will only serve the
multicast group passing the ACL.
Description
Use the static-rp command to configure static RP.
Use the undo static-rp command to remove the configuration.
Static RP function as the backup of dynamic RP so as to improve the network
robusticity. If the RP elected by BSR mechanism is valid, static RP will not work. All
routers in the PIM domain must be configured with this command and be specified with
the same RP address.
The new configuration overwrites the old one if you execute the command for a second
time.
Related command: display pim rp-info.
Example
# Configure 10.110.0.6 as a static RP.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] multicast routing-enable
[3Com] pim
[3Com-pim] static-rp 10.110.0.6
5-21
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Table of Contents
Table of Contents
Chapter 1 802.1x Configuration Commands .............................................................................. 1-1
1.1 802.1x Configuration Commands ...................................................................................... 1-1
1.1.1 display dot1x ........................................................................................................... 1-1
1.1.2 dot1x........................................................................................................................ 1-4
1.1.3 dot1x authentication-method................................................................................... 1-5
1.1.4 dot1x dhcp-launch................................................................................................... 1-6
1.1.5 dot1x guest-vlan ...................................................................................................... 1-7
1.1.6 dot1x max-user........................................................................................................ 1-9
1.1.7 dot1x port-control .................................................................................................. 1-10
1.1.8 dot1x port-method ................................................................................................. 1-11
1.1.9 dot1x quiet-period ................................................................................................. 1-12
1.1.10 dot1x re-authenticate .......................................................................................... 1-13
1.1.11 dot1x retry ........................................................................................................... 1-14
1.1.12 dot1x retry-version-max ...................................................................................... 1-15
1.1.13 dot1x supp-proxy-check ...................................................................................... 1-15
1.1.14 dot1x timer........................................................................................................... 1-18
1.1.15 dot1x version-check ............................................................................................ 1-20
1.1.16 reset dot1x statistics............................................................................................ 1-20
Chapter 2 HABP Configuration Commands ............................................................................... 2-1
2.1 HABP Configuration Commands ....................................................................................... 2-1
2.1.1 display habp ............................................................................................................ 2-1
2.1.2 display habp table ................................................................................................... 2-2
2.1.3 display habp traffic .................................................................................................. 2-2
2.1.4 habp enable............................................................................................................. 2-3
2.1.5 habp server vlan...................................................................................................... 2-4
2.1.6 habp timer ............................................................................................................... 2-4
i
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
Chapter 1 802.1x Configuration Commands
1.1 802.1x Configuration Commands
1.1.1 display dot1x
Syntax
display dot1x [ sessions | statistics ] [ interface interface-list ]
View
Any view
Parameter
sessions: Displays the formation about 802.1x sessions.
statistics: Displays the statistics information about 802.1x.
interface: Display the 802.1x-related information about a specified port.
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-name [ to interface- name] & < 1-10 >.
The interface-name argument is the port index of an Ethernet port and can be specified
in this form: interface-name = { interface-type interface-num }, where interface-type
specifies the type of an Ethernet port and interface-num identifies the number of the
port. “&<1-10>” means that up to 10 port indexes/port index lists can be provided.
Description
Use the display dot1x command to display 802.1x-related information, such as
configuration information, operation information (session information), and statistics.
By default, this command displays all 802.1x-related information of each port.
When the interface-list argument is not provided, this command displays
802.1x-related information on all ports. The output information can be used to verify
802.1 x-related configurations and to troubleshoot.
Related commands: reset dot1x statistics, dot1x, dot1x retry, dot1x max-user,
dot1x port-control, dot1x port-method, and dot1x timer.
Example
# Display 802.1x-related configuration information.
<3Com> display dot1x
Equipment 802.1X protocol is enabled
CHAP authentication is enabled
1-1
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
DHCP-launch is disabled
Proxy trap checker is disabled
Proxy logoff checker is disabled
Guest Vlan is disabled
Configuration: Transmit Period
ReAuth Period
30 s,
Handshake Period
15 s
003600 s
Quiet Period
60 s,
Quiet Period Timer is disabled
Supp Timeout
30 s,
Server Timeout
100 s
Interval between version requests is 30s
maximal request times for version information is 3
The maximal retransmitting times
2
Total maximum 802.1x user resource number is 4096
Total current used 802.1x resource number is 0
GigabitEthernet1/0/1
is link-up
802.1X protocol is disabled
Proxy trap checker is disabled
Proxy logoff checker is disabled
Guest Vlan is disabled
Version-Check is disabled
The port is a(n) authenticator
Authenticate Mode is auto
Port Control Type is Mac-based
ReAuthenticate is disabled
Max on-line user number is 1024
……
(Display omitted here)
Table 1-1 Description on the fields of the display dot1x command
Field
Description
Equipment 802.1X protocol is 802.1x protocol (802.1x for short) is enabled on
enabled
the switch.
CHAP authentication is enabled CHAP authentication is enabled.
DHCP-launch is disabled
With DHCP enabled, manually configuring a static
IP address triggers 802.1x authentication on the
switch.
1-2
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
Field
Description
Whether to check a supplicant system that logs in
through a proxy:
z
Proxy trap checker is disabled
z
Disable means the switch does not send Trap
packets when it detects that a supplicant
system logs in through a proxy.
Enable means the switch sends Trap packets
when it detects that a supplicant system logs in
through a proxy.
Whether to check a supplicant system that logs in
through a proxy:
z
Proxy logoff checker is disabled
z
Disable means the switch does not disconnect
a supplicant system when it detects that the
latter logs in through a proxy.
Enable means the switch disconnects a
supplicant system when it detects that the latter
logs in through a proxy.
Guest Vlan is disabled
The Guest VLAN function is disabled.
Transmit Period
Setting of the Transmission period timer (the
tx-period)
Handshake Period
Setting of the handshake period timer (the
handshake-period)
ReAuth Period
802.1x re-authentication
Quiet Period
Setting of the quiet period timer (the quiet-period)
Quiet Period Timer is disabled
The quiet period timer is disabled.
Supp Timeout
Setting of the
(supp-timeout)
Server Timeout
Setting
of
the
(server-timeout)
Interval
requests
between
maximal request
version information
The maximal
times
version
times
supplicant
timeout
server-timeout
timer
timer
Client version request timer
for The maximum number of times that the switch can
send version request packets to an access user
retransmitting
The maximum number of times that the switch can
send authentication request packets to a
supplicant system
Total maximum 802.1x user The maximum number of 802.1x users that a
resource number
switch can accommodate
Total current used
resource number
802.1x
The number of online supplicant systems
GigabitEthernet1/0/1 is link-up
The GigabitEthernet 1/0/1 port is in up state.
802.1X protocol is disabled
802.1x is disabled on the port
1-3
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
Field
Description
Whether to check a supplicant system that logs in
through a proxy:
Proxy trap checker is disabled
z
z
Disable means the switch does not detect
supplicant login through a proxy
Enable means the switch sends Trap packets
when it detects that a supplicant system logs in
through a proxy.
Whether to check a supplicant system that logs in
through a proxy:
Proxy logoff checker is disabled
z
z
Disable means the switch does not detect
supplicant login through a proxy
Enable means the switch disconnects a
supplicant system when it detects that the latter
logs in through a proxy.
Guest Vlan is disabled
The Guest VLAN function is disabled.
Version-Check is disabled
The client version check function is disabled.
The port is a(n) authenticator
The port acts as an authenticator.
Authenticate Mode is auto
The port access control mode is auto.
The port access control method is MAC-based.
Port Control Type is Mac-based That is, supplicant systems are authenticated
based on their MAC addresses.
Max on-line user number
The maximum number of online users that the port
can accommodate
…
Information omitted here
1.1.2 dot1x
Syntax
dot1x [ interface interface-list ]
undo dot1x [ interface interface-list ]
View
System view, Ethernet port view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-name [ to interface- name] & < 1-10 >.
The interface-name argument is the port index of an Ethernet port and can be specified
in this form: interface-name = { interface-type interface-num }, where interface-type
1-4
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
specifies the type of a port and interface-num identifies the port number. "&<1-10>"
means that up to 10 port indexes/port index lists can be provided,
Description
Use the dot1x command to enable 802.1x globally or for specified Ethernet ports.
Use the undo dot1x command to disable 802.1x globally or for specified Ethernet
ports.
By default, 802.1x is disabled globally and also on all ports
When being executed in system view, the dot1x command enables 802.1x globally if
you do not provide the interface-list argument. And if you specify the interface-list
argument, the command enables 802.1x for the specified Ethernet ports. When being
executed in Ethernet port view, this command enables 802.1x for the current Ethernet
port only. In this case, the interface-list argument is not needed.
You can perform 802.1x-related configurations (globally or on specified ports) either
before or after 802.1x is enabled. If you do not previously perform other 802.1x-related
configurations when enabling 802.1x globally, the switch adopts the default 802.1x
settings.
802.1x-related configurations take effect on a port only after 802.1x is enabled both
globally and on the port.
Configurations of 8021.x and the maximum number of MAX addresses that can be
learnt are mutually exclusive. This means that when 802.1x is enabled for a port, it
cannot also have the maximum number of MAX addresses to be learned configured at
the same time. And if you configure the maximum number of MAX addresses that can
be learnt for a port, 802.1x is unavailable to it.
Related command: display dot1x.
Example
# Enable 802.1x for Ethernet 3/0/1 port.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x interface Ethernet 3/0/1
# Enable 802.1x globally.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x
1.1.3 dot1x authentication-method
Syntax
dot1x authentication-method { chap | pap | eap }
1-5
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
undo dot1x authentication-method
View
System view
Parameter
chap: Authenticates with the help of challenge handshake authentication protocol
(CHAP).
pap: Authenticates with the help of password authentication protocol (PAP).
eap: Authenticates with the help of extensible authentication protocol (EAP).
Description
Use the dot1x authentication-method command to set the 802.1x authentication
method.
Use the undo dot1x authentication-method command to revert to the default 802.1x
authentication method.
The default 802.1x authentication method is CHAP.
PAP applies a two-way handshaking procedure. In this method, passwords are
transmitted in plain text.
CHAP applies a three-way handshaking procedure. In this method, user names are
transmitted rather than passwords. Therefore this method is safer.
In an EAP authentication method, a switch sends 802.1x authentication information
directly to the RADIUS server in EAP packets, instead of having to convert them into
RADIUS packets before forwarding to the RADIUS server. EAP authentication can be
realized in one of the three sub-methods: PEAP, EAP-TLS, and EAP-MD5.
Note that the RADIUS server must support PAP, CHAP, or EAP authentication before
the corresponding authentication can be implemented.
Related command: display dot1x.
Example
# Specify the authentication method for 802.1x users to be PAP.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x authentication-method pap
1.1.4 dot1x dhcp-launch
Syntax
dot1x dhcp-launch
1-6
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
undo dot1x dhcp-launch
View
System view
Parameter
None
Description
Use the dot1x dhcp-launch command to specify an 802.1x-enqbled switch to launch
the process to authenticate a supplicant system when the supplicant system applies for
a dynamic IP address through DHCP.
Use the undo dot1x dhcp-launch command to disable an 802.1x-enqbled switch from
authenticating a supplicant system when the supplicant system applies for a dynamic
IP address through DHCP.
By default, an 802.1x-enabled switch does not authenticate a supplicant system when
the latter applies for a dynamic IP address through DHCP.
Related command: display dot1x.
Example
# Configure to authenticate a supplicant system when it applies for a dynamic IP
address through DHCP.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x dhcp-launch
1.1.5 dot1x guest-vlan
Syntax
dot1x guest-vlan vlan-id [ interface interface-list ]
undo dot1x guest-vlan vlan-id [ interface interface-list ]
View
System view, Ethernet port view
Parameter
vlan-id: VLAN ID of a Guest VLAN, in the range from 1 to 4,094.
interface-list: List of Ethernet ports, expressed as interface-list = { interface-name [ to
interface-name ] } & < 1-10 >. The interface-name argument is the port index of a port
and can be specified in this form: interface-name = { interface-type interface-num },
1-7
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
where interface-type specifies the type of a port and interface-num identifies the port
number. "&<1-10>" means that up to 10 port indexes/port index lists can be provided.
Description
Use the dot1x guest-vlan command to enable the Guest VLAN function for specified
ports.
Use the undo dot1x guest-vlan command to disable the Guest VLAN function for
specified ports.
When being executed in system view:
z
If you do not provide the interface-list argument, these two commands apply to all
ports of the switch.
z
If you specify the interface-list argument, these two commands apply to the
specified Ethernet ports.
When being executed in Ethernet port view, these two commands apply to the current
Ethernet port only. In this case, the interface-list argument is not needed.
Caution:
z
The Guest VLAN function is available only when the switch operates in a port-based
authentication mode.
z
Only one Guest VLAN can be configured for each switch.
z
The Guest VLAN function is unavailable when the dot1x dhcp-launch command is
configured on the switch, because the switch does not send authentication request
packets.
Related commands: name, vlan-assignment-mode.
Example
# Specify the authentication method to be port-based authentication.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x port-method portbased
# Enable the Guest VLAN function for all ports.
[3Com] dot1x guest-vlan 1
1-8
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
1.1.6 dot1x max-user
Syntax
dot1x max-user user-number [ interface interface-list ]
undo dot1x max-user [ interface interface-list ]
View
System view, Ethernet port view
Parameter
user-number: Maximum number of users a port can accommodate, ranging from 1 to
1024. The default number is 1024.
interface-list: List of Ethernet ports, expressed as interface-list = { interface-name [ to
interface-name ] } & < 1-10 >. The interface-name argument specifies the port index of
an Ethernet port and can be specified in this form: interface-name = { interface-type
interface-num }, where interface-type specifies the type of a port and interface-num
identifies the port number. "&<1-10>" means that up to 10 port indexes/port index lists
can be provided.
Description
Use the dot1x max-user command to set the maximum number of supplicant systems
an Ethernet port can accommodate.
Use the undo dot1x max-user command to revert to the default maximum supplicant
system number.
When being executed in system view, these two commands apply to all Ethernet ports
of the switch if you do not provide the interface-list argument. And if you specify the
interface-list argument, these commands apply to the specified Ethernet ports.
When being executed in Ethernet port view, these two commands apply to the current
Ethernet port only. In this case, the interface-list argument is not needed.
Related command: display dot1x.
Example
# Configure the maximum number of users that Ethernet 3/01 can accommodate to be
32.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x max-user 32 interface Ethernet 3/0/1
1-9
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
1.1.7 dot1x port-control
Syntax
dot1x port-control { auto | authorized-force | unauthorized-force } [ interface
interface-list ]
undo dot1x port-control [ interface interface-list ]
View
System view, Ethernet port view
Parameter
auto: Specifies to operate in auto access control mode. In this mode, a port is
initialized to take all users as unauthorized: it only allows EAPoL packets to pass
through and grants users no permission to network resources. Only after the users
have passed the authentication will the port classify them as authorized and allow them
access to the network resources, which is often the case.
authorized-force: Specifies to operate in authorized-force access control mode.
unauthorized-force: Specifies to operate in unauthorized-force access control mode.
Ports in this mode are constantly in unauthorized state. Supplicant systems connected
to them cannot access the network.
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-name [ to interface- name] & < 1-10 >.
The interface-name argument is the port index of an Ethernet port and can be specified
in this form: interface-name = { interface-type interface-num }, where interface-type
specifies the type of a port and interface-num identifies the port number. "&<1-10>"
means that up to 10 port indexes/port index lists can be provided.
Description
Use the dot1x port-control command to specify the access control method for
specified Ethernet ports.
Use the undo dot1x port-control command to revert to the default access control
method.
The default access control method is auto.
Use the dot1x port-control command to configure the access control method for
specified 802.1x-enabled ports.
When being executed in system view, these two commands apply to all Ethernet ports
of the switch if you do not provide the interface-list argument. And if you specify the
interface-list argument, these commands apply to the specified Ethernet ports.
When being executed in Ethernet port view, these two commands apply to the current
Ethernet port only. In this case, the interface-list argument is not needed.
1-10
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
Related command: display dot1x.
Example
# Specify Ethernet 3/0/1 port to operate in unauthorized-force access control mode.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x port-control unauthorized-force interface Ethernet 3/0/1
1.1.8 dot1x port-method
Syntax
dot1x port-method { macbased | portbased } [ interface interface-list ]
undo dot1x port-method [ interface interface-list ]
View
System view, Ethernet port view
Parameter
macbased: Authenticates supplicant systems by MAC addresses.
portbased: Authenticates supplicant system by port numbers.
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-name [ to interface- name] & < 1-10 >.
The interface-name argument is the port index of an Ethernet port and can be specified
in this form: interface-name = { interface-type interface-num }, where interface-type
specifies the type of a port and interface-num identifies the port number. "&<1-10>"
means that up to 10 port indexes/port index lists can be provided.
The default access control method is MAC address-based. That is, the macbased
keyword is specified by default.
Description
Use the dot1x port-method command to specify the access control method for
specified Ethernet ports.
Use the undo dot1x port-method command to revert to the default access control
method.
If you specify to authenticate supplicant systems by MAC addresses (that is, the
macbased keyword is specified), all supplicant systems connected to the specified
Ethernet ports are authenticated separately. And if an online user logs off, others are
not affected.
If you specify to authenticate supplicant systems by port numbers (that is, the
portbased keyword is specified), all supplicant systems connected to a specified
1-11
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
Ethernet port are able to access the network without being authenticated if a supplicant
system among them passes the authentication. And when the supplicant system logs
off, the network is inaccessible to all other supplicant systems either.
When being executed in system view, these two commands apply to all Ethernet ports
of the switch if you do not provide the interface-list argument. And if you specify the
interface-list argument, these commands apply to the specified Ethernet ports. When
being executed in Ethernet port view, these two commands apply to the current
Ethernet port only. In this case, the interface-list argument is not needed.
Related command: display dot1x.
Example
# Specify to authenticate supplicant systems connected to Ethernet 3/0/1 port by port
numbers.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x port-method portbased interface Ethernet 3/0/1
1.1.9 dot1x quiet-period
Syntax
dot1x quiet-period
undo dot1x quiet-period
View
System view
Parameter
None
Description
Use the dot1x quiet-period command to enable the quiet-period timer.
Use the undo dot1x quiet-period command to disable the quiet-period timer.
When a supplicant system fails to pass the authentication, the authenticator system
(such as a 3Com Ethernet switch) will stay quiet for a period (determined by the
quiet-period timer) before it performs another authentication. During the quiet period,
the authenticator system performs no 802.1x authentication.
By default, the quiet-period timer is disabled.
Related commands: display dot1x, dot1x timer.
1-12
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
Example
# Enable the quiet-period timer.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x quiet-period
1.1.10 dot1x re-authenticate
Syntax
dot1x re-authenticate [ interface interface-list ]
undo dot1x re-authenticate [ interface interface-list ]
View
System view, Ethernet port view
Parameter
interface-list: List of Ethernet ports, expressed as interface-list = { interface-name [ to
interface-name ] } & < 1-10 >. The interface-name argument specifies the port index of
an Ethernet port and can be specified in this form: interface-name = { interface-type
interface-num }, where interface-type specifies the type of a port and interface-num
identifies the port number. "&<1-10>" means that up to 10 port indexes/port index lists
can be provided.
Description
Use the dot1x re-authenticate command to enable 802.1x re-authentication on the
specified port or on all Authenticator ports of the switch.
Use the undo dot1x re-authenticate command to disable 802.1x re-authentication on
the specified port or on all Authenticator ports of the switch.
By default, 802.1x re-authentication is disabled on all ports.
When you use this command in system view, if you do not specify a port, this command
will enable 802.1x re-authentication on all ports; if you provide a value for the
interface-list argument, this command will enable 802.1x on the specified port.
When you use this command is Ethernet port view, the interface-list argument is not
available and 8021.x re-authentication is enabled on the current port only.
802.1x must be enabled globally and on the current port before 802.1x
re-authentication can be configured on the port.
Example
# Enable 802.1x re-authentication on the port Ethernet 3/0/1.
<3Com>system-view
1-13
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 3/0/1
[3Com-Ethernet3/0/1] dot1x re-authenticate
1.1.11 dot1x retry
Syntax
dot1x retry max-retry-value
undo dot1x retry
View
System view
Parameter
max-retry-value: Maximum number of times that a switch sends authentication request
packets to online supplicant systems. This argument ranges from 1 to 10 and defaults
to 2.
Description
Use the dot1x retry command to specify the maximum number of times that a switch
will send authentication request packets to supplicant systems.
Use the undo dot1x retry command to revert to the default value.
Having sent authentication request packets to a supplicant system, a switch will resend
the packets if within a preset period it still has not received any response from the
supplicant system. The dot1x retry command is used to set the maximum number of
times that a switch will resend the request packets. When set to 1, it means that the
switch will send request packets only once, and when set to 2, it means that the switch
will resend the packets once if no response comes back, and so on. This command
applies to all ports.
Related command: display dot1x.
Example
# Specify the maximum number of times that the switch will resend authentication
request packets to be 9.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x retry 9
1-14
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
1.1.12 dot1x retry-version-max
Syntax
dot1x retry-version-max max-retry-version-value
undo dot1x retry-version-max
View
System view
Parameter
max-retry-version-value: Maximum number of times that a switch will resend version
request packets to a supplicant system. This argument ranges from 1 to 10.
Description
Use the dot1x retry-version-max command to set the maximum number of times that
a switch will resend version request packets to a connected supplicant system.
Use the undo dot1x retry-version-max command to revert to the default value.
By default, the switch can send version request packets to an access user for up to
three times repeatedly.
Having sent a version request packet to the supplicant system, the switch will resend
the packet if within a preset period (as determined by the client version timer) it still has
not received any response from the supplicant system. When the number set by this
command has reached and there is still no response from the supplicant system, the
switch will continue its following authentication without sending further version requests.
This command applies to all ports.
Related commands: display dot1x, dot1x timer.
Example
# Configure the maximum number of times that the switch will resend version request
packets to be 6.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x retry-version-max 6
1.1.13 dot1x supp-proxy-check
Syntax
dot1x supp-proxy-check { logoff | trap } [ interface interface-list ]
undo dot1x supp-proxy-check { logoff | trap } [ interface interface-list ]
1-15
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
View
System view, Ethernet port view
Parameter
logoff: Disconnects a supplicant system if it logs in through a proxy or through multiple
network cards.
trap: Sends Trap packets if a supplicant system logs in through a proxy or through
multiple network cards.
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-name [ to interface- name] & < 1-10 >.
The interface-name argument is the port index of an Ethernet port and can be specified
in this form: interface-name = { interface-type interface-num }, where interface-type
specifies the type of a port and interface-num identifies the port number. "&<1-10>"
means that up to 10 port indexes/port index lists can be provided.
Description
Use the dot1x supp-proxy-check command to enable the checking and access
control of the users who log in through a proxy.
Use the undo dot1x supp-proxy-check command to cancel the setting.
By default, 802.1X client checking is disabled for all Ethernet ports.
In system view, execution of the dot1x supp-proxy-check command enables the
supplicant system proxy checking function for specified ports if the interface-list
argument is provided; in Ethernet port view, the interface-list argument is not needed,
only the current port can have the function.
In system view, after enabling global supplicant proxy checking, you also need to
enable this function on specific ports for the function to take effect on these ports.
802.1x proxy checking checks for:
z
Supplicant systems logging in through proxies
z
Supplicant systems logging in through IE proxies
z
Whether or not a supplicant system logs in through multiple network cards (that is,
when supplicant system attempts to log in, it contains more than one active
network cards)
A switch may take the following actions in response to any of the above three cases:
z
Disconnects the supplicant system and sends Trap packets (using the dot1x
supp-proxy-check logoff command.)
z
Sends Trap packets without disconnecting the supplicant system (using the dot1x
supp-proxy-check trap command.)
This function needs the support of 802.1x clients and CAMS:
1-16
3Com Switch 7750 Series
Command Reference Guide – 802.1x
z
Chapter 1 802.1x Configuration Commands
The 802.1x supplicant system must be able to detect whether the client uses
multiple network cards, a proxy, or IE proxy;
z
CAMS has disabled the use of multiple network cards, a proxy server, and an IE
proxy server.
By default, an 802.1x supplicant system enables the use of multiple network cards,
proxies, or IE proxies. If CAMS has these features disabled, it would notify the 802.1
supplicant system to have the corresponding features disabled as well after the latter
has successfully passed the authentication.
Note:
z
The supplicant system proxy checking function needs the support of 3Com's 802.1x
client program (V1.29 or later version).
z
The supplicant system proxy checking function takes effect only after it has been
enabled on CAMS and the client version checking function is enabled on the switch
(using the dot1x version-check command).
Related command: display dot1x.
Example
# Configure to disconnect any supplicant system connected to Ethernet3/0/1 through
Ethernet3/0/8 ports if it has been detected logging in through a proxy.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x supp-proxy-check logoff
[3Com] dot1x supp-proxy-check logoff interface Ethernet 3/0/1 to Ethernet
3/0/8
# Configure the switch to send Trap packets if a supplicant system connected to
Ethernet 3/0/9 port is detected logging in through a proxy.
[3Com] dot1x supp-proxy-check trap
[3Com] dot1x supp-proxy-check trap interface Ethernet 3/0/9
Or
[3Com] dot1x supp-proxy-check trap
[3Com] interface Ethernet 3/0/9
[3Com-Ethernet3/0/9] dot1x supp-proxy-check trap
1-17
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
1.1.14 dot1x timer
Syntax
dot1x
timer
{
handshake-period
handshake-period-value
|
reauth-period
reauth-period-value | quiet-period quiet-period-value | tx-period tx-period-value |
supp-timeout supp-timeout-value | server-timeout server-timeout-value | ver-period
ver-period-value }
undo dot1x timer { handshake-period | reauth-period | quiet-period | tx-period |
supp-timeout | server-timeout | ver-period }
View
System view
Parameter
handshake-period: Handshake period timer, triggered when the user has successfully
passed the authentication. It sets the time interval for the switch to resend handshake
request packets to check whether the user is still online. If, after N times (as specified
by the dot1x retry command) of retries, the switch still has not received any response
packet from the supplicant system, it will assume that the user is offline.
handshake-period-value: Value of the handshake timer, in seconds. This value can
range from 1 to 1024 and defaults to 15.
reauth-period: Re-authentication period timer. Within this timer period, a supplicant
system initializes 802.1x re-authentication.
reauth-period-value: Value (in seconds) of the re-authentication period timer. This value
ranges from 1 to 86400 and defaults to 3600.
quiet-period: Quiet-period timer, triggered after the user has failed the authentication.
After the time (as specified by the quiet-period timer) has elapsed, the user can resend
the authentication request. During the period, the switch will perform no authentication.
quiet-period-value: Value of the quiet-period timer, in seconds. This value can range
from 10 to 120 and defaults to 60.
tx-period: This timer sets the tx-period and is triggered by the switch in one of the
following two cases: The first case is when the client requests for authentication. The
switch sends a unicast request/identity packet to a supplicant system and then enables
the transmission timer. The switch sends another request/identity packet to the
supplicant system if the supplicant system fails to send a reply packet to the switch
when this timer times out. The second case is when the switch authenticates the 802.1x
client who does not request for authentication actively. The switch sends multicast
request/identity packets continuously through the port enabled with 802.1x function,
with the interval of tx-period.
1-18
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
tx-period-value: Value of the tx-period, in seconds. This value ranges from 10 to 120
and defaults to 30.
supp-timeout: Supplicant timeout timer, triggered when the switch sends a
request/challenge packet (for MD5 ciphered text) to the supplicant system. If within the
period, no response has been sent back from the supplicant system, the switch will
resend the request/challenge packet.
supp-timeout-value: Time interval of the authentication timer, in seconds. This value
can range from 10 to 120 with a default value of 30.
server-timeout: Server-timeout timer, if within the period, no response has been sent
back from the Authentication server, the switch will resend the request/Identity packet.
server-timeout-value: Value of the server timeout timer, in seconds. This value can
range from 100 to 300 with a default value of 100.
ver-period: Client-version-checking period timer, if within the period, no response
packet has been sent back from the supplicant system, the switch will resend the client
version checking request packet.
ver-period-value: Value of the client-version-checking period timer, in seconds. This
value can range from 1 to 30 with a default value of 30.
Description
Use the dot1x timer command to set a specified 802.1x timer.
Use the undo dot1x timer command to resume the default value of a specified 802.1x
timer.
During an 802.1x authentication process, multiple timers are triggered to ensure that
the supplicant systems, the authenticator systems, and the Authentication servers
interact with each other in an arranged way. To make authentications being processed
in a desired way, you can use the dot1x timer command to set values for these timers
as needed. This may be necessary in certain situations or for some tough network
environments. Normally, the defaults are recommended. (Note that some timers cannot
be adjusted.)
Related command: display dot1x.
Example
# Set the server-timeout to 150 seconds.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] dot1x timer server-timeout 150
1-19
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
1.1.15 dot1x version-check
Syntax
dot1x version-check [ interface interface-list ]
undo dot1x version-check [ interface interface-list ]
View
System view, Ethernet port view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-name [ to interface- name] & < 1-10 >.
The interface-name argument is the port index of an Ethernet port and can be specified
in this form: interface-name = { interface-type interface-num }, where interface-type
specifies the type of a port and interface-num identifies the port number. "&<1-10>"
means that up to 10 port indexes/port index lists can be provided.
Description
Use the dot1x version-check command to enable 802.1x client version checking for
specified Ethernet ports.
Use the undo dot1x version-check command to disable 802.1x client version
checking for specified Ethernet ports.
By default, 802.1x client version checking is disabled on all Ethernet ports.
In system view, execution of the dot1x version-check command enables the client
version checking function for specified ports if the interface-list argument is specified,
otherwise it enables the function globally. In Ethernet port view, only the current port
can have their client version checking function enabled by executing this command and
the interface-list argument is not needed.
Example
# Configure Ethernet 3/0/1 port to check the version of the 802.1x client upon receiving
authentication packets.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 3/0/1
[3Com-Ethernet3/0/1] dot1x version-check
1.1.16 reset dot1x statistics
Syntax
reset dot1x statistics [ interface interface-list ]
1-20
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 1 802.1x Configuration Commands
View
User view
Parameter
interface-list: Ethernet port list. You can specify multiple Ethernet ports by providing this
argument in the form of interface-list = { interface-name [ to interface- name] & < 1-10 >.
The interface-name argument is the port index of an Ethernet port and can be specified
in this form: interface-name = { interface-type interface-num }, where interface-type
specifies the type of a port and interface-num identifies the port number. "&<1-10>"
means that up to 10 port indexes/port index lists can be provided.
Description
Use the reset dot1x statistics command to clear 802.1x-related statistics.
Use this command to reset 802.1x-related statistics.
In this command:
If the interface-list argument is not specified, this command clears statistics globally
and the 802.1X statistics on all ports. If the interface-list argument is specified, this
command clears statistics on the ports specified by the argument.
Related command: display dot1x.
Example
# Clear 802.1x-related statistics on Ethernet 3/0/1 port.
<3Com> reset dot1x statistics interface Ethernet 3/0/1
1-21
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 2 HABP Configuration Commands
Chapter 2 HABP Configuration Commands
2.1 HABP Configuration Commands
2.1.1 display habp
Syntax
display habp
View
Any view
Parameter
None
Description
Use the display habp command to display HABP configuration and status information.
Example
# Display HABP configuration and status information.
<3Com> display habp
Global HABP information:
HABP Mode: Server
Sending HABP request packets every 20 seconds
Bypass VLAN: 2
Table 2-1 Description on the fields of the display habp command
Field
HABP Mode
Description
Indicates the HABP mode of the switch. A switch can
operate as an HABP server (displayed as Server) or an
HABP client (displayed as Client).
Sending HABP request HABP request packets are sent once in every 20
packets every 20 seconds seconds.
Bypass VLAN
Indicates the ID(s) of the VALN(s) to which HABP request
packets are sent
2-1
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 2 HABP Configuration Commands
2.1.2 display habp table
Syntax
display habp table
View
Any view
Parameter
None
Description
Use the display habp table command to display the MAC address table maintained by
HABP.
Example
# Display the MAC address table maintained by HABP.
<3Com> display habp table
MAC
Holdtime
Receive Port
001f-3c00-0030
53
Ethernet1/0/1
Table 2-2 Description on the fields of the display habp table command
Field
Description
MAC
MAC addresses listed in the HABP MAC address table.
Holdtime
Hold time of the entries in the HABP MAC address table. An
address will be removed from the table if it has not been updated
during the hold time.
Receive Port
The port from which a MAC address is learned
2.1.3 display habp traffic
Syntax
display habp traffic
View
Any view
Parameter
None
2-2
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 2 HABP Configuration Commands
Description
Use the display habp traffic command to display statistics on HABP packets.
Example
# Display statistics on HABP packets.
<3Com> display habp traffic
HABP counters :
Packets output: 0, Input: 0
ID error: 0, Type error: 0, Version error: 0
Sent failed: 0
Table 2-3 Description on the fields of the display habp traffic command
Field
Description
Packets output
Number of the HABP packets sent
Input
Number of the HABP packets received
ID error
Number of HABP packets with ID errors
Type error
Number of HABP packets with type errors
Version error
Number of HABP packets with version errors
Sent failed
Number of HABP packets that failed to be sent
2.1.4 habp enable
Syntax
habp enable
undo habp enable
View
System view
Parameter
None
Description
Use the habp enable command to enable HABP for a switch.
Use the undo habp enable command to disable HABP for a switch.
By default, HABP is enabled on a switch.
2-3
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 2 HABP Configuration Commands
If an 802.1x-enabled switch does not have HABP enabled, it cannot manage the
switches attached to it.
Example
# Enable HABP.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] habp enable
2.1.5 habp server vlan
Syntax
habp server vlan vlan-id
undo habp server
View
System view
Parameter
vlan-id: VLAN ID, ranging from 1 to 4,094.
Description
Use the habp server vlan command to configure a switch to operate as an HABP
server and HABP packets to be broadcast in specified VLAN.
Use the undo habp server vlan command to revert to the default HABP mode.
By default, a switch operates as an HABP client.
To specify a switch to operate as an HABP server, you need to enable HABP (using the
habp enable command) for the switch first. Even if HABP is not enabled, the client can
still configure the switch to work as an HABP client, although this has no effect.
Example
# Specify the switch to operate as an HABP server and the HABP packets to be
broadcast in VLAN 2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] habp server vlan 2
2.1.6 habp timer
Syntax
habp timer interval
2-4
3Com Switch 7750 Series
Command Reference Guide – 802.1x
Chapter 2 HABP Configuration Commands
undo habp timer
View
System view
Parameter
interval: Interval (in seconds) to send HABP request packets. This argument ranges
from 5 to 600.
Description
Use the habp timer command to set the interval for a switch to send HABP request
packets.
Use the undo habp timer command to revert to the default interval.
The default interval for a switch to send HABP request packets is 20 seconds.
Use these two commands on switches operating as HABP servers only.
Example
# Configure the switch to send HABP request packets once in every 50 seconds <3Com>
system-view
System View: return to User View with Ctrl+Z.
[3Com] habp timer 50
2-5
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Table of Contents
Table of Contents
Chapter 1 AAA & RADIUS & HWTACACS Configuration Commands ..................................... 1-1
1.1 AAA Configuration Commands.......................................................................................... 1-1
1.1.1 access-limit.............................................................................................................. 1-1
1.1.2 attribute ................................................................................................................... 1-2
1.1.3 cut connection ......................................................................................................... 1-3
1.1.4 display connection................................................................................................... 1-4
1.1.5 display domain ........................................................................................................ 1-5
1.1.6 display local-user..................................................................................................... 1-7
1.1.7 domain..................................................................................................................... 1-9
1.1.8 idle-cut................................................................................................................... 1-10
1.1.9 level ....................................................................................................................... 1-11
1.1.10 local-user............................................................................................................. 1-12
1.1.11 local-user password-display-mode...................................................................... 1-13
1.1.12 messenger........................................................................................................... 1-13
1.1.13 name ................................................................................................................... 1-14
1.1.14 password ............................................................................................................. 1-15
1.1.15 radius-scheme..................................................................................................... 1-16
1.1.16 scheme................................................................................................................ 1-17
1.1.17 self-service-url ..................................................................................................... 1-18
1.1.18 service-type ......................................................................................................... 1-19
1.1.19 state..................................................................................................................... 1-20
1.1.20 vlan-assignment-mode........................................................................................ 1-21
1.2 RADIUS Configuration Commands ................................................................................. 1-23
1.2.1 accounting-on enable............................................................................................ 1-23
1.2.2 accounting optional ............................................................................................... 1-25
1.2.3 data-flow-format .................................................................................................... 1-26
1.2.4 display local-server statistics................................................................................. 1-27
1.2.5 display radius ........................................................................................................ 1-27
1.2.6 display radius statistics ......................................................................................... 1-29
1.2.7 display stop-accounting-buffer .............................................................................. 1-30
1.2.8 key......................................................................................................................... 1-31
1.2.9 local-server............................................................................................................ 1-33
1.2.10 nas-ip................................................................................................................... 1-34
1.2.11 primary accounting.............................................................................................. 1-35
1.2.12 primary authentication......................................................................................... 1-36
1.2.13 radius nas-ip........................................................................................................ 1-37
1.2.14 radius scheme ..................................................................................................... 1-38
1.2.15 reset radius statistics........................................................................................... 1-39
i
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Table of Contents
1.2.16 reset stop-accounting-buffer ............................................................................... 1-40
1.2.17 retry ..................................................................................................................... 1-41
1.2.18 retry realtime-accounting..................................................................................... 1-42
1.2.19 retry stop-accounting........................................................................................... 1-43
1.2.20 secondary accounting ......................................................................................... 1-44
1.2.21 secondary authentication .................................................................................... 1-45
1.2.22 server-type .......................................................................................................... 1-46
1.2.23 state..................................................................................................................... 1-46
1.2.24 stop-accounting-buffer enable............................................................................. 1-48
1.2.25 timer .................................................................................................................... 1-49
1.2.26 timer quiet............................................................................................................ 1-50
1.2.27 timer realtime-accounting.................................................................................... 1-50
1.2.28 timer response-timeout ....................................................................................... 1-51
1.2.29 user-name-format................................................................................................ 1-52
1.3 HWTACACS Configuration Commands .......................................................................... 1-54
1.3.1 data-flow-format .................................................................................................... 1-54
1.3.2 display hwtacacs ................................................................................................... 1-55
1.3.3 display stop-accounting-buffer .............................................................................. 1-56
1.3.4 hwtacacs nas-ip..................................................................................................... 1-57
1.3.5 hwtacacs scheme.................................................................................................. 1-58
1.3.6 key......................................................................................................................... 1-58
1.3.7 nas-ip..................................................................................................................... 1-59
1.3.8 primary accounting................................................................................................ 1-60
1.3.9 primary authentication........................................................................................... 1-61
1.3.10 primary authorization........................................................................................... 1-62
1.3.11 reset hwtacacs statistics ..................................................................................... 1-63
1.3.12 reset stop-accounting-buffer ............................................................................... 1-63
1.3.13 retry stop-accounting........................................................................................... 1-64
1.3.14 secondary accounting ......................................................................................... 1-65
1.3.15 secondary authentication .................................................................................... 1-66
1.3.16 secondary authorization ...................................................................................... 1-67
1.3.17 stop-accounting-buffer enable............................................................................. 1-68
1.3.18 timer quiet............................................................................................................ 1-69
1.3.19 timer realtime-accounting.................................................................................... 1-69
1.3.20 timer response-timeout ....................................................................................... 1-71
1.3.21 user-name-format................................................................................................ 1-71
Chapter 2 EAD Configuration Commands .................................................................................. 2-1
2.1 EAD Configuration Commands.......................................................................................... 2-1
2.1.1 security-policy-server .............................................................................................. 2-1
ii
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.1 AAA Configuration Commands
1.1.1 access-limit
Syntax
access-limit { disable | enable max-user-number }
undo access-limit
View
ISP domain view
Parameter
disable: Specifies not to limit the number of access users that can be contained in
current ISP domain.
enable max-user-number: Specifies the maximum number of access users that can be
contained in current ISP domain. The value of max-user-number ranges from 1 to
4120.
Description
Use the access-limit command to set the maximum number of access users that can
be contained in current ISP domain.
Use the undo access-limit command to restore the default maximum number.
By default, the number of access users that can be contained in current ISP domain is
unlimited.
Because resource contention may occur between access users, there is a need to
properly limit the number of access users in an ISP domain to provide reliable
performance to the users in the ISP domain.
Example
# Allow ISP domain aabbcc.net to contain up to 500 access users.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] domain aabbcc.net
New Domain added.
1-1
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
[3Com-isp-aabbcc.net] access-limit enable 500
1.1.2 attribute
Syntax
attribute { ip ip-address | mac mac-address | idle-cut second | access-limit
max-user-number | vlan vlan-id | location { nas-ip ip-address port port-number | port
port-number } }*
undo attribute { ip | mac | idle-cut | access-limit | vlan | location }*
View
Local user view
Parameter
ip: Sets the IP address to which the user is bound.
mac: Sets the MAC address to which the user is bound. mac-address is in
dash-delimited hexadecimal notation, that is, in the H-H-H format.
idle-cut second: Allows/disallows the enabling of the idle-cut function by the local user
(The data for idle-cut operation depends on the configuration in the ISP domain). The
second argument is the idle time (in seconds) before cutting down. It ranges from 60 to
7200.
access-limit max-user-number: Sets the maximum number of users who can access
the switch with current user name. The value of max-user-number ranges from 1 to
4096.
vlan vlan-id: Sets the VLAN to which the user is bound; that is, sets which VLAN the
user belongs to. vlan-id is an integer ranging from 1 to 4094.
location: Sets the port binding attribute of the user.
nas-ip ip-address: Sets the IP address of the access server to which the user is bound
to. ip-address is in dotted decimal notation and is 127.0.0.1 (representing this device)
by default.
port port-number: Sets the port that is bound to the user. port-number is in the format of
"slot number subslot number port number". If the bound port has no subslot number,
just input 0 for this item.
Description
Use the attribute command to set the attributes of a local user.
Use the undo attribute command to cancel attribute settings of the local user.
Note that if the user is bound to a remote port, you must specify the nas-ip keyword. If
the user is bound to a local port, you need not specify the nas-ip keyword.
1-2
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Note:
If the accounting optional switch is turned on (with the accounting optional command)
in the ISP domain to which the local user belongs or the RADIUS scheme referenced
by the ISP, you cannot limit the number of accesses by the local user. That is, the
attribute access-limit command does not take effect.
Related command: display local-user.
Example
# Set the IP address of 3Com1 to 10.110.50.1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] local-user 3Com1
[3Com-luser-3Com1] attribute ip 10.110.50.1
1.1.3 cut connection
Syntax
cut connection { all | access-type dot1x | domain domain-name | interface
interface-type interface-number | ip ip-address | mac mac-address | radius-scheme
radius-scheme-name | vlan vlan-id | ucibindex ucib-index | user-name user-name }
View
System view
Parameter
all: Cuts down all user connections
access-type dot1x: Cuts down all 802.1x user connections.
domain isp-name: Cuts down all user connections in the specified ISP domain.
isp-name is the name of an ISP domain. It is a character string of up to 24 characters.
You can only specify an existing ISP domain.
interface interface-type interface-number: Cuts down all user connections to the
specified port.
ip ip-address: Cuts down the connection of the user with the specified IP address.
mac mac-address: Cuts down the user connection with the specified MAC address.
mac-address is in dash-delimited hexadecimal notation, that is, in the H-H-H format.
radius-scheme radius-scheme-name: Cuts down all user connections using the
specified RADIUS scheme. radius-scheme-name is a character string of up to 32
characters.
1-3
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
vlan vlan-id: Cuts down all user connections of the specified VLAN. vlan-id ranges from
1 to 4094.
ucibindex ucib-index: Cuts down the user connection with the specified connection
index. The value of ucib-index ranges from 0 to 4119.
user-name user-name: Cuts down the user connection of the specified user.
user-name is a character string of up to 80 characters. The string cannot contain the
following characters: /:*?<>. It can contain no more than one @ character. The pure
user name (user ID, that is, the part before @) can contain no more than 55 characters.
Description
Use the cut connection command to cut down one user connection or one type of user
connections forcibly.
This command cuts down the connections of 802.1x users only.
Related command: display connection.
Example
# Cut down all 802.1x user connections in the ISP domain named aabbcc.net.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] cut connection domain aabbcc.net
1.1.4 display connection
Syntax
display connection [ access-type dot1x | domain domain-name | interface
interface-type interface-number | ip ip-address | mac mac-address | radius-scheme
radius-scheme-name | vlan vlan-id | ucibindex ucib-index | user-name user-name ]
View
Any view
Parameter
access-type dot1x: Displays all 802.1x user connections.
domain isp-name: Displays all user connections in the specified ISP domain. isp-name
is the name of an ISP domain, a character string of up to 24 characters. You can only
specify an existing ISP domain.
interface interface-type interface-number: Displays all user connections on the
specified port.
ip ip-address: Displays all user connections with the specified IP address.
1-4
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
mac mac-address: Displays the connection of the user with the specified MAC address.
mac-address is in dash-delimited hexadecimal notation (in the form of H-H-H).
radius-scheme radius-scheme-name: Displays all user connections using the
specified RADIUS scheme. radius-scheme-name is a character string of up to 32
characters.
vlan vlan-id: Displays all user connections of the specified VLAN. The value of vlan-id
ranges from 1 to 4094.
ucibindex ucib-index: Displays the user connection with the specified connection
index.
user-name user-name: Displays the user connection with the specified user name.
user-name is a character string of up to 32 characters. The string cannot contain the
following characters: /:*?<>. It can contain no more than one @ character. The pure
user name (user ID, that is, the part before @) can contain no more than 24 characters.
Description
Use the display connection command to display information about the specified user
connection or all user connections, so as to troubleshoot user connections.
If you execute this command without specifying any argument, all user connections will
be displayed.
This command displays information about the connections of 802.1x users only.
Related command: cut connection.
Example
# Display information about all 802.1x user connections.
<3Com> display connection
Total 0 connections matched ,0 listed.
1.1.5 display domain
Syntax
display domain [ isp-name ]
View
Any view
Parameter
isp-name: Name of an ISP domain, a character string of up to 24 characters. This must
be the name of an existing ISP domain.
1-5
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Description
Use the display domain command to display the configuration information about one
specific or all ISP domains.
If you execute this command without specifying any argument, the configuration of all
ISP domains will be displayed.
The output information helps ISP domain diagnosis and troubleshooting
Related command: access-limit, domain, radius-scheme, user-template, state,
display domain.
Example
# Display the configuration information about all ISP domains.
<3Com> display domain
0
Domain = system
State = Active
Scheme = LOCAL
Access-limit = Disable
Vlan-assignment-mode = Integer
accounting-mode = time
Domain User Template:
Idle-cut = Disable
Self-service = Disable
Messenger Time = Disable
Default Domain Name: system
Total 1 domain(s).1 listed.
Table 1-1 describes the fields shown in the display.
Table 1-1 Description on the fields of the display domain command
Field
Description
0 Domain
ISP domain index…Domain name
State
State
Scheme
AAA scheme: LOCAL (local authentication), NONE (no
authentication), or RADIUS scheme name
Access-Limit
Limit on the number of access users
Vlan-assignment-mode
Dynamic VLAN assignment mode: integer or string
accounting-mode
Accounting mode: time (time-based accounting) and
traffic (traffic-based accounting)
Domain User Template
Domain user template
1-6
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Field
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Description
Idle-cut
Sets the idle-cut function. Disable means the idle-cut
function is disabled; enable means the function is
enabled.
Self-service
URL of the self-service server. Disable means the
self-service server location function is disabled. After
the self-service server location function is enabled, the
URL of the configured self-service server.
Messenger Time
State of the messenger time service. Disable means
the messenger time service is disabled. After the
messenger time service is configured, the time and
interval of the prompt messages.
1.1.6 display local-user
Syntax
display local-user [ domain isp-name | idle-cut { enable | disable } | service-type
{ telnet | ftp | ssh | terminal | lan-access } | state { active | block } | user-name
user-name | vlan vlan-id ]
View
Any view
Parameter
domain isp-name: Displays all local users belonging to the specified ISP domain.
isp-name is the name of an ISP domain, a character string of up to 24 characters. You
can only specify an existing ISP domain.
idle-cut: Displays the local users who are inhibited from enabling the idle-cut function,
or the local users who are allowed to enable the idle-cut function. disable specifies the
inhibited local users and enable specifies the allowed local users. This argument only
applies to the users configured with lan-access service. For users configured with any
other type of service, the display local-user idle-cut enable and display local-user
idle-cut disable commands do not output any user information.
service-type: Displays the local users of the specified type. You can specify one of the
following user types: telnet, ftp, lan-access (generally, this type of users are Ethernet
access users, for example, 802.1x users), ssh, terminal (this type of users are terminal
users who log into the switch through the Console port).
state { active | block }: Displays the local users in the specified state. active
represents the users allowed to request network services, and block represents the
users inhibited to request network services.
1-7
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
user-name user-name: Displays the local user who has the specified user name.
user-name is a character string of up to 80 characters. The string cannot contain the
following characters: /:*?<>. It can contain no more than one @ character. The pure
user name (user ID, that is, the part before @) can contain no more than 55 characters.
vlan vlan-id: Displays the local users belonging to the specified VLAN. The value of
vlan-id ranges from 1 to 4094.
Description
Use the display local-user command to display information about a specific or all local
users, so as to troubleshoot local user configuration.
By default, this command displays the information about all local users.
Related command: local-user, service-type.
Example
# Display information about all local users.
<3Com> display local-user
The contents of local user user1:
State:
Active
Idle-cut:
Disable
Access-limit:
Disable
Bind location:
Disable
Vlan ID:
Disable
IP address:
Disable
MAC address:
Disable
ServiceType Mask: T
Current AccessNum: 0
User Privilege: 0
Total 1 local user(s) Matched, 1 listed.
Table 1-2 describes the fields in the above display output.
Table 1-2 Description on the fields of the display local-user command
Field
State
Description
State of the local user
Service type mark of local user:
T: Telnet
S: SSH
ServiceType Mask
C: Terminal service
LM: lan-access
F: FTP
None: No service type is set.
Idle Cut
State of the idle-cut function
1-8
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Field
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Description
Access-Limit
Limit on the number of access users
Bind location
Whether or not bound to a port
VLAN ID
VLAN of the user
IP address
IP address of the user
MAC address
MAC address of the user
User Privilege
User privilege
1.1.7 domain
Syntax
domain { isp-name | default { disable | enable isp-name } }
undo domain isp-name
View
System view
Parameter
isp-name: Name of a ISP domain, a character string of up to than 24 characters. This
string cannot contain the following characters: /:*?<>.
default enable isp-name: Specifies the default ISP domain.
disable: Restores the default ISP domain to "system".
Description
Use the domain command to create an ISP domain or enter the view of an existing ISP
domain.
Use the undo domain command to delete a specified ISP domain.
The default ISP domain is "system".
An ISP domain is an ISP user group comprising the users of the same ISP. Normally, in
a username (such as gw20010608@aabbcc.net) in the userid@isp-name format,
isp-name (such as aabbcc.net in the above example) after "@" is the name of the ISP
domain. When implementing access control, for ISP users with the name format
userid@isp-name, a 3Com series Ethernet switch uses the userid as the username for
authentication and uses "isp-name" for domain name.
ISP domains are intended to support a multi-ISP application environment where an
access device may be accessed by users of different ISPs. The user attributes, such as
username/password formation and service type/privilege, of ISP users may vary.
1-9
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Therefore, it is necessary to distinguish between them by setting ISP domains. You can
configure a complete set of independent ISP domain attributes, including AAA schemes
(such as the RADIUS scheme used), for each ISP domain in ISP domain view.
For the switch, each access user belongs to an ISP domain.
You can configure up to 16 ISP domains in the system. If the specified ISP domain does
not exist when you issue this command, the system creates a new ISP domain. An ISP
domain is active immediately after being created.
Related command: access-limit, scheme, state, display domain
Example
# Create an ISP domain named aabbcc.net and enter its view.
[3Com] domain aabbcc.net
New Domain added.
[3Com-isp-aabbcc.net]
1.1.8 idle-cut
Syntax
dle-cut { disable | enable minute flow }
View
ISP domain view
Parameter
disable: Inhibits users from enabling the idle-cut function.
enable: Allows users to enable the idle-cut function.
minute: Maximum idle time, ranging from 1 minute to 120 minutes.
flow: Minimum data flow, ranging from 1 byte to 10,240,000 bytes (10 M).
Description
Use the idle-cut command to set the user idle-cut function in current ISP domain.
By default, this function is disabled.
A user template is a set of default user attributes. If a user requesting for a network
service does not possess a required attribute, the attribute in a user template is used as
the user's default attribute. If neither the user nor the RADIUS server specifies whether
its idle-cut function is enabled, the idle-cut function state of the user template is
specified as that of the user.
A user template applies to only one ISP domain. Therefore, you need to configure
different user template attributes for users in different ISP domains.
1-10
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Related command: domain.
Example
# Allow users in ISP domain aabbcc.net to enable the idle-cut attribute in user template
(that is, allow the user to use the idle-cut function), with the maximum idle time of 50
minutes and the minimum data flow of 500 bytes.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] domain aabbcc.net
New Domain added.
[3Com-isp-aabbcc.net] idle-cut enable 50 500
1.1.9 level
Syntax
level level
undo level
View
Local user view
Parameter
level: Priority level of the user. It is an integer ranging from 0 to 3 and defaulting to 0.
Description
Use the level command to set the priority level of the user.
Use the undo level command to restore the default priority level of the user.
Note:
The commands that a user can access after login is determined by the priority level of
the user and the level set on the user interface. If the two levels are different:
z
The command level that a user passing AAA/RADIUS authentication can access is
determined by the priority level of the user. For example, if the priority level of a user
is 3 and the command level set on the VTY 0 user interface is 1, the user can access
the commands under level 3 after logging in to the system from VTY 0.
z
The command level that a user passing RSA authentication can access is
determined by the level set on the user interface.
1-11
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Example
# Set the level of user1 to 3.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] local-user 3Com1
[3Com-luser-3Com1] level 3
1.1.10 local-user
Syntax
local-user user-name
undo local-user { user-name | all [ service-type { telnet | ftp | lan-access | ssh |
terminal } ] }
View
System view
Parameter
user-name: Name of the local user, a character string of up to 80 characters. This string
cannot contain the following characters: /:*?<>. It can contain no more than one @
character. The pure user name (user ID, that is, the part before @) cannot be longer
than 55 characters. The local user name is case insensitive.
service-type: Specifies the local users of the specified type. You can specify one of the
following user types: telnet, ftp, and lan-access (generally, this type of users are
Ethernet access users, for example, 802.1x users), ssh, and terminal (this type of
users are terminal users who log into the switch through the Console port).
all: Specifies all local users.
Description
Use the local-user command to add a local user and enter local user view.
Use the undo local-user command to delete one or more specified local users.
By default, there is no local user in the system.
Related command: display local-user and service-type.
Example
# Add a local user named 3Com1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] local-user 3Com1
[3Com-luser-3Com1]
1-12
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.1.11 local-user password-display-mode
Syntax
local-user password-display-mode { cipher-force | auto }
undo local-user password-display-mode
View
System view
Parameter
cipher-force: Adopts the forcible cipher mode so that the passwords of all local users
must be displayed in cipher text.
auto: Adopts the automatic mode so that the passwords of local users are displayed in
the modes set with the password command.
Description
Use the local-user password-display-mode command to set the password display
mode of all local users
Use the undo local-user password-display-mode command to restore the default
password display mode of all local users.
When the cipher-force mode is adopted, all passwords will be displayed in cipher text
even through some users have specified to display their passwords in plain text by
using the password command with the simple keyword.
By default, the password display mode of all access users is auto.
Related command: display local-user and password.
Example
# Specify to display all local user passwords in cipher text forcibly.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] local-user password-display-mode cipher-force
1.1.12 messenger
Syntax
messenger time { enable limit interval | disable }
undo messenger time
View
ISP domain view
1-13
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Parameter
limit: Time limit in minutes, ranging from 1 to 60. The switch will send prompt messages
at regular intervals to users whose remaining online time is less than this limit.
interval: Interval to send prompt messages (in minutes). This argument ranges from 5
to 60 and must be a multiple of 5.
Description
Use the messenger time enable command to enable the messenger function and set
the related parameters.
Use the messenger time disable command to disable the messenger function.
Use the undo messenger time command to restore the messenger function to its
default state.
By default, the messenger function is disabled on the switch.
The purpose of this function is to remind online users of their remaining online time
through clients in the form of message dialog.
You can use messenger time enable command to set a remaining online time limit
and the interval to send prompt messages. After that, the switch regularly sends prompt
messages at the set interval to the clients of the users whose remaining online time is
less than the set limit, and the clients inform the users of their remaining online time in
the form of message dialog.
Example
# Enable the switch to send prompt messages at intervals of 5 minutes to users after
their remaining online time is less than 30 minutes.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] domain system
New Domain added.
[3Com-isp-system] messenger time enable 30 5
1.1.13 name
Syntax
name string
undo name
View
VLAN view
1-14
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Parameter
string: VLAN Name for VLAN assignment, a character string of up to 32 characters.
Description
Use the name command to set a VLAN name, which will be used for VLAN assignment.
Use the undo name command to cancel the VLAN name.
By default, an VLAN uses its VLAN ID (like VLAN 0001) as its name.
This command is used for the dynamic VLAN assignment function. For details about
this function, refer to the vlan-assignment-mode command.
Related command: dot1x guest-vlan and vlan-assignment-mode.
Example
# Set the name of VLAN 100 to test.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 100
[3Com-vlan100] name test
1.1.14 password
Syntax
password { simple | cipher } password
undo password
View
Local user view
Parameter
simple: Specifies to display the password in plain text.
cipher: Specifies to display the password in cipher text.
password: Password you want to set, a character string.
z
For simple mode, the password must be in plain text.
z
For cipher mode, the password can be either in cipher text or in plain text,
depending on your input.
A password in plain text can be a string with of up to 16 consecutive characters, for
example, 3Com918. A password in cipher text can be 24 characters in length, for
example, _(TT8F]Y\5SQ=^Q`MAF4<1!!.
1-15
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Description
Use the password command to set a password for the local user.
Use the undo password command to cancel the password configured.
Note that, after the local-user password-display-mode cipher-force command is
executed, the password will be displayed in cipher text even though you use the
password command to set the password to be displayed in plain text, that is, in the
simple mode.
Related command: display local-user.
Example
# Set the password of a user named 3Com1 to 20030422 and specify to display the
password in plain text.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] local-user 3Com1
[3Com-luser-3Com1] password simple 20030422
1.1.15 radius-scheme
Syntax
radius-scheme radius-scheme-name
View
ISP domain view
Parameter
radius-scheme-name: Name of a RADIUS scheme, a character string of up to 32
characters.
Description
Use the radius-scheme command to specify the RADIUS scheme to be used by
current ISP domain.
Once an ISP domain is created, it uses the local AAA scheme instead of any RADIUS
scheme by default.
The RADIUS scheme you specified in the radius-scheme command must be an
existing scheme. This command is equivalent to the scheme radius-scheme
command.
Related command: radius scheme, display radius.
1-16
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Example
# Specify the scheme "3Com" as the RADIUS scheme to be used by current ISP
domain "aabbcc.net".
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] domain aabbcc.net
New Domain added.
[3Com-isp-aabbcc.net] radius-scheme 3Com
1.1.16 scheme
Syntax
scheme { radius-scheme radius-scheme-name [ local ] | local | none }
undo scheme [ radius-scheme | none ]
View
ISP domain view
Parameter
radius-scheme-name: Name of a RADIUS scheme referenced, a character string of up
to 32 characters.
local: Specifies to use local authentication.
none: Specifies not to perform authentication.
Description
Use the scheme command to specify the AAA scheme used by current ISP domain.
Use the undo scheme command to restore the default AAA scheme used by the ISP
domain.
By default, the ISP domain uses the local AAA scheme.
z
If you execute the scheme radius-scheme radius-scheme-name local command,
the local scheme becomes the secondary scheme in case the RADIUS server
does not response normally. That is, if the communication between the switch and
the RADIUS server is normal, no local authentication is performed; otherwise,
local authentication is performed. If you configure a RADIUS scheme but
configure no local authentication, local authentication does not work after the
authentication fails.
If the AAA scheme is specified as local, the system uses local authentication only but
not RADIUS authentication. This is also true of the none and local AAA schemes.
You can also configure the RADIUS scheme used by the ISP domain by using the
radius-scheme command.
1-17
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Related command: radius scheme and display radius
Example
# Specify the RADIUS scheme "3Com" as the AAA scheme referenced by the ISP
domain "aabbcc.net".
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] domain aabbcc.net
New Domain added.
[3Com-isp-aabbcc.net] scheme radius-scheme 3Com
1.1.17 self-service-url
Syntax
self-service-url enable url-string
self-service-url disable
View
ISP domain view
Parameter
url-string: URL of the web page used to modify user password on the self-service server.
It is a character string with 1 character to 64 characters. This string cannot contain a
question mark "?". If the actual URL of the self-service server contains any question
mark, you should change it to an elect bar "|".
Description
Use the self-service-url enable command to enable the self-service server location
function
Use the self-service-url disable command to disable the self-service server location
function
By default, this function is disabled.
This command must be used with the cooperation of a self-service-supported RADIUS
server (such as CAMS). Through self-service, users can manage and control their
accounts or card numbers by themselves. A server installed with the self-service
software is called a self-service server.
After this command is executed on the switch, users can locate the self-service server
through the following operation:
z
Choose [change user password] on the 802.1x client.
z
The client opens the default browser (for example, IE or Netscape) and locates the
specified URL page used to change user password on the self-service server.
1-18
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
z
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Then, the user can change the password.
A user can choose the [change user password] option on the client only after passing
the authentication. If the user fails the authentication, this option is in grey and is
unavailable.
Example
# Under the default ISP domain "system", set the URL of the web page used to modify
user password on the self-service server to http://10.153.89.94/selfservice/modPassw
d1x.jsp|userName.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] domain system
[3Com-isp-system]
self-service-url
enable
http://10.153.89.94/selfservice/modPasswd1x.jsp|userName
1.1.18 service-type
Syntax
service-type { ftp [ ftp-directory directory ] | lan-access | { ssh | telnet | terminal }*
[ level level ] }
undo service-type { ftp [ ftp-directory ] | lan-access | { ssh | telnet | terminal }* }
View
Local user view
Parameter
ftp: Specifies that this is a ftp user.
ftp-directory directory: Specifies the path for FTP users. directory is a string of up to 64
characters.
lan-access: Specifies that this is a LAN access user (who is generally an Ethernet
access user, for example, 802.1x user).
ssh: Specifies that this is an ssh user.
telnet: Specifies that this is a Telnet user.
terminal: Authorizes the user to access the terminal service (that is, allows the user to
log into the switch through the Console port).
level level: Specifies the level of the Telnet, terminal or SSH user. Where, level is an
integer ranging from 0 to 3 and defaulting to 0.
1-19
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Description
Use the service-type command to authorize the user to access the specified type(s) of
service(s).
Use the undo service-type command to inhibit the user from accessing the specified
type(s) of service(s).
By default, the user is inhibited from accessing any type of service.
Example
# Authorize 3Com1 to access the lan-access service.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] local-user 3Com1
[3Com-luser-3Com1] service-type lan-access
1.1.19 state
Syntax
state { active | block }
View
ISP domain view or local user view
Parameter
active: Activates the current ISP domain (in ISP domain view) or current user (in local
user view), to allow users in current ISP domain or current user to access the network.
block: Hangs up the current ISP domain (in ISP domain view) or current user (in local
user view), to inhibit users in current ISP domain or current user from accessing the
network.
Description
Use the state command to set the status of current ISP domain or the status of the local
user.
By default, an ISP domain is in the active state once it is created (in ISP domain view),
and a local user is in the active state once the user is created (in local user view).
In ISP domain view, each ISP domain can be in one of two states: active and block.
Users in an active ISP domain are allowed to access the network. After an ISP domain
is set to the block state, except the online users, the users under this domain are not
allowed to access the network.
Related command: domain.
1-20
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Example
# Set the ISP domain aabbcc.net to the block state, so that all its offline users cannot
access the network.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] domain aabbcc.net
New Domain added.
[3Com-isp-aabbcc.net] state block
# Set 3Com1 to the block state.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] local-user 3Com1
[3Com-luser-3Com1] state block
1.1.20 vlan-assignment-mode
Syntax
vlan-assignment-mode { integer | string }
View
ISP domain name
Parameter
integer: Sets the VLAN assignment mode to integer.
string: Sets the VLAN assignment mode to string.
Description
Use the vlan-assignment-mode command to set the VLAN assignment mode (integer
or string) on the switch.
By default, the VLAN assignment mode is integer, that is, the switch supports its
RADIUS authentication server to assign integer VLAN IDs.
The dynamic VLAN assignment feature enables a switch to dynamically add the ports
of the successfully authenticated users to different VLANs according to the attributes
assigned by the RADIUS server, so as to control the network resources that different
users can access. In actual applications, to use this feature together with Guest VLAN,
you should better set port control to port-based mode.
Currently, the switch supports the RADIUS authentication server to assign the following
two types of VLAN IDs: integer and string.
1-21
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
z
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Integer: If the RADIUS server assigns integer type of VLAN IDs, you can set the
VLAN assignment mode to integer on the switch (this is also the default mode on
the switch). Then, upon receiving an integer ID assigned by the RADIUS
authentication server, the switch adds the port to the VLAN whose VLAN ID is
equal to the assigned integer ID. If no such a VLAN exists, the switch first creates
a VLAN with the assigned ID, and then adds the port to the newly created VLAN.
z
String: If the RADIUS server assigns string type of VLAN IDs, you can set the
VLAN assignment mode to string on the switch. Then, upon receiving a string ID
assigned by the RADIUS authentication server, the switch compares the ID with
existing VLAN names on the switch. If it finds a match, it adds the port to the
corresponding VLAN. Otherwise, the VLAN assignment fails and the user cannot
pass the authentication.
The two dynamic VLAN assignment modes, integer and string, supported by the switch
are set according to the authentication server. Different authentication servers adopt
different dynamic VLAN assignment modes, you are recommended to configure the
device according to the dynamic VLAN assignment mode in use.
Table 1-3 lists some common dynamic VLAN assignment modes.
Table 1-3 Common dynamic VLAN assignment modes
Server type
Dynamic VLAN assignment mode
CAMS
Integer (the latest version is determined by the
attribute)
ACS
String
FreeRADIUS
Determined by the attribute (100 is integer;
“100” is string)
Shiva Access Manager
String
Steel-Belted Radius Administrator
String
1-22
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Caution:
z
You are recommended to configure the VLAN assignment mode for the switch the
same as that of the assignment attribute value of the RADIUS authentication server.
Configure the correct assignment mode with the vlan-assignment-mode
command so that the switch correctly identifies the dynamic VLAN assigned by the
server. If the assignment modes are different, the expected configuration may not
take effect.
z
In string mode, the VLAN to be assigned must exist on the switch and must have
been configured with a VLAN name. This is not required in integer mode.
z
In string mode, if the VLAN ID assigned by the RADIUS server is a character string
containing only digits (for example, 1024), the switch first regards it as an integer
VLAN ID: the switch transforms the string to an integer value and judges if the value
is in the valid VLAN ID range; if it is, the switch adds the authenticated port to the
VLAN with the value as the VLAN ID (VLAN 1024, for example).
Related command: name, dot1x guest-vlan
Example
# Set the VLAN assignment mode to string.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] domain aabbcc.net
New Domain added.
[3Com-isp-aabbcc.net] vlan-assignment-mode string
1.2 RADIUS Configuration Commands
1.2.1 accounting-on enable
Syntax
accounting-on enable [ send times | interval interval ]
undo accounting-on { enable | send | interval }
View
RADIUS scheme view
Parameter
times: Maximum number of attempts to send Accounting-On packets, ranging from 1 to
256 and defaulting to 40.
1-23
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
interval: Interval to send Accounting-On packets, ranging from 1 to 30 and defaulting to
3 seconds.
Description
Use the accounting-on enable command to enable the user re-authentication upon
device restart function.
Use the undo accounting-on enable command to disable the user re-authentication
upon device restart function and restore the default interval and maximum number of
attempts to transmit Accounting-On packets.
Use the undo accounting-on send command to restore the default maximum number
of attempts to transmit Accounting-On packets.
Use the undo accounting-on interval command to restore the default interval to
transmit Accounting-On packets.
By default, this function is disabled.
The purpose of this function is to resolve this problem: users cannot re-log into the
switch after the switch restarts because they are already online. After this function is
enabled, every time the switch restarts:
z
The switch generates an Accounting-On packet, which mainly contains the
following information: NAS-ID, NAS-IP address (source IP address), and session
ID.
z
The switch sends the Accounting-On packet to CAMS at regular intervals.
z
Once the CAMS receives the Accounting-On packet, it sends a response to the
switch. At the same time it finds and deletes the original online information of the
users who accessed the network through the switch before the restart according to
the information contained in this packet (NAS-ID, NAS-IP address and session ID),
and ends the accounting of the users based on the last accounting update packet.
z
Once the switch receives the response from the CAMS, it stops sending other
Accounting-On packets.
z
If the switch does not receives any response from the CAMS after the times it
transmit Accounting-On packet reaches the configured maximum times, it does
not send any more Accounting-On packets.
1-24
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Note:
The switch can automatically generate the main attributes (NAS-ID, NAS-IP address
and session ID) in the Accounting-On packets. However, you can also manually
configure the NAS-IP address with the nas-ip command. If you choose to manually
configure this attribute, be sure to configure an appropriate and legal IP address. If this
attribute is not configured, the switch will automatically use the IP address of the VLAN
interface as the NAS-IP address.
Related command: nas-ip.
Example
# Enable the user re-authentication upon device restart function for the RADIUS
scheme named CAMS.
<3Com> system-view
[3Com] radius scheme CAMS
[3Com-radius-CAMS] accounting-on enable
1.2.2 accounting optional
Syntax
accounting optional
undo accounting optional
View
RADIUS scheme view/ISP domain view
Parameter
None
Description
Use the accounting optional command to open the accounting-optional switch.
Use the undo accounting optional command to close the accounting-optional switch
so that users are charged forcibly.
By default, once an ISP domain is created, the accounting-optional switch is closed.
Note that:
z
When the system charges an online user but it does not find any available
RADIUS accounting server or fails to communicate with any RADIUS accounting
server, the user can continue the access to network resources if the accounting
optional command has been used.
1-25
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
z
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
After the accounting optional command is used for a RADIUS scheme, the
system will no longer send real-time accounting update packets and
stop-accounting packets for any user who adopts the RADIUS scheme.
z
This configuration takes effect only on the accounting using this RADIUS scheme.
Example
# Execute the accounting-optional command for the RADIUS scheme CAMS.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme CAMS
[3Com-radius-cams] accounting optional
1.2.3 data-flow-format
Syntax
data-flow-format data { byte | giga-byte | kilo-byte | mega-byte } packet
{ giga-packet | kilo-packet | mega-packet | one-packet }
undo data-flow-format
View
RADIUS scheme view
Parameter
data: Sets the unit of measure for data.
byte: Specifies to measure data in bytes.
giga-byte: Specifies to measure data in gigabytes.
kilo-byte: Specifies to measure data in kilobytes.
mega-byte: Specifies to measure data in megabytes.
packet: Sets the unit of measure for packets.
giga-packet: Specifies to measure packets in giga-packets.
kilo-packet: Specifies to measure packets in kilo-packets.
mega-packet: Specifies to measure packets in mega-packets.
one-packet: Specifies to measure packets in packets.
Description
Use the data-flow-format command to set the units of measure for data flows sent to
RADIUS servers.
Use the undo data-flow-format command to restore the default units of measure.
By default, the unit of measure for data is byte and that for packets is one-packet.
1-26
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Related command: display radius.
Example
# Specify to measure data and packets in data flows sent to RADIUS server in kilobytes
and kilo-packets respectively.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] data-flow-format data kilo-byte packet kilo-packet
1.2.4 display local-server statistics
Syntax
display local-server statistics
View
Any view
Parameter
None
Description
Use the display local-server statistics command to display the statistics about all
local RADIUS authentication servers.
Related command: local-server.
Example
# Display the statistics about local RADIUS authentication server.
<3Com> display local-server statistics
The localserver packet statistics:
Receive:
30
Send:
30
Discard:
0
Receive Packet Error:
0
Auth Receive:
10
Auth Send:
10
Acct Receive:
20
Acct Send:
20
1.2.5 display radius
Syntax
display radius [ radius-scheme-name ]
1-27
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
View
Any view
Parameter
radius-scheme-name: Name of a RADIUS scheme, a character string of up to 32
characters. If this argument is not specified, this command displays the configuration
information about all RADIUS schemes.
Description
Use the display radius command to display the configuration information about one
specific or all RADIUS schemes.
By default, this command displays the configuration information about all RADIUS
schemes.
Related command: radius scheme.
Example
# Display the configuration information about all RADIUS schemes.
<3Com> display radius
-----------------------------------------------------------------SchemeName
=system
Index=0
Type=3Com
Primary Auth IP
=127.0.0.1
Port=1645
State=active
Primary Acct IP
=127.0.0.1
Port=1646
State=active
Second
Auth IP
=0.0.0.0
Port=1812
State=block
Second
Acct IP
=0.0.0.0
Port=1813
State=block
Auth Server Encryption Key= 3Com
Acct Server Encryption Key= 3Com
Accounting method = required
TimeOutValue(in second)=3 RetryTimes=3 RealtimeACCT(in minute)=12
Permitted send realtime PKT failed counts
=5
Retry sending times of noresponse acct-stop-PKT =500
Source-IP-address
=0.0.0.0
Quiet-interval(min)
=5
Username format
=without-domain
Data flow unit
=Byte
Packet unit
=1
-----------------------------------------------------------------Total 1 RADIUS scheme(s). 1 listed
1-28
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Table 1-4 Description on the fields of the display radius command
Field
Description
SchemeName
Name of the RADIUS scheme
Index
Index number of the RADIUS scheme
Type
Type of the RADIUS servers
Primary Auth IP/ Port/ State
IP address/access port number/state of the
primary authentication server
Primary Acct IP/ Port/ State
IP address/access port number/state of the
primary accounting server
Second Auth IP/ Port/ State
IP address/access port number/state of the
secondary authentication server
Second Acct IP/ Port/ State
IP address/access port number/state of the
secondary accounting server
Auth Server Encryption Key
Login password for the authentication servers
Acct Server Encryption Key
Login password for the accounting servers
TimeOutValue (seconds)
RADIUS server response timeout time
RetryTimes
Maximum number of transmission attempts
Permitted send realtime PKT
failed counts
Maximum allowed number of continuous
no-response real-time accounting requests
Retry
sending
times
of
non-response acct-stop-PKT
Maximum number of transmission attempts of
the buffered stop-accounting requests
Username format
User name format
Data flow unit
Unit of measure for data in data flows
Packet unit
Unit of measure for packets
1.2.6 display radius statistics
Syntax
display radius statistics
View
Any view
Parameter
None
1-29
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Description
Use the display radius statistics command to display the statistics about RADIUS
packets, so as to troubleshoot RADIUS configuration.
Related command: radius scheme.
Example
# Display the statistics about RADIUS packets.
<3Com> display radius statistics
state statistic(total=4120):
DEAD=4120
AuthProc=0
AuthSucc=0
AcctStart=0
RLTSend=0
RLTWait=0
AcctStop=0
OnLine=0
Stop=0
StateErr=0
Received and Sent packets statistic:
Sent PKT total
:0
Received PKT total:0
RADIUS received packets statistic:
Code= 2,Num=0
,Err=0
Code= 3,Num=0
,Err=0
Code= 5,Num=0
,Err=0
Code=11,Num=0
,Err=0
Running statistic:
RADIUS received messages statistic:
Normal auth request
, Num=0
, Err=0
, Succ=0
EAP auth request
, Num=0
, Err=0
, Succ=0
Account request
, Num=0
, Err=0
, Succ=0
Account off request
, Num=0
, Err=0
, Succ=0
PKT auth timeout
, Num=0
, Err=0
, Succ=0
PKT acct_timeout
, Num=0
, Err=0
, Succ=0
(The following display is omitted.)
1.2.7 display stop-accounting-buffer
Syntax
display stop-accounting-buffer { radius-scheme radius-scheme-name | session-id
session-id | time-range start-time stop-time | user-name user-name }
View
Any view
1-30
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Parameter
radius-scheme radius-scheme-name: Displays the buffered stop-accounting requests
of the specified RADIUS scheme. Where, radius-scheme-name is a character string of
up to 32 characters.
session-id session-id: Displays the buffered stop-accounting requests of the specified
session ID. Where, session-id is a character string of up to 50 characters.
time-range start-time stop-time: Displays the buffered stop-accounting requests in the
specified request time range. Where, start-time is the start time of the request time
range, stop-time is the end time of the request time range, and both are in the format
hh:mm:ss-mm/dd/yyyy or hh:mm:ss-yyyy/mm/dd. With this argument specified, this
command displays the buffered stop-accounting requests from the start time to the end
time.
user-name user-name: Displays the buffered stop-accounting requests of the specified
user. Where, user-name is a character string of up to 32 characters.
Description
Use the display stop-accounting-buffer command to display the no-response
stop-accounting request packets buffered in the switch.
z
You can choose to display the buffered stop-accounting packets of a specified
RADIUS scheme, session ID, or user name. You can also specify a time range to
display those which are sent within the specified time range. The displayed packet
information helps you to diagnose and resolve problems relevant to RADIUS.
z
When the switch sends out a stop-accounting packet but gets no response from
the RADIUS server, it first buffers the packet and then retransmits it until the
maximum number of retransmission attempts (set by the retry stop-accounting
command) is reached.
Related command: reset stop-accounting-buffer, stop-accounting-buffer enable
and retry stop-accounting.
Example
# Display the buffered stop-accounting requests from 0:0:0 08/31/2003 to 23:59:59
08/31/2003.
<3Com>
display
stop-accounting-buffer
23:59:59-2003/08/31
Total find
0 record
1.2.8 key
Syntax
key { accounting | authentication } string
1-31
time-range
0:0:0-2003/08/31
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
undo key { accounting | authentication }
View
RADIUS scheme view
Parameter
accounting: Sets a shared key for the RADIUS accounting packets.
authentication: Sets a shared key for the RADIUS authentication/authorization
packets.
string: Shared key, a character string of up to 16 characters. It is "3Com" by default.
Description
Use the key command to set a shared key for the RADIUS authentication/authorization
packets or accounting packets.
Use the undo key command to restore the corresponding default shared key.
The RADIUS client (that is, the switch) and server adopt MD5 algorithm to encrypt the
RADIUS packets exchanged with each other. The two parties verify the validity of the
exchanged packets by using the encrypted keys that have been set on them, and can
accept and respond to the packets sent from each other only if both of them have the
same encrypted keys. If the authentication/authorization server and the accounting
server are two separate devices and the two servers have different encrypted keys, you
must set the encrypted keys for authentication/authorization packets and accounting
packets respectively on the switch.
Related command: primary accounting, primary authentication, and radius
scheme.
Example
# Set the encrypted key for the RADIUS authentication/authorization packets in
RADIUS scheme radius1 to hello.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] key authentication hello
# Set the encrypted key for the RADIUS accounting packets in RADIUS scheme
radius1 to ok.
[3Com-radius-radius1] key accounting ok
1-32
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.2.9 local-server
Syntax
local-server nas-ip ip-address key password
undo local-server nas-ip ip-address
View
System view
Parameter
nas-ip ip-address: Specifies the NAS-IP address of the local RADIUS server. Where,
ip-address is in dotted decimal notation.
key password: Specifies the shared key of the authentication server and access server.
Where, password is a character string of up to 16 characters.
Description
Use the local-server command to create a local RADIUS authentication server (that is,
set the related parameters of the server).
Use the undo local-server command to delete the specified local RADIUS
authentication server.
By default, a local RADIUS authentication server is used, whose default NAS-IP and
key are 127.0.0.1 and 3Com respectively. That is, the local device serves as a RADIUS
authentication server and a network access server, and all authentications are
performed locally.
Note that:
z
The switch not only supports the traditional RADIUS client service to accomplish
user AAA management through foreign authentication/authorization server and
accounting server, but also provides a simple local RADIUS server function for
authentication and authorization. This function is called local RADIUS
authentication server function.
z
When you use the local RADIUS authentication server function, the UDP port
number for the authentication/authorization service must be 1645, the UDP port
number for the accounting service is 1646.
z
The packet encryption key set by the local-server command with the key
password parameter must be identical with the authentication/authorization packet
encryption key set by the key authentication command in RADIUS scheme view.
z
The switch supports at most 16 IP addresses and shared keys of the network
access server (including the default local RADIUS authentication server); that is,
when the switch serves as a RADIUS authentication server, it can support at most
16 network access servers simultaneously to provide authentication.
1-33
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
As a local RADIUS authentication server, the switch does not support EAP
z
authentication.
Related command: radius scheme and state.
Example
# Create a network access server granted by the RADIUS authentication server with an
IP address of 10.110.1.2 and a shared key of aabbcc.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] local-server nas-ip 10.110.1.2 key aabbcc
1.2.10 nas-ip
Syntax
nas-ip ip-address
undo nas-ip
View
RADIUS scheme view
Parameter
ip-address: Source IP address for RADIUS packets, an IP address of this device. This
address can neither be the all zero address nor be a Class-D address.
Description
Use the nas-ip command to set the source IP address used by the switch to send
RADIUS packets.
Use the undo nas-ip command to remove the source IP address setting.
Note:
The nas-ip command in RADIUS scheme view has the same function as the radius
nas-ip command in system view; and the priority of configuration in RADIUS scheme
view is higher than in system view.
You can specify the source address used to send RADIUS packets to prevent the
unreachability of the packets returned from the server due to physical interface trouble.
It is recommended to use the loopback interface address as the source IP address.
By default, the IP address of the outbound interface is used as the source IP address of
the packet.
1-34
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Related command: display radius and radius nas-ip.
Example
# Set the source IP address used by the switch to send the RADIUS packets to
10.1.1.1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme test1
[3Com-radius-test1] nas-ip 10.1.1.1
1.2.11 primary accounting
Syntax
primary accounting ip-address [ port-number ]
undo primary accounting
View
RADIUS scheme view
Parameter
ip-address: IP address, in dotted decimal notation.
port-number: UDP port number, ranging from 1 to 65535.
Description
Use the primary accounting command to set the IP address and port number of the
primary RADIUS accounting server.
Use the undo primary accounting command to restore the default IP address and
port number of the primary RADIUS accounting server.
The IP address and UDP port number of the primary accounting server used by the
default RADIUS scheme "system" are 127.0.0.1 and 1646. The IP address and the
UDP port number of the primary accounting server used by a newly created RADIUS
scheme are 0.0.0.0 and 1813.
After creating a new RADIUS scheme, you should configure the IP address and UDP
port number of each RADIUS server you want to use in this scheme. These RADIUS
servers fall into two types: authentication/authorization, and accounting. And for each
kind of server, you can configure two servers in a RADIUS scheme: primary and
secondary servers.
In an actual network environment, you can configure the above parameters as required.
But you should configure at least one authentication/authorization server and one
accounting server. At the same time, you should keep the RADIUS service port settings
on the switch consistent with those on the RADIUS servers.
1-35
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Related command: key, radius scheme and state.
Example
# Set the IP address and UDP port number of the primary accounting server of the
RADIUS scheme radius1 to 10.110.1.2 and 1813.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] primary accounting 10.110.1.2 1813
1.2.12 primary authentication
Syntax
primary authentication ip-address [ port-number ]
undo primary authentication
View
RADIUS scheme view
Parameter
ip-address: IP address, in dotted decimal notation.
port-number: UDP port number, ranging from 1 to 65535.
Description
Use the primary authentication command to set the IP address and port number of
the primary RADIUS authentication/authorization server.
Use the undo primary authentication command to restore the default IP address and
port number of the primary RADIUS authentication/authorization server.
The IP address and UDP port number of the primary authentication server used by the
default RADIUS scheme "system" are 127.0.0.1 and 1645. The IP address and UDP
port number of the secondary authentication server is 0.0.0.0 and 1812. The IP address
and the UDP port number of the primary/secondary authentication server used by a
newly created RADIUS scheme are 0.0.0.0 and 1812.
After creating a new RADIUS scheme, you should configure the IP address and UDP
port number of each RADIUS server you want to use in this scheme. These RADIUS
servers fall into two types: authentication/authorization, and accounting. And for each
kind of server, you can configure two servers in a RADIUS scheme: primary and
secondary servers.
In an actual network environment, you can configure the above parameters as required.
But you should configure at least one authentication/authorization server and one
1-36
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
accounting server. At the same time, you should keep the RADIUS service port settings
on the switch consistent with those on the RADIUS servers.
Related command: key, radius scheme and state.
Example
# Set the IP address and UDP port number of the primary authentication/authorization
server used by the RADIUS scheme radius1 to 10.110.1.1 and 1812.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] primary authentication 10.110.1.1 1812
1.2.13 radius nas-ip
Syntax
radius nas-ip ip-address
undo radius nas-ip
View
System view
Parameter
ip-address: Source IP address, in dotted decimal notation.
Description
Use the radius nas-ip command to set the source address used by the NAS to send
RADIUS packets.
Use the undo radius nas-ip command to restore the default setting.
By default, no source address is specified, and the address of the outbound interface is
used as the source address of the packet.
Note:
The nas-ip command in RADIUS scheme view has the same function as the radius
nas-ip command in system view; and the priority of configuration in RADIUS scheme
view is higher than in system view.
Note that:
1-37
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
z
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
You can specify the source IP address used to send RADIUS packet to prevent the
unreachability of the packets returned from the server due to physical interface
trouble. It is recommended to use the loopback interface address as the source IP
address.
z
You can specify only one source IP address by using this command. When you
use this command again, the newly specified source IP address will overwrite the
old one.
Related command: nas-ip.
Example
# Set the source address used by the switch to send the RADIUS packets to
129.10.10.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] radius nas-ip 129.10.10.1
1.2.14 radius scheme
Syntax
radius scheme radius-scheme-name
undo radius scheme radius-scheme-name
View
System view
Parameter
radius-scheme-name: Name of the RADIUS scheme, a character string of up to 32
characters.
Description
Use the radius scheme command to create a RADIUS scheme and enter its view.
Use the undo radius scheme command to delete the specified RADIUS scheme.
By default, a RADIUS scheme named "system" has already been created in the system.
All attributes of the scheme take the default values.
The RADIUS protocol configuration is performed on a RADIUS scheme basis. For each
RADIUS scheme, you should specify at least the IP addresses and UDP port numbers
of the RADIUS authentication/authorization and accounting servers, and the
parameters required for the RADIUS client (that is, the switch) to interact with the
RADIUS servers. Therefore, you should first create a RADIUS scheme and enter its
view before performing other RADIUS protocol configurations.
1-38
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
A RADIUS scheme can be referenced by multiple ISP domains simultaneously. You
can configure up to 16 RADIUS schemes, including the default scheme "system".
The undo radius scheme command cannot be used to delete the default RADIUS
scheme. Note that you cannot delete a RADIUS scheme which is being used by an
online user.
Related
command:
key,
retry
realtime-accounting,
radius-scheme,
timer
realtime-accounting, stop-accounting-buffer enable, retry stop-accounting,
server-type, state, user-name-format, retry, display radius, and display radius
statistics.
Example
# Create a RADIUS scheme named radius1 and enter its view.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1]
1.2.15 reset radius statistics
Syntax
reset radius statistics
View
User view
Parameter
None
Description
Use the reset radius statistics command to clear the statistics about the RADIUS
protocol.
Related command: display radius.
Example
# Clear the statistics about the RADIUS protocol.
<3Com> reset radius statistics
1-39
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.2.16 reset stop-accounting-buffer
Syntax
reset stop-accounting-buffer { radius-scheme radius-scheme-name | session-id
session-id | time-range start-time stop-time | user-name user-name }
View
User view
Parameter
radius-scheme radius-scheme-name: Deletes the buffered stop-accounting requests
depending on the specified RADIUS scheme. radius-scheme-name is the name of a
RADIUS scheme. This name is a character string of up to 32 characters.
session-id session-id: Deletes the buffered stop-accounting requests depending on
the specified session ID. Where, session-id is a character string of up to 50 characters.
time-range start-time stop-time: Deletes the buffered stop-accounting requests
depending on the time of the stop-accounting request. Where, start-time is the start
time of the request period, the stop-time is the end time of the request period, and both
are in the format hh:mm:ss-mm/dd/yyyy or hh:mm:ss-yyyy/mm/dd. With this argument
specified, this command displays the buffered stop-accounting requests from the start
time to the end time.
user-name user-name: Deletes the buffered stop-accounting request packets
depending on the specified user name. user-name is a character string of up to 32
characters.
Description
Use the reset stop-accounting-buffer command to delete the buffered no-response
stop-accounting request packets.
When the switch sends out a stop-accounting packet but gets no response from the
RADIUS server, it first buffers the packet and then retransmits it until the maximum
number of retransmission attempts (set by the retry stop-accounting command) is
reached.
The reset stop-accounting-buffer command is used to delete the stop-accounting
request packets buffered in the switch. You can choose to delete the buffered
stop-accounting packets of a specified RADIUS scheme, session ID, or user name. You
can also specify a time range to delete the stop-accounting packets sent within the
specified time range.
Related command: stop-accounting-buffer enable, retry stop-accounting and
display stop-accounting-buffer.
1-40
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Example
# Delete the stop-accounting request packets buffered in the system for the user
user0001@aabbcc.net.
<3Com> reset stop-accounting-buffer user-name user0001@aabbcc.net
# Delete the stop-accounting request packets buffered from 0:0:0 08/31/2002 to
23:59:59 08/31/2002 in the system.
<3Com>
reset
stop-accounting-buffer
time-range
0:0:0-2002/08/31
23:59:59-2002/08/31
1.2.17 retry
Syntax
retry retry-times
undo retry
View
RADIUS scheme view
Parameter
retry-times: Maximum number of transmission attempts, ranging from 1 to 20 and
defaulting to 3.
Description
Use the retry command to set the maximum number of transmission attempts of
RADIUS requests.
Use the undo retry command to restore the default maximum number of transmission
attempts.
Note that:
z
The communication in RADIUS is unreliable because this protocol adopts UDP
packets to carry data. Therefore, it is necessary for the switch to retransmit a
RADIUS request if it gets no response from the RADIUS server after the response
timeout timer expires. If the maximum number of transmission attempts is reached
but the switch still receives no response, the switch considers that the request
fails.
z
Appropriately set this maximum number of transmission attempts according to the
network situation can improve the reacting speed of the system.
Related command: radius scheme.
1-41
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Example
# Set the maximum transmission times of RADIUS requests in the RADIUS scheme
radius1 to five.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] retry 5
1.2.18 retry realtime-accounting
Syntax
retry realtime-accounting retry-times
undo retry realtime-accounting
View
RADIUS scheme view
Parameter
retry-times: Maximum number of real-time accounting request attempts, ranging from 1
to 255.
Description
Use the retry realtime-accounting command to set the maximum number of real-time
accounting request attempts.
Use the undo retry realtime-accounting command to restore the default maximum
number of real-time accounting request attempts.
By default, the system can allow five real-time accounting request attempts at most.
Note that:
z
Generally, the RADIUS server uses the connection timeout timer to determine
whether a user is online or not. If the RADIUS server receives no real-time
accounting packet for a specified period of time, it will consider that the line or the
switch is in trouble and stop the accounting of the user. To make the switch
cooperate with this feature on the RADIUS server, it is necessary to cut down the
user connection on the switch as soon as possible after the RADIUS server
terminates the charging and connection of the user in the case of unforeseen
trouble. For this purpose, you can limit the number of continuous real-time
no-response accounting requests, and the switch will cut down the user
connection if it sends out the maximum number of real-time accounting requests
but does not receive any response.
1-42
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
z
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
A real-time account request may be sent multiple times (set by the retry command
in RADIUS scheme view) for an accounting attempt. If no response is received
even after the number of transmission attempts reaches the maximum, the
accounting attempt fails. Suppose that the response timeout time of the RADIUS
server is three seconds (set by the timer response-timeout command), that the
maximum number of transmission attempts (set by the retry command) is 3, and
that the real-time accounting interval is 12 minutes (set by the timer
realtime-accounting command), the maximum number of real-time accounting
request attempts is 5 (set by the retry realtime-accounting command). In this
case, the switch sends an accounting request every 12 minutes; if the switch does
not receive a response within 3 seconds after it sends out an accounting request, it
resends the request; if the switch continuously sends the accounting request for
three times but does not receive any response; it considers this real-time
accounting a failure. Then, the switch sends the accounting request every 12
minutes; if the number of accounting failures exceeds five, the user connection is
cut down.
Related command: radius scheme and timer realtime-accounting.
Example
# Allow the switch to continuously send at most 10 real-time accounting requests for the
RADIUS scheme radius1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] retry realtime-accounting 10
1.2.19 retry stop-accounting
Syntax
retry stop-accounting retry-times
undo retry stop-accounting
View
RADIUS scheme view
Parameter
retry-times: Maximum number of transmission attempts of the buffered stop-accounting
requests, ranging from 10 to 65535 and defaulting to 500.
Description
Use the retry stop-accounting command to set the maximum number of transmission
attempts of the stop-accounting requests buffered due to no response.
1-43
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Use the undo retry stop-accounting command to restore the default maximum
number of transmission attempts of the buffered stop-accounting requests.
Stop-accounting requests are critical to billing and will eventually affect the charges of
the users; they are important for both the users and the ISP. Therefore, the NAS should
do its best to transmit them to the RADIUS accounting server. If the RADIUS server
does not respond to such a request, the switch should first buffer the request on itself,
and then retransmit the request to the RADIUS accounting server until it gets a
response, or the maximum number of transmission attempts is reached (in this case, it
discards the request).
Related command: reset stop-accounting-buffer, radius scheme and display
stop-accounting-buffer.
Example
# In RADIUS scheme radius1, specify that the switch can transmit a buffered
stop-accounting request at most 1,000 times
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] retry stop-accounting 1000
1.2.20 secondary accounting
Syntax
secondary accounting ip-address [ port-number ]
undo secondary accounting
View
RADIUS scheme view
Parameter
ip-address: IP address, in dotted decimal notation. By default, the IP address of the
secondary accounting server is 0.0.0.0.
port-number: UDP port number, ranging from 1 to 65535. By default, the UDP port
number of the secondary accounting service is 1813.
Description
Use the secondary accounting command to set the IP address and port number of
the secondary RADIUS accounting server.
Use the undo secondary accounting command to restore the default IP address and
port number of the secondary RADIUS accounting server.
See the description on the primary accounting command for details.
1-44
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Related command: key, radius scheme and state.
Example
# Set the IP address and UDP port number of the secondary accounting server of the
RADIUS scheme radius1 to 10.110.1.1 and 1813.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] secondary accounting 10.110.1.1 1813
1.2.21 secondary authentication
Syntax
secondary authentication ip-address [ port-number ]
undo secondary authentication
View
RADIUS scheme view
Parameter
ip-address: IP address, in dotted decimal notation. By default, the IP address of the
secondary authentication/authorization server is 0.0.0.0.
port-number: UDP port number, ranging from 1 to 65535. By default, the UDP port
number of the secondary authentication/authorization service is 1812.
Description
Use the secondary authentication command to set the IP address and port number of
the secondary RADIUS authentication/authorization server.
Use the undo secondary authentication command to restore the default IP address
and port number of the secondary RADIUS authentication/authorization server.
See the description on the primary authentication command for details.
Related command: key, radius scheme and state.
Example
#
Set
the
IP
address
and
UDP
port
number
of
the
secondary
authentication/authorization server used by the RADIUS scheme radius1 to 10.110.1.2
and 1812.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] secondary authentication 10.110.1.2 1812
1-45
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.2.22 server-type
Syntax
server-type { 3Com | standard }
undo server-type
View
RADIUS scheme view
Parameter
3Com: Specifies that the switch supports 3Com's RADIUS server. That is, it is required
that the RADIUS client (on the switch) and the RADIUS server (generally the CAMS)
interact with each other. by using 3Com's proprietary RADIUS protocol (such as the
procedure and packet format)
standard: Specifies to use the standard RADIUS protocol. That is, it is required that the
RADIUS client (on the switch) and the RADIUS server interact with each other following
the procedure and packet format of the standard RADIUS protocol (RFC2865/2866 or
above).
Description
Use the server-type command to specify the RADIUS server type supported by the
switch.
Use the undo server-type command to restore the default RADIUS server type
supported by the switch.
By default, the RADIUS server type of a new RADIUS scheme is standard. The type of
RADIUS server in the default RADIUS scheme "system" is 3Com.
Related command: radius scheme.
Example
# Set the RADIUS server type in RADIUS scheme radius1 to 3Com.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] server-type 3Com
1.2.23 state
Syntax
state { primary | secondary } { accounting | authentication } { block | active }
1-46
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
View
RADIUS scheme view
Parameter
primary: Specifies the server to be set is a primary RADIUS server.
secondary: Specifies the server to be set is a secondary RADIUS server.
accounting: Specifies the server to be set is a RADIUS accounting server.
authentication: Specifies the server to be set is a RADIUS
authentication/authorization server.
block: Sets the status of the specified RADIUS server to block (that is, the down state).
active: Sets the status of the specified RADIUS server to active (that is, the normal
working state).
Description
Use the state command to set the status of a RADIUS server.
By default, all the RADIUS servers in a user-defined RADIUS scheme are in the block
state.
For the primary and secondary servers (authentication/authorization servers, or
accounting servers) in a RADIUS scheme, note that:
z
When the NAS fails to communicate with the primary server due to some server
trouble, the NAS will actively exchange packets with the secondary server.
z
After the primary server recovers, the NAS does not immediately restore the
communication with the primary server, but keeps communicating with the
secondary server unit the secondary server also fails. In order for the NAS to
quickly restore the communication with the recovered primary server, you need to
manually set the state of the primary server to active by using the state command.
z
When both the primary and secondary servers are in the active state, the NAS
sends packets to the primary server only.
Related
command:
radius
scheme,
primary
authentication,
secondary
authentication, primary accounting, and secondary accounting.
Example
# Set the status of the secondary authentication server in RADIUS scheme radius1 to
active.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] state secondary authentication active
1-47
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.2.24 stop-accounting-buffer enable
Syntax
stop-accounting-buffer enable
undo stop-accounting-buffer enable
View
RADIUS scheme view
Parameter
None
Description
Use the stop-accounting-buffer enable command to enable the switch to buffer the
stop-accounting requests that bring no response.
Use the undo stop-accounting-buffer enable command to disable the switch from
buffering the stop-accounting requests that bring no response.
By default, the switch is enabled to buffer the stop-accounting requests that bring no
response.
Stop-accounting requests are critical to billing and will eventually affect the charges;
they are important for both the users and the ISP. Therefore, the NAS should do its best
to transmit them to the RADIUS accounting server. If the RADIUS accounting server
does not respond to such a request, the switch should first buffer the request on itself,
and then retransmit the request to the RADIUS accounting server until it gets a
response, or the maximum number of transmission attempts is reached (in this case, it
discards the request).
Related command: reset stop-accounting-buffer, radius scheme and display
stop-accounting-buffer.
Example
# Enable the switch to buffer the stop-accounting requests that bring no response from
the servers in RADIUS scheme radius1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] stop-accounting-buffer enable
1-48
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.2.25 timer
Syntax
timer seconds
undo timer
View
RADIUS scheme view
Parameter
seconds: Response timeout time of RADIUS server, ranging from 1 second to 10
seconds. By default, the response timeout time of the RADIUS server is three seconds.
Description
Use the timer command to set the response timeout time of RADIUS server (that is, the
timeout time of the response timeout timer of RADIUS server).
Use the undo timer command to restore the default response timeout timer of RADIUS
server.
Note that:
z
If the switch gets no response from the RADIUS server after sending out a
RADIUS request (authentication/authorization request or accounting request) and
waiting for a time, it should retransmit the packet to ensure that the user can obtain
the RADIUS service. This wait time is called response timeout time of RADIUS
server; and the timer in the switch system that is used to control this time is called
the response timeout timer of RADIUS server. You can use the timer command to
set the timeout time of this timer.
z
Appropriately setting the timeout time of this timer according to the network
situation can improve the performance of the system.
z
The timer command has the same effect with the timer response-timeout
command.
Related command: radius scheme and retry.
Example
# Set the timeout time of the response timeout timer for the RADIUS scheme radius1 to
5 seconds.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] timer 5
1-49
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.2.26 timer quiet
Syntax
timer quiet minutes
undo timer quiet
View
RADIUS scheme view
Parameter
minutes: Wait time, ranging from 1 minute to 255 minutes. By default, it is 5 minutes.
Description
Use the timer quiet command to set the wait time for the primary server to restore the
active state.
Use the undo timer quiet command to restore the default wait time.
Wait time works as follows:
The switch sends a RADIUS packet to the primary RADIUS server.
After confirming that no response will be received from the primary server, the switch
starts to send RADIUS packets to the secondary RADIUS server.
At the interval of wait time, the switch sets the state of the primary server to active and
sends RADIUS packets to the primary server.
Example
# Set the wait time for the RADIUS scheme "radius1" to three minutes.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] timer quiet 3
1.2.27 timer realtime-accounting
Syntax
timer realtime-accounting minutes
undo timer realtime-accounting
View
RADIUS scheme view
1-50
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Parameter
minutes: Real-time accounting interval. It ranges from 3 minutes to 60 minutes and
must be a multiple of 3. By default, this interval is 12 minutes.
Description
Use the timer realtime-accounting command to set the real-time accounting interval.
Use the undo timer realtime-accounting command to restore the default real-time
accounting interval.
Note that:
z
To charge the users in real time, you should set the interval of real-time accounting.
After the setting, the NAS sends the accounting information of online users to the
RADIUS server at regular intervals.
z
The setting of the real-time accounting interval depends to some degree on the
performance of the NAS and the RADIUS server. The higher the performance of
the NAS and the RADIUS server is, the shorter the interval can be. You are
recommended to set the interval as long as possible when the number of users is
relatively great (ƒ1000). Table 1-5 lists the numbers of users and the
corresponding recommended intervals.
Table 1-5 Numbers of users and corresponding recommended intervals
Number of users
Real-time accounting interval
1 to 99
3
100 to 499
6
500 to 999
12
ƒ1000
ƒ15
Related command: retry realtime-accounting and radius scheme.
Example
# Set the real-time accounting interval of the RADIUS scheme radius1 to 51 minutes.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] timer realtime-accounting 51
1.2.28 timer response-timeout
Syntax
timer response-timeout seconds
1-51
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
undo timer response-timeout
View
RADIUS scheme view
Parameter
seconds: Response timeout time of RADIUS servers, ranging from 1 second to 10
seconds. By default, the response timeout time of the RADIUS server is three seconds.
Description
Use the timer response-timeout command to set the response timeout time of
RADIUS servers.
Use the undo timer response-timeout command to restore the default response
timeout timer of RADIUS servers.
Note that:
z
If the switch gets no response from the RADIUS server after sending out a
RADIUS request (authentication/authorization request or accounting request) and
waiting for a time, it should retransmit the packet to ensure that the user can obtain
the RADIUS service. This wait time is called response timeout time of RADIUS
servers; and the timer in the switch system that is used to control this time is called
the response timeout timer of RADIUS servers. You can use the timer
response-timeout command to set the timeout time of this timer.
z
Appropriately setting the timeout time of this timer according to the network
situation can improve the performance of the system.
z
This command has the same effect with the timer command.
Related command: radius scheme and retry.
Example
# Set the response timeout time in the RADIUS scheme radius1 to five seconds.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] timer response-timeout 5
1.2.29 user-name-format
Syntax
user-name-format { with-domain | without-domain }
View
RADIUS scheme view
1-52
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Parameter
with-domain: Specifies to include ISP domain names in the user names to be sent to
RADIUS servers.
without-domain: Specifies to exclude ISP domain names from the user names to be
sent to RADIUS servers.
Description
Use the user-name-format command to set the format of the user names to be sent to
RADIUS server
By default, except for the default RADIUS scheme "system", the user names sent to
RADIUS servers in any RADIUS scheme carry ISP domain names.
Generally, an access user is named in the userid@isp-name format. isp-name behind
the @ character represents the ISP domain name, by which the device determines
which ISP domain it should ascribe the user to. However, some old RADIUS servers
cannot accept the user names that carry ISP domain names. In this case, it is
necessary to remove the domain names carried in the user names before sending the
user names to the RADIUS server. For this reason, the user-name-format command is
available for you to specify whether or not ISP domain names are carried in the user
names sent to the RADIUS server.
Note:
For a RADIUS scheme, if you have specified that no ISP domain names are carried in
the user names, you should not use this RADIUS scheme in more than one ISP domain.
Otherwise, such errors may occur: the RADIUS server regards two different users
having the same name but belonging to different ISP domains as the same user
(because the user names sent to it are the same).
Related command: radius scheme.
Example
# Specify that the user names sent to a RADIUS server in RADIUS scheme radius1
does not carry ISP domain names.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme radius1
[3Com-radius-radius1] user-name-format without-domain
1-53
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.3 HWTACACS Configuration Commands
1.3.1 data-flow-format
Syntax
data-flow-format data { byte | giga-byte | kilo-byte | mega-byte }
data-flow-format packet { giga-packet | kilo-packet | mega-packet | one-packet }
undo data-flow-format { data | packet }
View
HWTACACS view
Parameter
data: Sets data unit.
byte: Sets 'byte' as the unit of data flow.
giga-byte: Sets 'giga-byte' as the unit of data flow.
kilo-byte: Sets 'kilo-byte' as the unit of data flow.
mega-byte: Sets 'mega-byte' as the unit of data flow.
packet: Sets data packet unit.
giga-packet: Sets 'giga-packet' as the unit of packet flow. This means each
giga-packet contains 1 G packets.
kilo-packet: Sets 'kilo-packet' as the unit of packet flow. This means each kilo-packet
contains 1 K packets.
mega-packet: Sets 'mega-packet' as the unit of packet flow. This means each
mega-packet contains 1 M packets.
one-packet: Sets 'one-packet' as the unit of packet flow. This means each one-packet
contains one packet.
Description
Use the data-flow-format command to configure the unit of data flows sent to the
TACACS server.
Use the undo data-flow-format command to restore the default.
By default, the data unit is byte and the data packet unit is one-packet.
Related command: display hwtacacs.
Example
# Set the unit of data flow destined for the HWTACACS server to kilo-byte and the data
packet unit to kilo-packet.
1-54
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com- hwtacacs-test1] data-flow-format data kilo-byte
[3Com- hwtacacs-test1] data-flow-format packet kilo-packet
1.3.2 display hwtacacs
Syntax
display hwtacacs [ hwtacacs-scheme-name [ statistics ] ]
View
Any view
Parameter
hwtacacs-scheme-name: HWTACACS scheme name, a string of 1 to 32
case-insensitive characters. If no HWTACACS scheme is specified, the system
displays the configuration of all HWTACACS schemes.
statistics: Displays complete statistics about the HWTACACS scheme.
Description
Use the display hwtacacs command to displays the configuration or statistics of the
specified or all HWTACACS schemes.
By default, this command displays the configuration of all HWTACACS schemes.
Related command: hwtacacs scheme.
Example
# View configuration information of HWTACACS scheme gy.
<3Com> display hwtacacs gy
-------------------------------------------------------------------HWTACACS-server template name
: gy
Primary-authentication-server
: 172.31.1.11:49
Primary-authorization-server
: 172.31.1.11:49
Primary-accounting-server
: 172.31.1.11:49
Secondary-authentication-server : 0.0.0.0:0
Secondary-authorization-server
: 0.0.0.0:0
Secondary-accounting-server
: 0.0.0.0:0
Current-authentication-server
: 172.31.1.11:49
Current-authorization-server
: 172.31.1.11:49
Current-accounting-server
: 172.31.1.11:49
Source-IP-address
: 0.0.0.0
1-55
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
key authentication
: 790131
key authorization
: 790131
key accounting
: 790131
Quiet-interval(min)
: 5
Response-timeout-Interval(sec)
: 5
Domain-included
: No
Traffic-unit
: B
Packet traffic-unit
: one-packet
------------------------------------------------------------Total 1,1 printed
1.3.3 display stop-accounting-buffer
Syntax
display stop-accounting-buffer { hwtacacs-scheme hwtacacs-scheme-name |
session-id session-id | time-range start-time stop-time | user-name user-name }
View
Any view
Parameter
hwtacacs-scheme hwtacacs-scheme-name: Displays information on buffered
stop-accounting requests according to the HWTACACS scheme specified by
hwtacacs-scheme-name, the name of HWTACACS scheme, a character string of up to
32 characters.
session-id session-id: Displays information on buffered stop-accounting requests
according to the session ID specified by session-id, a character string of up to 50
characters.
time-range start-time stop-time: Displays information on buffered stop-accounting
requests according to the request time, where, start-time is the start time of the
stop-accounting request; stop-time is the end time of stop-accounting request. This
argument is in the format hh:mm:ss - mm/dd/yyyy or hh:mm:ss-yyyy/mm/dd and is
used to display the buffered stop-accounting requests from the start time to the end
time.
user-name user-name: Displays information on buffered stop-accounting requests
according to the user name specified by user-name, a character string of up to 32
characters.
Description
Use the display stop-accounting-buffer command to view information on the
stop-accounting requests buffered in the switch.
1-56
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Related command: reset stop-accounting-buffer, stop-accounting-buffer enable,
and retry stop-accounting.
Example
# Display the stop-accounting requests buffered in the HWTACACS scheme “3Com".
<3Com> display stop-accounting-buffer hwtacacs-scheme 3Com
1.3.4 hwtacacs nas-ip
Syntax
hwtacacs nas-ip ip-address
undo hwtacacs nas-ip
View
System view
Parameter
ip-address: Specifies a source IP address for the switch, which cannot be an all-zero
address, class D address, class A, B, and C broadcast address, or 127 network
segment address.
Description
Use the hwtacacs nas-ip command to specify the source address of the hwtacacs
packet sent from NAS.
Use the undo hwtacacs nas-ip command to restore the default setting.
Note that:
z
By specifying the source address of the hwtacacs packet, you can avoid
destination unreachable packets as returned from the server upon interface failure.
The source address is normally recommended to be a loopback interface address.
z
When you configure the source address for the NAS to send HWTACACS packets,
the priority of HWTACACS scheme view is higher than that of system view.
z
By default, the source address is not specified, that is, the address of the interface
sending the packet serves as the source address.
z
This command specifies only one source address; therefore, the newly configured
source address may overwrite the original one.
Example
# Configure the switch to send hwtacacs packets from 129.10.10.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs nas-ip 129.10.10.1
1-57
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.3.5 hwtacacs scheme
Syntax
hwtacacs scheme hwtacacs-scheme-name
undo hwtacacs scheme hwtacacs-scheme-name
undo hwtacacs scheme hwtacacs-scheme-name
View
System view
Parameter
hwtacacs-scheme-name: Specifies an HWTACACS server scheme, with a character
string of up to characters.
Description
Use the hwtacacs scheme command to enter HWTACACS scheme view and create
the specified HWTACACS scheme if it does not exist.
Use the undo hwtacacs scheme command to delete an HWTACACS scheme.
Example
# Create an HWTACACS scheme named "test1" and enter the relevant HWTACACS
view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
Create a new HWTACACS-server scheme
[3Com-hwtacacs-test1]
1.3.6 key
Syntax
key { accounting | authentication | authorization } string
undo key { accounting | authentication | authorization } string
View
HWTACACS scheme view
Parameter
accounting: Specifies a shared key for the accounting server.
authentication: Specifies a shared key for the authentication server.
1-58
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
authorization: Specifies a shared key for the authorization server.
string: Shared key, a string of up to 16 characters.
Description
Use the key command to configure a shared key for HWTACACS authentication,
authorization or accounting server.
Use the undo key command to delete the configuration.
By default, no key is set for any HWTACACS server.
The TACACS client (on the switch) and the TACACS server use the MD5 algorithm to
encrypt the HWTACACS packets communicated between them. They authenticate
packets by using shared keys. Either of them receives and responds to the packet sent
from the other party only when their shared keys are the same. Therefore, the shared
key set on the switch and that on the TACACS server must be the same.
If the authentication/authorization server and the accounting server are different and
the shared key for the two servers are different, a shared key must be set for
authentication/authorization packets and accounting packets.
Related command: display hwtacacs.
Example
# Use hello as the shared key for TACACS accounting server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] key accounting hello
1.3.7 nas-ip
Syntax
nas-ip ip-address
undo nas-ip
View
HWTACACS scheme view
Parameter
ip-address: Specified source IP address, in dotted decimal notation.
1-59
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Description
Use the nas-ip command to specify the source address for sending HWTACACS
packets so that all packets sent to the TACACS server carry the same source IP
address.
Use the undo nas-ip command to remove the configuration.
By specifying the source address of the hwtacacs packet, you can avoid destination
unreachable packets as returned from the server upon interface failure. The source
address is normally recommended to be a loopback interface address.
By default, the source IP address of the packets is the IP address of the sending
interface.
Related command: display hwtacacs and hwtacacs nas-ip.
Example
# Set the source IP address of the HWTACACS packets sent by the NAS (switch) to
10.1.1.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] nas-ip 10.1.1.1
1.3.8 primary accounting
Syntax
primary accounting ip-address [ port ]
undo primary accounting
View
HWTACACS scheme view
Parameter
ip-address: IP address of the server, a valid unicast address in dotted decimal format.
port: Port number of the server, which is in the range 1 to 65535 and defaults to 49.
Description
Use the primary accounting command to configure a primary TACACS accounting
server.
Use the undo primary accounting command to delete the configured primary
TACACS accounting server.
By default, the IP address of TACACS accounting server is 0.0.0.0.
1-60
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Note that:
z
You are not allowed to assign the same IP address to both primary and secondary
accounting servers; otherwise, unsuccessful operation is prompted.
z
If you repeatedly use this command, the latest configuration overwrites the
previous one.
z
You can remove an accounting server only when it is not being used by any active
TCP connections, and the removal impacts only packets forwarded afterwards.
Example
# Configure a primary accounting server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] primary accounting 10.163.155.12 49
1.3.9 primary authentication
Syntax
primary authentication ip-address [ port ]
undo primary authentication
View
HWTACACS scheme view
Parameter
ip-address: IP address of the server, a valid unicast address in dotted decimal format.
port: Port number of the server, which is in the range 1 to 65535 and defaults to 49.
Description
Use the primary authentication command to configure a TACACS authentication
server.
Use the undo primary authentication command to delete the configured
authentication server.
By default, the IP address of TACACS authentication server is 0.0.0.0.
Note that:
z
You are not allowed to assign the same IP address to both primary and secondary
authentication servers; otherwise, unsuccessful operation is prompted.
z
If you repeatedly use this command, the latest configuration overwrites the
previous one.
1-61
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
z
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
You can remove an authentication server only when it is not being used by any
active TCP connections, and the removal impacts only packets forwarded
afterwards.
Related command: display hwtacacs.
Example
# Configure a primary authentication server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] primary authentication 10.163.155.13 49
1.3.10 primary authorization
Syntax
primary authorization ip-address [ port ]
undo primary authorization
View
HWTACACS scheme view
Parameter
ip-address: IP address of the server, a valid unicast address in dotted decimal format.
port: Port number of the server, which is in the range 1 to 65535 and defaults to 49.
Description
Use the primary authorization command to configure a primary TACACS
authorization server.
Use the undo primary authorization command to delete the configured primary
authorization server.
By default, the IP address of TACACS authorization server is 0.0.0.0.
Note that:
z
You are not allowed to assign the same IP address to both primary and secondary
authorization servers; otherwise, unsuccessful operation is prompted.
z
If you repeatedly use this command, the latest configuration overwrites the
previous one.
z
You can remove an authorization server only when it is not being used by any
active TCP connections, and the removal impacts only packets forwarded
afterwards.
Related command: display hwtacacs.
1-62
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Example
# Configure a primary authorization server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] primary authorization 10.163.155.13 49
1.3.11 reset hwtacacs statistics
Syntax
reset hwtacacs statistics { accounting | authentication | authorization | all }
View
User view
Parameter
accounting: Clears all the HWTACACS accounting statistics.
authentication: Clears all the HWTACACS authentication statistics.
authorization: Clears all the HWTACACS authorization statistics.
all: Clears all statistics.
Description
Use the reset hwtacacs statistics command to clear HWTACACS protocol statistics.
Related command: display hwtacacs.
Example
# Clear all HWTACACS protocol statistics.
<3Com> reset hwtacacs statistics all
1.3.12 reset stop-accounting-buffer
Syntax
reset stop-accounting-buffer { hwtacacs-scheme hwtacacs-scheme-name |
session-id session-id | time-range start-time stop-time | user-name user-name }
View
User view
1-63
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Parameter
hwtacacs-scheme hwtacacs-scheme-name: Configures to delete the stop-accounting
requests from the buffer according to the specified HWTACACS scheme name. The
hwtacacs-scheme-name specifies the HWTACACS scheme name with a character
string of up to 32 characters, excluding question marks (?).
session-id session-id: Displays information on buffered stop-accounting requests
according to the session ID specified by session-id, a character string of up to 50
characters.
time-range start-time stop-time: Displays information on buffered stop-accounting
requests according to the request time, where, start-time is the start time of the
stop-accounting request; stop-time is the end time of stop-accounting request. This
argument is in the format hh:mm:ss - mm/dd/yyyy or hh:mm:ss-yyyy/mm/dd and is
used to display the buffered stop-accounting requests from the start time to the end
time.
With
this
argument
specified,
this
command
displays
the
buffered
stop-accounting requests from the start time to the end time.
user-name user-name: Displays information on buffered stop-accounting requests
according to the user name specified by user-name, a character string of up to 32
characters.
Description
Use the reset stop-accounting-buffer command to clear the stop-accounting
requests that have no response and are buffered on the switch.
Related command: stop-accounting-buffer enable, retry stop-accounting, display
stop-accounting-buffer.
Example
# Delete the buffered stop-accounting requests that are according to the HWTACACS
scheme “3Com”.
<3Com> reset stop-accounting-buffer hwtacacs-scheme 3Com
1.3.13 retry stop-accounting
Syntax
retry stop-accounting retry-times
undo retry stop-accounting
View
HWTACACS scheme view
1-64
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Parameter
retry-times: Maximum number of real-time stop-accounting request attempts. It is in the
range 1 to 300 and defaults to 100.
Description
Use the retry stop-accounting command to enable stop-accounting packet
retransmission and configure the maximum number of stop-accounting request
attempts.
Use the undo retry stop-accounting command to restore the default setting.
By default, stop-accounting packet retransmission is enabled and has 100 attempts for
each request.
Related command: reset stop-accounting-buffer, hwtacacs scheme, and display
stop-accounting-buffer.
Example
# Enable stop-accounting packet transmission and allow up to 50 attempts for each
request.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] retry stop-accounting 50
1.3.14 secondary accounting
Syntax
secondary accounting ip-address [ port ]
undo secondary accounting
View
HWTACACS scheme view
Parameter
ip-address: IP address of the server, a valid unicast address in dotted decimal notation.
port: Port number of the server, which is in the range of 1 to 65535 and defaults to 49.
Description
Use the secondary accounting command to configure a secondary TACACS
accounting server.
Use the undo secondary accounting command to delete the configured secondary
TACACS accounting server.
1-65
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
By default, the IP address of TACACS accounting server is 0.0.0.0.
Note that:
z
You are not allowed to assign the same IP address to both primary and secondary
accounting servers; otherwise, unsuccessful operation is prompted.
z
If you repeatedly use this command, the latest configuration overwrites the
previous one.
z
You can remove an accounting server only when it is not being used by any active
TCP connections.
Example
# Configure a secondary accounting server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] secondary accounting 10.163.155.12 49
1.3.15 secondary authentication
Syntax
secondary authentication ip-address [ port ]
undo secondary authentication
View
HWTACACS scheme view
Parameter
ip-address: IP address of the server, a valid unicast address in dotted decimal format.
port: Port number of the server, which is in the range of 1 to 65535 and defaults to 49.
Description
Use the secondary authentication command to configure a secondary TACACS
authentication server.
Use the undo secondary authentication command to delete the configured
secondary server.
By default, the IP address of TACACS authentication server is 0.0.0.0.
Note that:
z
You are not allowed to assign the same IP address to both primary and secondary
authentication servers; otherwise, unsuccessful operation is prompted.
z
If you repeatedly use this command, the latest configuration overwrites the
previous one.
1-66
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
z
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
You can remove an authentication server only when it is not being used by any
active TCP connections.
Related command: display hwtacacs.
Example
# Configure a secondary server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] secondary authentication 10.163.155.13 49
1.3.16 secondary authorization
Syntax
secondary authorization ip-address [ port ]
undo secondary authorization
View
HWTACACS scheme view
Parameter
ip-address: IP address of the server, a valid unicast address in dotted decimal format.
port: Port number of the server, in the range of 1 to 65535. By default, it is 49.
Description
Use the secondary authorization command to configure a secondary TACACS
authorization server.
Use the .undo secondary authorization command to delete the configured
secondary authorization server.
By default, the IP address of TACACS authorization server is 0.0.0.0.
Note that:
z
You are not allowed to assign the same IP address to both primary and secondary
authorization servers.
z
If you repeatedly use this command, the latest configuration overwrites the
previous one.
z
You can remove an authorization server only when it is not being used by any
active TCP connections.
Related command: display hwtacacs.
1-67
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Example
# Configure the secondary authorization server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] secondary authorization 10.163.155.13 49
1.3.17 stop-accounting-buffer enable
Syntax
stop-accounting-buffer enable
undo stop-accounting-buffer enable
View
HWTACACS scheme view
Parameter
None
Description
Use the stop-accounting-buffer enable command to enable the switch to buffer the
stop-accounting requests that bring no response.
Use the undo stop-accounting-buffer enable command to disable the switch from
buffering the stop-accounting requests that bring no response.
By default, the switch is enabled to buffer the stop-accounting requests that bring no
response.
Stop-accounting requests are critical to billing and will eventually affect the charges;
they are important for both the users and the ISP. Therefore, the switch should do its
best to transmit them to the HWTACACS accounting server. If the HWTACACS
accounting server does not respond to such a request, the switch should first buffer the
request on itself, and then retransmit the request to the HWTACACS accounting server
until it gets a response, or the maximum number of transmission attempts is reached (in
this case, it discards the request).
Related command: reset stop-accounting-buffer, hwtacacs scheme, and display
stop-accounting-buffer.
Example
# Enable the switch to buffer the stop-accounting requests that bring no response from
the servers in HWTACACS scheme test1.
<3Com> system-view
1-68
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] stop-accounting-buffer enable
1.3.18 timer quiet
Syntax
timer quiet minutes
undo timer quiet
View
HWTACACS scheme view
Parameter
minutes: Length of the timer in minutes, in the range of 1 to 255. By default, the primary
server must wait five minutes before it resumes the active state.
Description
Use the timer quiet command to set the duration that a primary server must wait
before it can resume the active state.
Use the undo timer quiet command to restore the default (five minutes).
With the timer quiet command configured, the switch stops processing the request
packets from users when the communication between the switch and the server is
interrupted. The switch does not send user request packets to the server until the wait
time of the switch is equal to or greater than the time configured with the timer quiet
command.
Related command: display hwtacac.
Example
# Set the quiet timer for the primary server to ten minutes.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] timer quiet 10
1.3.19 timer realtime-accounting
Syntax
timer realtime-accounting minutes
undo timer realtime-accounting
1-69
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
View
HWTACACS scheme view
Parameter
minutes: Real-time accounting interval, which is a multiple of 3 in the range 3 to 60
minutes. By default, the real-time accounting interval is 12 minutes.
Description
Use the timer realtime-accounting command to configure a real-time accounting
interval.
Use the undo timer realtime-accounting command to restore the default interval.
Note that:
z
Real-time accounting interval is necessary for real-time accounting. After an
interval value is set, the switch transmits the accounting information of online
users to the TACACS accounting server at intervals of this value.
z
The setting of real-time accounting interval depends somewhat on the
performance of the switch and the TACACS server: A shorter interval requires
higher device performance. You are therefore recommended to adopt a longer
interval when there are a large number of users (more than 1000, inclusive). Table
1-6 recommends the real-time accounting intervals for different numbers of users.
Table 1-6 Recommended intervals for different numbers of users
Number of users
Real-time accounting interval (minute)
1 to 99
3
100 to 499
6
500 to 999
12
ƒ1000
ƒ15
Example
# Set the real-time accounting interval in the HWTACACS scheme “test1” to 51
minutes.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test11] timer realtime-accounting 51
1-70
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1.3.20 timer response-timeout
Syntax
timer response-timeout seconds
undo timer response-timeout
View
HWTACACS scheme view
Parameter
seconds: Length of the response timer in seconds. It ranges from 1 to 300 and defaults
to 5.
Description
Use the timer response-timeout command to set the response timeout timer of the
TACACS server.
Use the undo timer response-timeout command to restore the default (five seconds).
Note:
As the HWTACACS is based on TCP, either the server response timeout and/or the
TCP timeout may cause disconnection to the TACACS server.
Related command: display hwtacacs.
Example
# Set the response timeout time of the TACACS server to 30 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] timer response-timeout 30
1.3.21 user-name-format
Syntax
user-name-format { with-domain | without-domain }
View
HWTACACS scheme view
1-71
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
Parameter
with-domain: Specifies to send the username with a domain name to the TACACS
server.
without-domain: Specifies to send the username without any domain name to the
TACACS server.
Description
Use the user-name-format command to configure the username format sent to the
TACACS server.
By default, an HWTACACS scheme acknowledges that the username sent to it
includes an ISP domain name.
Note that:
z
The supplicants are generally named in userid@isp-name format. The part
following the @ sign is the ISP domain name, according to which the switch
assigns a user to the corresponding ISP domain. However, some earlier TACACS
servers reject the user name including an ISP domain name. In this case, the user
name is sent to the TACACS server after its domain name is removed.
Accordingly, the switch provides this command to decide whether the username
sent to the TACACS server carries an ISP domain name or not.
z
If a HWTACACS scheme is configured to reject usernames including ISP domain
names, the TACACS scheme shall not be simultaneously used in more than one
ISP domains. Otherwise, the TACACS server will regard two users in different ISP
domains as the same user by mistake, if they have the same username.
(excluding their respective domain names.)
Related command: hwtacacs scheme.
Example
# Specify to send the username without any domain name to the HWTACACS scheme
"test1".
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-test1] user-name-format without-domain
1-72
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 2 EAD Configuration Commands
Chapter 2 EAD Configuration Commands
2.1 EAD Configuration Commands
2.1.1 security-policy-server
Syntax
security-policy-server ip-address
undo security-policy-server [ ip-address | all ]
View
RADIUS scheme view
Parameter
ip-address: IP address of the security policy server.
all: All IP addresses of security policy servers.
Description
Use the security-policy-server command to specify an IP address for a security policy
server.
Use the undo security-policy-server command to delete the specified IP address.
You may specify up to eight security policy servers in a RADIUS scheme.
Each RADIUS scheme supports at most eight IP addresses of security policy servers.
The switch only responds to the session control packets coming from the authentication
server and security policy server.
Example
# Set the IP address of the security policy server to 192.168.0.1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] radius scheme 3Com
[3Com-radius-3Com] security-policy-server 192.168.0.1
[3Com-radius-3Com] display current-configuration
…
radius scheme 3Com
primary authentication 1.1.11.29 1812
secondary authentication 127.0.0.1 1645
security-policy-server 192.168.0.1
2-1
3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
user-name-format without-domain
…
2-2
Chapter 2 EAD Configuration Commands
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Table of Contents
Table of Contents
Chapter 1 VRRP Configuration Commands ............................................................................... 1-1
1.1 VRRP Configuration Commands ....................................................................................... 1-1
1.1.1 debugging vrrp ........................................................................................................ 1-1
1.1.2 display vrrp .............................................................................................................. 1-1
1.1.3 reset vrrp statistics .................................................................................................. 1-3
1.1.4 vrrp authentication-mode ........................................................................................ 1-4
1.1.5 vrrp method ............................................................................................................. 1-5
1.1.6 vrrp ping-enable ...................................................................................................... 1-6
1.1.7 vrrp vrid preempt-mode........................................................................................... 1-6
1.1.8 vrrp vrid priority........................................................................................................ 1-8
1.1.9 vrrp vrid timer advertise........................................................................................... 1-9
1.1.10 vrrp vrid track......................................................................................................... 1-9
1.1.11 vrrp vrid virtual-ip................................................................................................. 1-11
Chapter 2 HA Configuration Commands .................................................................................... 2-1
2.1 HA Configuration Commands ............................................................................................ 2-1
2.1.1 display switchover state .......................................................................................... 2-1
2.1.2 slave auto-update config ......................................................................................... 2-1
2.1.3 slave restart............................................................................................................. 2-2
2.1.4 slave switchover ...................................................................................................... 2-2
2.1.5 slave update configuration ...................................................................................... 2-3
i
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
Chapter 1 VRRP Configuration Commands
1.1 VRRP Configuration Commands
1.1.1 debugging vrrp
Syntax
debugging vrrp { state | packet }
undo debugging vrrp { state | packet }
View
User view
Parameter
state: Debugs VRRP state.
packet: Debugs VRRP packets.
Description
Use the debugging vrrp command to enable VRRP debugging.
Use the undo debugging vrrp command to disable VRRP debugging.
By default, VRRP debugging is disabled.
Example
# Enable VRRP state debugging.
<3Com> debugging vrrp state
1.1.2 display vrrp
Syntax
display vrrp [ interface Vlan-interface valn-id | statistics [ Vlan-interface vlan-id ] ]
[ virtual-router-id ]
View
Any view
Parameter
interface: Displays VRRP information about the specified VLAN interface.
vlan-id: VLAN interface ID.
1-1
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
statistics: Displays VRRP statistics.
virtual-router-id: VRRP backup group ID ranging from 1 to 255.
Description
Use the display vrrp command to display the information about the VRRP state or
VRRP statistics.
When VRRP status information is displayed:
If the interface index and backup group ID are not specified, the state information
z
about all the backup groups on the switch is displayed.
If only the interface index is specified, the state information about all the backup
z
groups on the interface is displayed.
If both the interface index and backup group ID are specified, the state information
z
about the specified backup group on the interface is displayed.
When VRRP statistics information is displayed:
If the interface index and backup group ID are not specified, the statistics about all
z
the backup groups on the switch is displayed.
If only the interface index is specified, the statistics about all the backup groups on
z
the interface is displayed.
If both the interface index and backup group ID are specified, the statistics about
z
the specified backup group on the interface is displayed.
Example
# Display the statistics about all the backup groups on the switch.
<3Com> display vrrp statistics
Interface
: Vlan-interface10
VRID
: 1
CheckSum Errors
: 0
Version Errors
: 0
VRID Errors
: 0
Advertisement Interval Errors
: 0
IP TTL Errors
: 0
Auth Failures
: 0
Invalid Auth Type
: 0
Auth Type Mismatch
: 0
Packet Length Errors
: 0
Address List Errors
: 0
Become Master
: 2
Priority Zero Pkts Rcvd
: 0
Advertise Rcvd
: 0
Priority Zero Pkts Sent
: 1
Invalid Type Pkts Rcvd : 0
Table 1-1 Description on the fields of the display vrrp statistics command
Field
Description
Interface
Interface in which the backup group resides
VRID
Backup group ID
CheckSum Errors
Number of checksum errors
1-2
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
Field
Description
Version Errors
Number of version errors
VRID Errors
Number of backup group ID errors
Advertisement Interval Errors
Number of advertisement time interval errors
IP TTL Errors
Number of TTL errors
Auth Failures
Number of authentication errors
Invalid Auth Type
Number of invalid authentication types
Auth Type Mismatch
Number of mismatched authentication types
Packet Length Errors
Number of VRRP packet length errors
Address List Errors
Number of the virtual IP address list errors
Become Master
Number of the occasions where the switch
operates as the master
Priority Zero Pkts Rcvd
Number of the received advertisement packets
with the priority of 0
Advertise Rcvd
Number of the received advertisement packets
Priority Zero Pkts Sent
Number of the sent advertisement packets with
the priority of 0
Invalid Type Pkts Rcvd
Number of packet type errors
1.1.3 reset vrrp statistics
Syntax
reset vrrp statistics [ vlan-interface vlan-id ] [ virtual-router-id ]
View
User view
Parameter
vlan-id: VLAN interface ID.
virtual-router-id: VRRP virtual router ID ranging from 1 to 255.
Description
Use the reset vrrp command to clear the statistics information about VRRP.
When you execute this command,
z
If the interface index and backup group ID are not specified, the statistics
information about all the backup groups on the switch is cleared.
1-3
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
z
Chapter 1 VRRP Configuration Commands
If only the interface index is specified, the statistics information about all the
backup groups on the interface will be cleared.
z
If both the interface index and backup group ID are specified, the statistics
information about the specified backup group on the interface is cleared.
Example
# Clear the VRRP statistics on the switch.
<3Com> reset vrrp statistics
1.1.4 vrrp authentication-mode
Syntax
vrrp authentication-mode authentication-type authentication-key
undo vrrp authentication-mode
View
VLAN interface view
Parameter
authentication-type: Authentication type, which can be:
z
simple: Indicates to perform simple character authentication.
z
md5: Indicates to perform the authentication with MD5 algorithm.
authentication-key: Authentication key. When you specify authentication-type to be
simple, the authentication key can contain up to eight characters. When you specify
authentication-type to be md5, the authentication key can be a string comprising up to
eight characters in plain text or a 24-character encrypted string.
Description
Use the vrrp authentication-mode command to specify the authentication type and
the authentication key for a VRRP backup group.
Use the undo vrrp authentication-mode command to clear the configured
authentication type and authentication key.
If the simple or md5 authentication is configured, the authentication key is required.
This command sets the authentication type and authentication key for all the VRRP
backup groups on an interface. As defined in the protocol, all the backup groups on an
interface share the same authentication type and authentication key. And all the
members joining the same backup group share the same authentication type and
authentication key too.
Note that the authentication key is case-sensitive.
1-4
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
Example
# Specify the authentication type as simple, and authentication key as aabbcc.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 2
[3Com-Vlan-interface2] vrrp authentication-mode simple aabbcc
1.1.5 vrrp method
Syntax
vrrp method { real-mac | virtual-mac }
undo vrrp method
View
System view
Parameter
real-mac: Maps the real MAC address of a Layer 3 switch routing interface to virtual
router IP addresses.
virtual-mac: Maps the virtual MAC address to virtual router IP addresses of backup
groups.
Description
Use the vrrp method command to map the MAC address of a backup group to the
virtual router IP addresses. You can map the actual or virtual MAC address of a Layer 3
switch routing interface to virtual router IP addresses.
Use the undo vrrp method command to restore the default map settings.
By default, the virtual MAC address of a backup group is mapped to the IP address of
the virtual router.
Note that as the mapping relationship between the MAC addresses of a backup group
and a virtual router IP address cannot be configured after the backup group is created,
configure the mapping relationship before you create a backup group.
Note:
Due to the chips installed, when you map the virtual IP addresses to the virtual MAC
addresses, the type of chips decides the number of backup groups that can be
configured on a VLAN interface. Refer to device specification for detail.
1-5
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
Example
# Map the real MAC address of a routing interface to a virtual router IP address.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vrrp method real-mac
1.1.6 vrrp ping-enable
Syntax
vrrp ping-enable
undo vrrp ping-enable
View
System view
Parameter
None
Description
Use the vrrp ping-enable command to enable a backup group to respond to ping
operations destined for its virtual router IP address.
Use the undo vrrp ping-enable command to revert to the default.
By default, a backup group does not respond to ping operations destined for its virtual
router IP address.
As these two commands are invalid to switches in backup groups, use them before you
create a backup group.
Example
# Enable a backup group to respond to ping operations destined for its virtual router IP
address.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vrrp ping-enable
1.1.7 vrrp vrid preempt-mode
Syntax
vrrp vrid virtual-router-id preempt-mode [ timer delay delay-value ]
undo vrrp vrid virtual-router-id preempt-mode
1-6
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
View
VLAN interface view
Parameter
virtual-router-id: VRRP backup group ID ranging from 1 to 255.
delay-value: Delay period (in seconds) ranging from 0 to 255.
Description
Use the vrrp vrid preempt-mode command to configure a switch to operate in the
preemptive mode and set the delay period.
Use the undo vrrp vrid preempt-mode command to cancel the configuration.
By default, switches in a backup group operate in the preemptive mode, with the delay
period set to 0 seconds.
If you want backup switches to preempt the master switch, configure them to operate in
the preemptive mode. You can also set the delay period for preemption as needed.
As long as a switch in the backup group becomes the master switch, other switches,
even if they are configured with a higher priority later, do not preempt the master switch
unless they operate in preemptive mode. The switch operating in preemptive mode will
become the master switch when it finds its priority is higher than that of the current
master switch, and the former master switch becomes a backup switch accordingly.
You can configure an Switch 7750 series switch to operate in preemptive mode. You
can also set the delay period. A backup switch waits for a period of time (the delay
period) before becoming a master switch. Setting a delay period aims at:
In an unstable network, backup switches in a backup group possibly cannot receive
packets from the master in time due to network congestions even if the master operates
properly. This causes the master of the backup group being determined frequently.
With the configuration of delay period, the backup switch will wait for a while if it does
not receive packets from the master switch in time. A new master is determined only
after the backup switches do not receive packets from the master switch after the
specified delay time.
Note:
You can use the undo vrrp vrid preempt-mode command to set switches in a backup
group to operate in non-preemptive mode.
Example
# Configure the switches to operate in the preemptive mode.
1-7
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 2
[3Com-Vlan-interface2] vrrp vrid 1 preempt-mode
# Set the delay period.
[3Com-Vlan-interface2] vrrp vrid 1 preempt-mode timer delay 5
# Configure the switches to operate in non-preemptive mode.
[3Com-Vlan-interface2] undo vrrp vrid 1 preempt-mode
1.1.8 vrrp vrid priority
Syntax
vrrp vrid virtual-router-id priority priority
undo vrrp vrid virtual-router-id priority
View
VLAN interface view
Parameter
virtual-router-id: VRRP backup group ID ranging from 1 to 255.
priority: Switch priority to be set. This argument ranges from 1 to 254.
Description
Use the vrrp vrid priority command to set the priority of a switch in a backup group.
Use the undo vrrp vrid priority command to revert to the default priority.
By default, the priority of a switch in a backup group is 100.
Switch priority determines the possibility for the switch to become a master switch. A
switch with larger priority is more likely to become a master switch. Note that the priority
of 0 is reserved for special use, and the priority of 255 is for IP address owners. That is,
the priority of a switch that owns a virtual router IP address is fixed to 255 and cannot be
modified.
Example
# Set the priority to 120 for a switch in the backup group.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 2
[3Com-Vlan-interface2] vrrp vrid 1 priority 120
1-8
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
1.1.9 vrrp vrid timer advertise
Syntax
vrrp vrid virtual-router-id timer advertise adver-interval
undo vrrp vrid virtual-router-id timer advertise
View
VLAN interface view
Parameter
virtual-router-id: VRRP backup group ID ranging from 1 to 255.
adver-interval: Interval (in seconds) for the master switch of a backup group to send
VRRP packets. This argument ranges from 1 to 255.
Description
Use the vrrp vrid timer advertise command to set the interval for the master switch of
a backup group to send VRRP packets.
Use the undo vrrp vrid timer advertise command to revert to the default interval.
Note that configuration error occurs if switches of the same backup group are
configured with different adver-interval values.
By default, the interval for the master switch in a backup group to send VRRP packets
is 1 second.
Example
# Set the interval for the master switch to send VRRP packets to 15 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 2
[3Com-Vlan-interface2] vrrp vrid 1 timer advertise 15
1.1.10 vrrp vrid track
Syntax
vrrp
vrid
virtual-router-id
track
interface-type
interface-number
value-reduced ]
undo vrrp vrid virtual-router-id track [ interface-type interface-number ]
View
VLAN interface view
1-9
[
reduced
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
Parameter
virtual-router-id: VRRP backup group ID ranging form 1 to 255.
Interface-type interface-number: VLAN interface to be tracked.
value-reduced: Value by which the priority is to decrease. This argument ranges from 1
to 255.
Description
Use the vrrp vrid track command to set a VLAN interface/Ethernet port to be tracked.
Use the undo vrrp vrid track command to disable a VLAN interface/Ethernet port from
being tracked.
By default, the value by which the priority of the VLAN interface decreases is 10.
The VLAN interface/Ethernet port tracking function extends the use of the backup
function. With this function enabled, the backup function is provided not only when the
interface where the backup group resides fails, but also when other interfaces/Ethernet
ports are unavailable. By executing the related command you can track an
interface/Ethernet port.
When a tracked VLAN interface/Ethernet port goes down, the priority of the switch
owning the interface/port will reduce automatically by a specified value (the
value-reduced argument). If the switches with their priorities higher than that of the
current master switch exist in the backup group, a new master switch will be then
determined.
Note:
z
The Ethernet port tracked can be in or out of the VLAN in whose interface the
backup group resides.
z
If a switch is the IP address owner, the VLAN interface/Ethernet port tracking
function can not be enabled for the switch.
z
If a tracked VLAN interface/Ethernet port goes down, when it is up again, the priority
of the corresponding switch is automatically restored.
z
Each backup group can track up to eight VLAN interfaces/Ethernet ports.
Example
# Configure VLAN 2 interface to track VLAN 1 interface and specify the priority of the
master switch of backup group 1 (on VLAN 2 interface) decreases by 50 when VLAN 1
interface goes down.
<3Com> system-view
System View: return to User View with Ctrl+Z.
1-10
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
[3Com] interface Vlan-interface 2
[3Com-Vlan-interface2] vrrp vrid 1 track vlan-interface 1 reduced 50
1.1.11 vrrp vrid virtual-ip
Syntax
vrrp vrid virtual-router-id virtual-ip virtual-address
undo vrrp vrid virtual-router-id [ virtual-ip virtual-address ]
View
VLAN interface view
Parameter
virtual-router-id: VRRP backup group ID ranging from 1 to 255.
virtual-address: Virtual router IP address to be configured.
Description
Use the vrrp vrid virtual-ip command to add a virtual router IP address to an existing
backup group.
Use the undo vrrp vrid virtual-ip command to remove a virtual router IP address from
an existing backup group.
The vrrp vrid virtual-ip command can also be used to create a backup group. You can
add up to 16 virtual router IP addresses to a backup group. The undo vrrp vrid
virtual-ip command can also be used to remove an existing backup group. A backup
group is removed if all the virtual router IP addresses configured for it are removed.
Note that the virtual router IP address and the IP addresses used by the member
switches in a backup group must belong to the same network segment. If not, the
backup group will be in the initial state (the state before you configure the VRRP for the
switches). In this case, VRRP does not take effect.
Example
# Create a backup group.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 2
[3Com-Vlan-interface2] vrrp vrid 1 virtual-ip 10.10.10.10
# Add a virtual router IP address to an existing backup group.
[3Com-Vlan-interface2] vrrp vrid 1 virtual-ip 10.10.10.11
# Remove a virtual router IP address from a backup group.
[3Com-Vlan-interface2] undo vrrp vrid 1 virtual-ip 10.10.10.10
1-11
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 1 VRRP Configuration Commands
# Remove a backup group.
[3Com-Vlan-interface2] undo vrrp vrid 1
1-12
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 2 HA Configuration Commands
Chapter 2 HA Configuration Commands
2.1 HA Configuration Commands
2.1.1 display switchover state
Syntax
display switchover state [ slot-id ]
View
Any view
Parameter
slot-id: Slot number of master/slave board.
Description
Use the display switchover state command to display the backup status of
master/slave board.
This command displays the backup state of master/slave board according to the
specified slot number. If the slot-id is not specified, the status of master board will be
displayed.
Example
# Display the status of master board.
<3Com> display switchover state
HA FSM State(master): Slave is absent.
2.1.2 slave auto-update config
Syntax
slave auto-update config
undo slave auto-update config
View
System view
Parameter
None
2-1
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 2 HA Configuration Commands
Description
Use slave auto-update config command to enable the automatic synchronization of
configuration files between the master/slave systems.
Use the undo slave auto-update config command to disable the automatic
synchronization.
By default, the automatic synchronization of configuration files between the master and
slave system is enabled.
Related command: slave update configuration.
Example
# Enable automatic synchronization between master/slave systems.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] slave auto-update config
2.1.3 slave restart
Syntax
slave restart
View
User view
Parameter
None
Description
Use the slave restart command to restart the slave board.
When the application of the backup system operates unmorally and requires for
reloading the applications, you can use this command to restart the slave board.
Example
# Restart the slave board.
<3Com> slave restart
The slave will reset! Continue?[Y/N]:y
2.1.4 slave switchover
Syntax
slave switchover
2-2
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 2 HA Configuration Commands
View
User view
Parameter
None
Description
Use the slave switchover command to perform master/slave switchover manually.
When the slave board operates normally and the master board is in the real-time
backup state, if you want the slave board to operate in place of the master board, you
can use this command to implement master/slave switchover. After that, the slave
board becomes the new master board and controls the system, and the original master
board restarts automatically.
Example
# Perform master/slave switchover manually.
<3Com> slave switchover
Caution!!! Confirm switch slave to master[Y/N]?y
Starting.....
RAM Line....OK
2.1.5 slave update configuration
Syntax
slave update configuration
View
User view
Parameter
None
Description
Use the slave update configuration command to synchronise the configurations files
on master/slave board.
You can use this command to manually synchronize the configuration files on the
master board to the slave board.
Example
# Synchronize the configuration files on the master board to the slave board.
<3Com> slave update configuration
2-3
3Com Switch 7750 Series
Command Reference Guide – VRRP & HA
Chapter 2 HA Configuration Commands
Now saving the current configuration to the slave board.
Please wait...
The configuration has been saved to the slave board successfully.
2-4
3Com Switch 7750 Series
Command Reference Guide – ARP
Table of Contents
Table of Contents
Chapter 1 ARP Configuration Commands .................................................................................. 1-1
1.1 ARP Configuration Commands.......................................................................................... 1-1
1.1.1 arp check enable ..................................................................................................... 1-1
1.1.2 arp max-entry .......................................................................................................... 1-1
1.1.3 arp max-dynamic-entry ........................................................................................... 1-2
1.1.4 arp proxy enable...................................................................................................... 1-3
1.1.5 arp proxy source-vlan enable.................................................................................. 1-3
1.1.6 arp source-suppression limit ................................................................................... 1-4
1.1.7 arp static.................................................................................................................. 1-5
1.1.8 arp timer aging ........................................................................................................ 1-6
1.1.9 display arp ............................................................................................................... 1-7
1.1.10 display arp | ........................................................................................................... 1-8
1.1.11 display arp entry-limit ............................................................................................ 1-9
1.1.12 display arp interface ............................................................................................ 1-10
1.1.13 display arp proxy ................................................................................................. 1-11
1.1.14 display arp slot .................................................................................................... 1-11
1.1.15 display arp source-suppression .......................................................................... 1-12
1.1.16 display arp vlan ................................................................................................... 1-12
1.1.17 display arp timer aging ........................................................................................ 1-13
1.1.18 gratuitous-arp-learning enable ............................................................................ 1-13
1.1.19 reset arp .............................................................................................................. 1-14
i
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
Chapter 1 ARP Configuration Commands
1.1 ARP Configuration Commands
1.1.1 arp check enable
Syntax
arp check enable
undo arp check enable
View
System view
Parameter
None
Description
Use the arp check enable command to enable the ARP entry checking function, that is,
to disable a switch from creating multicast MAC address ARP entries for MAC
addresses learned.
Use the undo arp check enable command to disable the ARP entry checking function.
In this case, a switch creates multicast MAC address ARP entries for MAC addresses
learned.
By default, the ARP entry checking function is enabled.
Example
# Configure to create multicast MAC address ARP entries for MAC addresses learned.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] undo arp check enable
1.1.2 arp max-entry
Syntax
arp max-entry
undo arp max-entry
View
System view
1-1
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
Parameter
number: The maximum number of the ARP entries, in the range of 4,096 to 8,192.
Description
Use the arp max-entry command to set the limit of the total number of the ARP entries.
The value ranges from 4,096 to 8,192.
Use the undo arp max-entry command to restore the limit to the default.
By default, the maximum number of the ARP entries is 8,192.
Example
# Set the maximum number of the ARP entries to 4,096.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] arp max-entry 4096
1.1.3 arp max-dynamic-entry
Syntax
arp max-dynamic-entry number
undo arp max-dynamic-entry number
View
Port view
Parameter
number: Maximum number of dynamic ARP entries learnt by a port, ranging from 0 to
8,192.
Description
Use the arp max-dynamic-entry command to set the maximum number of the
dynamic ARP entries learnt by a port. The value ranges from 0 to 8,192.
Use the undo max-dynamic-entry command to restore the maximum number to the
default.
By default, the maximum number of dynamic ARP entries that can be learnt by a port is
2,048.
Example
# Set maximum number of dynamic ARP entries learnt by GE3/0/1 to 6,000.
<3Com> system-view
System View: return to User View with Ctrl+Z.
1-2
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
[3Com] interface GigabitEthernet 3/0/1
[3Com GigabitEthernet3/0/1] arp max-dynamic-entry 6000
1.1.4 arp proxy enable
Syntax
arp proxy enable
undo arp proxy enable
View
VLAN interface view
Parameter
None
Description
Use the arp proxy enable command to enable ARP proxy function.
Use the undo arp proxy enable command to disable ARP proxy function. With the arp
proxy enable command configured, a switch can realize the communication between
hosts (belong to different VLAN) connected to the switch through its layer 3 forwarding
function.
By default, ARP proxy function is disabled.
Related command: display arp proxy.
Example
# Enable ARP proxy for VLAN 2 interface.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2] arp proxy enable
1.1.5 arp proxy source-vlan enable
Syntax
arp proxy source-vlan enable
undo arp proxy source-vlan enable
View
VLAN interface view
1-3
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
Parameter
None
Description
Use the arp proxy source-vlan enable command to enable the inbound VLAN ARP
proxy function to process the ARP requests in the same VLAN, so as to realize the
Layer 3 connectivity between the Layer 2 isolated ports.
Use the undo arp proxy source-vlan enable command to enable the ARP proxy only
for the ARP requests between different VLANs, ARP requests in the same VLAN will
not be processed by the ARP proxy. By default, the incoming VLAN ARP proxy function
is disabled, and when enabled, the ARP proxy function only processes ARP requests
between different VLANs.
Note that, the incoming VLAN ARP function takes effect only after the ARP proxy
function is enabled.
Related command: arp proxy enable, display arp proxy.
Example
# With ARP proxy enabled, enable the incoming VLAN ARP proxy for VLAN 2.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 2
[3Com-Vlan-interface2] arp proxy source-vlan enable
1.1.6 arp source-suppression limit
Syntax
arp source-suppression limit { total | local | through } limit-value
undo arp source-suppression limit { total | local | through }
View
System view
Parameter
total: Sets the maximum number of arbitrary ARP packets (no limit on the source IP
address and the destination IP address) sent to the CPU at a time.
local: Sets the maximum number of ARP packets (with the same source IP addresses,
and the destination IP address is the IP address of the current switch) sent to the CPU
at a time.
1-4
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
through: Sets the maximum number of ARP packets (with the same source IP
addresses, and the destination IP address is not the IP address of the current switch)
sent to the CPU at a time.
limit-value: Maximum number of ARP packets of a type sent to the CPU at a time.
When local or total is adopted, the limit value ranges from 1 to 4294967295; when
through is adopted, the value ranges from 0 to 4294967295.
Description
Use the arp source-suppression limit command to configure the maximum number
of ARP packets of a type sent to the CPU at a time.
Use the undo arp source-suppression limit command to restore the default
maximum number of ARP packets of a type sent to the CPU at a time.
By default, the maximum number of ARP packets sent to the CPU is related with the
type of ARP packets.
z
When total is adopted in the command, the default value is 100.
z
When local is adopted in the command, the default value is 3.
When through is adopted in the command, the default value is 3.When configuring
each keyword; make sure that the specified value of the total keyword is greater than
that of the local and through.
Related command: display arp source-suppression.
Example
# Configure the maximum number of the arbitrary ARP packets sent to the CPU at a
time is 200.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] arp source-suppression limit total 200
1.1.7 arp static
Syntax
arp static ip-address mac-address [ vlan-id interface-type interface-number ]
undo arp ip-address
View
System view
Parameter
ip-address: IP address contained in the ARP mapping entry to be created/removed.
1-5
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
mac-address: MAC address contained in the ARP mapping entry to be created, in the
format of H-H-H.
vlan-id: ID of the VLAN to which the static ARP entry belongs, in the range of 1 to 4094.
interface-type: Type of the port to which the static ARP entry belongs.
interface-number: Number of the port to which the static ARP entry belongs.
Description
Use the arp static command to create a static ARP mapping entry.
Use the undo arp command to remove an ARP mapping entry.
The system ARP mapping table is empty when a switch is just started. And the dynamic
address mapping entries are generated by ARP.
Note that:
z
Static ARP mapping entries are valid as long as the Ethernet switch operates.
However, an ARP mapping entry is removed if the corresponding VLAN is
removed. By default, a dynamic ARP mapping entry remains valid for 20 minutes.
z
As for the arp static command, the value of the vlan-id argument must be the ID of
an existing VLAN, and the port identified by the interface-type and
interface-number arguments must belong to the VLAN.
Related command: reset arp, display arp.
Example
# Create a static ARP mapping entry, with the IP address of 202.38.10.2, the MAC
address of 00e0-fc01-0000. The ARP mapping entry belongs to Ethernet1/0/1 port
(assuming that Ethernet1/0/1 port belongs to VLAN1).
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] arp static 202.38.10.2 00e0-fc01-0000 1 Ethernet 1/0/1
1.1.8 arp timer aging
Syntax
arp timer aging aging-time
undo arp timer aging
View
System view
Parameter
aging-time: Aging time (in minutes) of the dynamic ARP mapping entries. This
argument ranges from 1 to 1,440.
1-6
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
Description
Use the arp timer aging command to configure the aging time for dynamic ARP
mapping entries.
Use the undo arp timer aging command to restore the default aging time.
By default, the aging time for dynamic ARP mapping entries is 20 minutes.
Related command: display arp timer aging.
Example
# Configure the aging time to be 10 minutes for dynamic ARP mapping entries.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] arp timer aging 10
1.1.9 display arp
Syntax
display arp [ dynamic | static | ip-address ]
View
Any view
Parameter
dynamic: Displays dynamic ARP mapping entries.
static: Displays static ARP mapping entries.
ip-address: IP address. ARP mapping entries containing the IP address are to be
displayed.
Description
Use the display arp command to display specific ARP mapping entries.
If you execute this command with no keyword/argument specified, all the ARP mapping
entries are displayed.
Related command: arp static, reset arp.
Example
# Display all the ARP mapping entries.
<3Com> display arp
Type: S-Static
D-Dynamic
IP Address
MAC Address
VLAN ID
Port Name / AL ID
10.2.72.162
000a-000a-0aaa
N/A
N/A
N/A
S
192.168.0.77
0000-e8f5-6a4a
1
Ethernet1/0/2
13
D
1-7
Aging Type
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
192.168.0.2
000d-88f8-4e88
1
Ethernet1/0/2
14
D
192.168.0.200
0014-222c-9d6a
1
Ethernet1/0/2
14
D
192.168.0.45
000d-88f6-44c1
1
Ethernet1/0/2
15
D
192.168.0.110
0011-4301-991e
1
Ethernet1/0/2
15
D
192.168.0.32
0000-e8f5-73ee
1
Ethernet1/0/2
16
D
192.168.0.3
0014-222c-aa69
1
Ethernet1/0/2
16
D
192.168.0.17
000d-88f6-379c
1
Ethernet1/0/2
17
D
192.168.0.115
000d-88f7-9f7d
1
Ethernet1/0/2
18
D
192.168.0.43
000c-760a-172d
1
Ethernet1/0/2
18
D
192.168.0.33
000d-88f6-44ba
1
Ethernet1/0/2
20
D
192.168.0.35
00e0-fc02-2181
1
Ethernet1/0/2
20
D
192.168.0.5
000f-3d80-2b38
1
Ethernet1/0/2
20
D
---
14 entries found
---
Table 1-1 Description on the fields of the display arp command
Field
Description
IP Address
IP address contained in an ARP mapping entry
MAC Address
MAC address contained in an ARP mapping entry
VLAN ID
ID of the VLAN which an ARP mapping entry belongs to
Port Name / AL ID
Index of the port which an ARP mapping entry belongs to
Aging
Aging time (in minutes) of a dynamic ARP mapping entry
Type
Type of an ARP mapping entry
1.1.10 display arp |
Syntax
display arp | { begin | exclude | include } text
View
Any view
Parameter
begin: Displays the ARP mapping entries from the first ARP entry that contains the
specified string given by the text argument.
exclude: Displays the ARP mapping entries that do not contain the specified string
given by the text argument.
include: Displays the ARP mapping entries that contain the specified string given by
the text argument.
1-8
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
text: String used to filter ARP mapping entries.
Description
Use the display arp | command to display the ARP mapping entries related to string in
a specified way.
Related command: arp static, reset arp.
Example
# Display all the ARP mapping entries that contain the string “77”.
<3Com>dis arp | include 77
Type: S-Static
D-Dynamic
IP Address
MAC Address
VLAN ID
Port Name / AL ID
192.168.0.77
0000-e8f5-6a4a
1
Ethernet1/0/2
---
1 entry found
Aging Type
12
D
---
# Display all the ARP entries that do not contain the string “68”.
<3Com>dis arp | exclude 68
Type: S-Static
D-Dynamic
IP Address
MAC Address
VLAN ID
Port Name / AL ID
10.2.72.162
000a-000a-0aaa
N/A
N/A
---
1 entry found
---
Refer to Table 1-1 for the description on the above output information.
1.1.11 display arp entry-limit
Syntax
display arp entry-limit [ interface interface-type interface-number ]
View
Any view
Parameter
Interface-type: Port type.
Interface-number: Port number.
Description
Use this command to display the limit of the number of ARP entries.
1-9
Aging Type
N/A
S
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
If you specify a port in the command, the command will display the limit of the total
number of ARP entries and the limit number of the dynamic ARP entries on the
specified port.
If you do not specify a port in the command, the command will display the limit of the
total number of ARP entries and the limit number of the dynamic ARP entries on all
ports.
Example
# Display the current limit of the total number of ARP mapping entries.
<3Com> display arp entry-limit
The maximum ARP entry number is 8192
The maximum dynamic ARP entry number of the port GigabitEthernet0/0/1 is 2048
The maximum dynamic ARP entry number of the port GigabitEthernet0/0/2 is 2048
The maximum dynamic ARP entry number of the port GigabitEthernet0/0/3 is 2048
The maximum dynamic ARP entry number of the port GigabitEthernet0/0/4 is 2048
The maximum dynamic ARP entry number of the port GigabitEthernet3/0/1 is 6000
……
1.1.12 display arp interface
Syntax
display arp interface interface-type interface-number
View
Any view
Parameter
interface-type: Port type.
Interface-number: Port number.
Description
Use this command to display the ARP mapping table of a specified port.
Example
# Display the ARP mapping table of the Ethernet3/0/1.
<3Com> display arp interface ethernet 3/0/1
Type: S-Static
D-Dynamic
IP Address
MAC Address
VLAN ID Port Name
10.1.1.2
00e0-fc01-0102 1
1-10
Ethernet3/0/1
Aging Type
N/A
S
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
1.1.13 display arp proxy
Syntax
display arp proxy [ interface interface-type interface-number ]
View
Any view
Parameter
interface-type: Interface type.
interface-number: Interface number.
For more information about arguments, refer to the interface command in the Port
Basic Configuration Command Manual.
Description
Use the display arp proxy command to display ARP proxy state: enabled/disabled.
Related command: arp proxy enable.
Example
# Display ARP proxy state for VLAN 2 interface.
<3Com> display arp proxy interface Vlan-interface 2
Interface Vlan-interface2
Proxy ARP status: disabled
1.1.14 display arp slot
Syntax
display arp slot slot-id
View
Any view
Parameter
slot-id: ID of a slot.
Description
Use this command to display the ARP mapping table of all ports on the specified slot.
Example
# Display the ARP mapping table on the third slot.
<3Com> display arp slot 3
1-11
3Com Switch 7750 Series
Command Reference Guide – ARP
Type: S-Static
Chapter 1 ARP Configuration Commands
D-Dynamic
IP Address
MAC Address
VLAN ID Port Name
10.1.1.2
00e0-fc01-0102 1
Ethernet3/0/1
Aging Type
N/A
S
1.1.15 display arp source-suppression
Syntax
display arp source-suppression
View
Any view
Parameter
None
Description
Use the display arp source-suppression command to display the ARP source
suppression configuration information about the current switch.
Example
# Display the ARP source suppression configuration information about the current
switch.
<3Com> display arp source-suppression
ARP suppression limit total: 4294967295
ARP suppression limit local: 3
ARP suppression limit through: 3
1.1.16 display arp vlan
Syntax
display arp vlan vlan-id
View
Any view
Parameter
vlan-id: VLAN ID.
Description
Use this command to display the ARP mapping table of all ports on a specified VLAN.
1-12
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
Example
# Display the ARP mapping table of VLAN1.
<3Com> display arp vlan 1
Type: S-Static
D-Dynamic
IP Address
MAC Address
VLAN ID Port Name
10.1.1.2
00e0-fc01-0102 1
Ethernet3/0/1
Aging Type
N/A
S
1.1.17 display arp timer aging
Syntax
display arp timer aging
View
Any view
Parameter
None
Description
Use the display arp timer aging command to display the setting of the ARP aging
timer.
Related command: arp timer aging.
Example
# Display the setting of the ARP aging timer.
<3Com> display arp timer aging
Current ARP aging time is 20 minute(s)(default)
The displayed information shows that the ARP aging timer is set to 20 minutes.
1.1.18 gratuitous-arp-learning enable
Syntax
gratuitous-arp-learning enable
undo gratuitous-arp-learning enable
View
System view
Parameter
None
1-13
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
Description
Use the gratuitous-arp-learning enable command to enable the gratuitous ARP
packet learning function.
Use the undo gratuitous-arp-learning enable command to disable the gratuitous
ARP packet learning function.
By default, the gratuitous ARP packet learning function is enabled.
With the gratuitous ARP packet learning function enabled, a switch operates as follows
when receiving a gratuitous ARP packet:
If the cache of the switch contains ARP mapping entries that match the packet, the
switch updates the ARP mapping entries using the sender hardware address carried in
the gratuitous ARP packet.
If no ARP mapping entry in the cache matches the packet, an ARP mapping entry
corresponding to the packet is created.
Example
# Enable the gratuitous ARP packet learning function on the switch named 3ComA.
<3ComA> system-view
System View: return to User View with Ctrl+Z.
[3ComA] gratuitous-arp-learning enable
1.1.19 reset arp
Syntax
reset arp [ dynamic | static | interface interface-type interface-number ]
View
User view
Parameter
dynamic: Clears dynamic ARP mapping entries.
static: Clears static ARP mapping entries.
interface-type: Port type.
interface-number: Port number.
Description
Use the reset arp command to clear specific ARP mapping entries.
Related command: arp static, display arp.
1-14
3Com Switch 7750 Series
Command Reference Guide – ARP
Chapter 1 ARP Configuration Commands
Example
# Clear static ARP mapping entries.
<3Com> reset arp static
1-15
3Com Switch 7750 Series
Command Reference Guide – DHCP
Contents
Table of Contents
Chapter 1 DHCP Server Configuration Commands ................................................................... 1-1
1.1 DHCP Server Configuration Commands ........................................................................... 1-1
1.1.1 dhcp enable............................................................................................................. 1-1
1.1.2 dhcp select global ................................................................................................... 1-1
1.1.3 dhcp select interface ............................................................................................... 1-2
1.1.4 dhcp server detect................................................................................................... 1-3
1.1.5 dhcp server dns-list ................................................................................................. 1-4
1.1.6 dhcp server domain-name ...................................................................................... 1-5
1.1.7 dhcp server expired................................................................................................. 1-6
1.1.8 dhcp server forbidden-ip ......................................................................................... 1-7
1.1.9 dhcp server ip-pool.................................................................................................. 1-8
1.1.10 dhcp server nbns-list ............................................................................................. 1-9
1.1.11 dhcp server netbios-type..................................................................................... 1-10
1.1.12 dhcp server option............................................................................................... 1-11
1.1.13 dhcp server ping.................................................................................................. 1-12
1.1.14 dhcp server static-bind ........................................................................................ 1-13
1.1.15 display dhcp server conflict ................................................................................. 1-14
1.1.16 display dhcp server expired ................................................................................ 1-15
1.1.17 display dhcp server free-ip .................................................................................. 1-16
1.1.18 display dhcp server ip-in-use .............................................................................. 1-17
1.1.19 display dhcp server statistics .............................................................................. 1-18
1.1.20 display dhcp server tree ...................................................................................... 1-20
1.1.21 dns-list ................................................................................................................. 1-22
1.1.22 domain-name ...................................................................................................... 1-23
1.1.23 expired................................................................................................................. 1-24
1.1.24 gateway-list ......................................................................................................... 1-25
1.1.25 nbns-list ............................................................................................................... 1-26
1.1.26 netbios-type......................................................................................................... 1-26
1.1.27 network................................................................................................................ 1-27
1.1.28 option................................................................................................................... 1-28
1.1.29 reset dhcp server conflict .................................................................................... 1-29
1.1.30 reset dhcp server ip-in-use.................................................................................. 1-30
1.1.31 reset dhcp server statistics.................................................................................. 1-30
1.1.32 static-bind ip-address .......................................................................................... 1-31
1.1.33 static-bind mac-address ...................................................................................... 1-32
Chapter 2 DHCP Relay Configuration Commands..................................................................... 2-1
2.1 DHCP Relay Configuration Commands ............................................................................ 2-1
i
3Com Switch 7750 Series
Command Reference Guide – DHCP
Contents
2.1.1 address-check ......................................................................................................... 2-1
2.1.2 address-check dhcp-relay ....................................................................................... 2-1
2.1.3 address-check no-matched..................................................................................... 2-2
2.1.4 dhcp relay information enable ................................................................................. 2-3
2.1.5 dhcp relay information strategy ............................................................................... 2-4
2.1.6 dhcp-security static ................................................................................................. 2-5
2.1.7 dhcp-security tracker............................................................................................... 2-5
2.1.8 dhcp-server ............................................................................................................. 2-6
2.1.9 dhcp-server ip.......................................................................................................... 2-7
2.1.10 display dhcp-security............................................................................................. 2-7
2.1.11 display dhcp-security tracker................................................................................. 2-8
2.1.12 display dhcp-server ............................................................................................... 2-9
2.1.13 display dhcp-server interface .............................................................................. 2-11
2.1.14 reset dhcp-server ................................................................................................ 2-11
Chapter 3 DHCP Snooping Configuration Commands.............................................................. 3-1
3.1 DHCP Snooping Configuration Commands ...................................................................... 3-1
3.1.1 dhcp-snooping......................................................................................................... 3-1
3.1.2 dhcp-snooping trust................................................................................................. 3-1
3.1.3 dhcp-snooping information enable .......................................................................... 3-2
3.1.4 display dhcp-snooping ............................................................................................ 3-3
3.1.5 display dhcp-snooping trust .................................................................................... 3-4
3.1.6 display dhcp-snooping vlan..................................................................................... 3-4
3.1.7 reset dhcp-snooping................................................................................................ 3-5
ii
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Chapter 1 DHCP Server Configuration Commands
1.1 DHCP Server Configuration Commands
1.1.1 dhcp enable
Syntax
dhcp enable
undo dhcp enable
View
System view
Parameter
None
Description
Use the dhcp enable command to enable DHCP.
Use the undo dhcp enable command to disable DHCP.
By default, DHCP is enabled.
You must first enable DHCP before performing other DHCP-related configurations.
This configuration is necessary for both DHCP servers and DHCP relays.
Example
# Enable DHCP.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp enable
1.1.2 dhcp select global
Syntax
VLAN interface view:
dhcp select global
undo dhcp select global
System view:
1-1
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
dhcp select global { interface interface-type interface-number [ to interface-type
interface-number ] | all }
undo dhcp select global { interface interface-type interface-number [ to
interface-type interface-number ] | all }
View
System view/VLAN interface view
Parameter
interface interface-type interface-number [ to interface-type interface-number ]:
Specifies the interface(s) to operate in global address pool mode. The interface-type
and interface-number arguments are the type and number of an interface. The to
keyword separates the start and the end of an interface range.
all: Specifies all ports to operate in global address pool mode.
Description
Use the dhcp select global command to configure the specified interface(s) or all
interfaces to operate in global DHCP address pool mode. Upon receiving a DHCP
packet from a DHCP client through an interface operating in global DHCP address
pool mode, the DHCP server chooses an IP address from a global DHCP address pool
of the local DHCP server and assigns the address to the DHCP client.
Use the undo dhcp select global command to restore the default DHCP packet
processing mode.
By default, an interface operates in local DHCP server global address pool mode.
Example
# Configure all interfaces to operate in global DHCP address pool mode, so that when
a DHCP packet is received from a DHCP client through any interface, the DHCP
server assigns an IP address in local global DHCP address pools to the DHCP client.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp select global all
1.1.3 dhcp select interface
Syntax
VLAN interface view:
dhcp select interface
undo dhcp select interface
System view:
1-2
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
dhcp select interface { interface interface-type interface-number [ to interface-type
interface-number ] | all }
undo dhcp select interface { interface interface-type interface-number [ to
interface-type interface-number ] | all }
View
System view/VLAN interface view
Parameter
interface interface-type interface-number [ to interface-type interface-number ]:
Specifies the interface(s) to operate in interface address pool mode.
all: Specifies all interfaces to operate in interface address pool mode.
Description
Use the dhcp select interface command to configure the specified interface(s) to
operate in DHCP interface address pool mode. Upon receiving a DHCP packet from a
DHCP client through an interface operating in interface address pool mode, the DHCP
server chooses an IP address from the interface address pool of the local DHCP
server and assigns the address to the DHCP client.
Use the undo dhcp select interface command to restore the default DHCP packet
processing mode.
By default, an interface operates in local DHCP server global address pool mode.
Example
# Configure all interfaces to operate in interface DHCP address pool mode, so that
when a DHCP packet is received from a DHCP client through any interface, the DHCP
server assigns an IP address in the local interface DHCP address pool to the DHCP
client.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp select interface all
1.1.4 dhcp server detect
Syntax
dhcp server detect
undo dhcp server detect
View
System view
1-3
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Parameter
None
Description
Use the dhcp server detect command to enable the unauthorized DHCP server
detecting function.
Use the undo dhcp server detect command to disable the unauthorized DHCP
server detecting function.
By default, the unauthorized DHCP server detecting function is disabled.
With the unauthorized DHCP server detecting function enabled, a DHCP server tracks
the information (such as the IP addresses and interfaces) of DHCP servers to enable
the administrator to detect unauthorized DHCP servers in time and take proper
measures.
Example
# Enable the private DHCP server detecting function.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server detect
1.1.5 dhcp server dns-list
Syntax
VLAN interface view:
dhcp server dns-list ip-address&<1-8>
undo dhcp server dns-list { ip-address | all }
System view:
dhcp server dns-list ip-address&<1-8> { interface interface-type interface-number
[ to interface-type interface-number ] | all }
undo dhcp server dns-list { ip-address | all } { interface interface-type
interface-number [ to interface-type interface-number ] | all }
View
System view/VLAN interface view
Parameter
ip-address&<1-8>: IP address of a DNS server. &<1-8> means you can provide up to
eight DNS server IP addresses. When inputting more than one DNS server IP address,
separate two neighboring IP addresses with a space.
1-4
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
interface interface-type interface-number [ to interface-type interface-number ]:
Specifies the interface(s), through which you can specify the corresponding interface
address pools.
all: (In comparison with the ip-address argument) Specifies all DNS server IP
addresses.
all: (In comparison with the interface keyword) Specifies all interface address pools.
Description
Use the dhcp server dns-list command to configure DNS server IP address(es) for
the DHCP address pool(s) of specified interface(s).
Use the undo dhcp server dns-list command to remove the DNS server IP
address(es) configured for the DHCP address pool(s) of the specified interface(s).
By default, no DNS server IP address is configured for a DHCP interface address pool.
If you execute the dhcp server dns-list command repeatedly, the new configuration
overwrites the previous one.
Related command: dns-list.
Example
# Configure the DNS server IP address 1.1.1.254 for the DHCP address pool of the
VLAN interface 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 1
[3Com-Vlan-interface1] dhcp server dns-list 1.1.1.254
1.1.6 dhcp server domain-name
Syntax
VLAN interface view:
dhcp server domain-name domain-name
undo dhcp server domain-name
System view:
dhcp server domain-name domain-name { interface interface-type interface-number
[ to interface-type interface-number ] | all }
undo dhcp server domain-name { interface interface-type interface-number [ to
interface-type interface-number ] | all }
View
System view/VLAN interface view
1-5
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Parameter
domain-name: Domain name of the DHCP clients whose IP addresses are from the
specified interface address pool(s). This argument is a string of 3 to 50 characters.
interface interface-type interface-number [ to interface-type interface-number ]:
Specifies the interface(s), through which you can specify the corresponding interface
address pool(s).
all: Specifies all interface address pools.
Description
Use the dhcp server domain-name command to configure a domain name for the
DHCP clients whose IP addresses are from the specified interface address pool(s).
Use the undo dhcp server domain-name command to remove the configured
domain name.
By default, no domain name is configured for the DHCP clients.
Related command: domain-name.
Example
# Set aabbcc.com as the domain name of the DHCP client whose IP address is
obtained from the DHCP address pool of the current VLAN interface 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 1
[3Com-Vlan-interface1] dhcp server domain-name aabbcc.com
1.1.7 dhcp server expired
Syntax
VLAN interface view:
dhcp server expired { day day [ hour hour [ minute minute ] ] | unlimited }
undo dhcp server expired
System view:
dhcp server expired { day day [ hour hour [ minute minute ] ] | unlimited }
{ interface interface-type interface-number [ to interface-type interface-number ] | all }
undo dhcp server expired { interface interface-type interface-number [ to
interface-type interface-number ] | all }
View
System view/VLAN interface view
1-6
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Parameter
day day: Specifies the number of days. The day argument ranges from 0 to 365.
hour hour: Specifies the number of hours. The hour argument ranges from 0 to 23.
minute minute: Specifies the number of minutes. The minute argument ranges from 0
to 59.
unlimited: Specifies that the lease time is unlimited. (But actually, the system limits the
maximum lease time to about 25 years.)
interface interface-type interface-number [ to interface-type interface-number ]:
Specifies the interface(s), through which you can specify the corresponding interface
address pool(s).
all: Specifies all interface address pools.
Description
Use the dhcp server expired command to configure the lease time of the IP
addresses in the specified interface address pool(s).
Use the undo dhcp server expired command to restore the default lease time.
The default lease time is one day.
Related command: expired.
Example
# Set the lease time of the IP addresses in all interface address pools to be 1 day, 2
hours and 3 minutes.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server expired day 1 hour 2 minute 3 all
1.1.8 dhcp server forbidden-ip
Syntax
dhcp server forbidden-ip low-ip-address [ high-ip-address ]
undo dhcp server forbidden-ip low-ip-address [ high-ip-address ]
View
System view
Parameter
low-ip-address: IP address that is not available for being assigned to DHCP clients
automatically (An IP address of this kind is known as a forbidden IP address). This
argument also marks the lower end of the range of the forbidden IP addresses.
1-7
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
high-ip-address: IP address that is not available for being assigned to DHCP clients.
This argument also marks the higher end of the range of the forbidden IP addresses.
Note that this argument cannot be less than the low-ip-address argument. If you do not
provide this argument, only the IP address specified by the low-ip-address argument is
forbidden.
Description
Use the dhcp server forbidden-ip command to forbid the specified IP addresses in a
DHCP address pool to be automatically assigned.
Use the undo dhcp server forbidden-ip command to cancel the forbiddance.
By default, all IP addresses in an address pool are allowed to be automatically
assigned.
Note that the specified address range cannot contain statically-bound addresses when
you use the undo dhcp server forbidden-ip command.
Related command: dhcp server ip-pool, network, static-bind ip-address and dhcp
server static-bind.
Example
# Forbid the IP addresses in the range 10.110.1.1 to 10.110.1.63 to be automatically
assigned.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server forbidden-ip 10.110.1.1 10.110.1.63
1.1.9 dhcp server ip-pool
Syntax
dhcp server ip-pool pool-name
undo dhcp server ip-pool pool-name
View
System view
Parameter
pool-name: Name of a DHCP address pool, which uniquely identifies the address pool.
This argument is a string of 1 to 35 characters.
Description
Use the dhcp server ip-pool command to create a global DHCP address pool and
enter DHCP address pool view. If the address pool identified by the pool-name
argument already exists, this command leads you to DHCP address pool view.
1-8
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Use the undo dhcp server ip-pool command to remove a specified DHCP address
pool.
By default, no global DHCP address pool is created.
Related command: dhcp enable.
Example
# Create DHCP address pool 0.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0]
1.1.10 dhcp server nbns-list
Syntax
VLAN interface view:
dhcp server nbns-list ip-address&<1-8>
undo dhcp server nbns-list { ip-address | all }
System view:
dhcp server nbns-list ip-address&<1-8> { interface interface-type interface-number
[ to interface-type interface-number ] | all }
undo dhcp server nbns-list { ip-address | all } { interface interface-type
interface-number [ to interface-type interface-number ] | all }
View
System view/VLAN interface view
Parameter
ip-address&<1-8>: IP address of a NetBIOS server. &<1-8> means you can provide up
to eight NetBIOS server IP addresses. When inputting more than one NetBIOS server
IP address, separate two neighboring IP addresses with a space.
interface interface-type interface-number [ to interface-type interface-number ]:
Specifies the interface(s), through which you can specify the corresponding interface
address pool(s).
all: (In comparison with the ip-address argument) Specifies all NetBIOS server IP
addresses.
all: (In comparison with the interface keyword) Specifies all interface address pools.
1-9
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Description
Use the dhcp server nbns-list command to configure NetBIOS server IP address(es)
for the specified DHCP interface address pool(s).
Use the undo dhcp server nbns-list command to remove the NetBIOS server IP
address(es) configured for the specified DHCP interface address pool(s).
By default, no NetBIOS server IP address is configured for a DHCP interface address
pool.
If you execute the dhcp server nbns-list command repeatedly, the new configuration
overwrites the previous one.
Related command: nbns-list and dhcp server netbios-type.
Example
# Configure the NetBIOS server IP address 10.12.1.99 for all the DHCP interface
address pools.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server nbns-list 10.12.1.99 all
1.1.11 dhcp server netbios-type
Syntax
VLAN interface view:
dhcp server netbios-type { b-node | h-node | m-node | p-node }
undo dhcp server netbios-type
System view:
dhcp server netbios-type { b-node | h-node | m-node | p-node } { interface
interface-type interface-number [ to interface-type interface-number ] | all }
undo dhcp server netbios-type { interface interface-type interface-number [ to
interface-type interface-number ] | all }
View
System view/VLAN interface view
Parameter
b-node: Specifies the broadcast type. Nodes of this type acquire host name-to-IP
address mapping by broadcasting.
p-node: Specifies the peer-to-peer type. Nodes of this type acquire host name-to-IP
address mapping by communicating with the NetBIOS server.
1-10
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
m-node: Specifies the m-typed mixed type. Nodes of this type are p-nodes with some
broadcasting features. (The character m here stands for mixed.)
h-nodeSpecifies the hybrid type. Nodes of this type are b-nodes with peer-to-peer
communicating features.
interface interface-type interface-number [ to interface-type interface-number ]:
Specifies the interface(s), through which you can specify the corresponding interface
address pools.
all: Specifies all interface address pools.
Description
Use the dhcp server netbios-type command to configure the NetBIOS node type of
the DHCP clients whose IP addresses are from the specified interface address pool(s).
Use the undo dhcp server netbios-type command to restore the default NetBIOS
node type.
By default, no NetBIOS node type is specified and the default NetBIOS node type is
h-node.
Related command: netbios-type and dhcp server nbns-list.
Example
# Specify p-node as the NetBIOS node type of the DHCP clients whose IP addresses
are from the DHCP address pool of VLAN interface 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface vlan-interface 1
[3Com-Vlan-interface1] dhcp server netbios-type p-node
1.1.12 dhcp server option
Syntax
VLAN interface view:
dhcp server option code { ascii ascii-string | hex hex-string&<1-10> | ip-address
ip-address&<1-8> }
undo dhcp server option code
System view:
dhcp server option code { ascii ascii-string | hex hex-string&<1-10> | ip-address
ip-address&<1-8> } { interface interface-type interface-number [ to interface-type
interface-number ] | all }
undo dhcp server option code { interface interface-type interface-number [ to
interface-type interface-number ] | all }
1-11
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
View
System view/VLAN interface view
Parameter
code: Customized option number ranging from 2 to 254. Note that this argument
cannot be 3, 6, 15, 44, 46, 50 through 55, 57 through 59.
ascii ascii-string: Specifies a string that is of 1 to 63 characters. Note that each
character of the string must be an ASCII character.
hex hex-string&<1-10>: Specifies strings, a hexadecimal number of 1 to 8 digits.
&<1-10> means you can provide up to 10 such strings. When inputting more than one
string, separate two neighboring strings with a space.
ip-address ip-address&<1-8>: Specifies IP addresses. &<1-8> means you can
provide up to eight IP addresses. When inputting more than one IP address, separate
two neighboring IP addresses with a space.
interface interface-type interface-number [ to interface-type interface-number ]:
Specifies the interface(s), through which you can specify the corresponding interface
address pools.
all: Specifies all interface address pools.
Description
Use the dhcp server option command to customize DHCP options for the specified
DHCP interface address pool(s).
Use the undo dhcp server option command to remove the customized DHCP
options.
If you execute the dhcp server option command repeatedly, the new configuration
overwrites the previous one.
Related command: option.
Example
# Configure option 100 to be 0x11 and 0x22 for all DHCP interface address pools.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server option 100 hex 11 22 all
1.1.13 dhcp server ping
Syntax
dhcp server ping { packets number | timeout milliseconds }
undo dhcp server ping { packets | timeout }
1-12
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
View
System view
Parameter
packets number: Specifies the number of the packets to be sent in a ping test. The
number argument ranges from 0 to 10 and defaults to 2. Value 0 means no packet will
be sent.
timeout milliseconds: Specifies the timeout time (in milliseconds) of each packet. The
milliseconds argument ranges from 0 to 10,000 and defaults to 500.
Description
Use the dhcp server ping command to set the maximum number of the ICMP packets
a DHCP server sends in a ping test and the maximum response timeout time of each
ICMP packet.
Use the undo dhcp server ping command to restore the default settings.
Example
# Set the maximum number of the packets the DHCP server sends in a ping test to 10,
and the timeout time of each packet to 500 milliseconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ping packets 10
1.1.14 dhcp server static-bind
Syntax
dhcp server static-bind ip-address ip-address mac-address mac-address
undo dhcp server static-bind { ip-address ip-address | mac-address mac-address }
View
VLAN interface view
Parameter
ip-address: IP address to be statically bound. Note that the specified IP address must
belong to the same network segment as that of the VLAN interface.
mac-address: MAC address to which the IP address is statically bound.
Description
Use the dhcp server static-bind command to statically bind an IP address of the
current address pool to a MAC address.
1-13
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Use the undo dhcp server static-bind command to cancel an IP-MAC address
binding.
By default, no IP address in an address pool is statically bound.
It should be noted that:
z
An IP address can be statically bound to only one MAC address. A MAC address
can be bound with only one IP address statically.
z
The IP address to be statically bound cannot be an interface IP address of the
device; otherwise the static binding does not take effect. The device of the bound
MAC address can also obtain another IP address.
Example
# Statically bind the IP address 10.1.1.1 to the MAC address 0000-e03f-0305.
(Assume that the interface address pool of VLAN interface 1 already exists and the IP
address belongs to the address pool.)
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface vlan-interface 1
[3Com-Vlan-interface1]
dhcp
server
static-bind
ip-address
10.1.1.1
mac-address 0000-e03f-0305
1.1.15 display dhcp server conflict
Syntax
display dhcp server conflict { all | ip ip-address }
View
Any view
Parameter
all: Specifies all IP addresses.
ip-address: Specifies one IP address.
Description
Use the display dhcp server conflict command to display the statistics of IP address
conflicts on the DHCP server.
Related command: reset dhcp server conflict.
Example
# Display the statistics of IP address conflicts.
<3Com> display dhcp server conflict all
Address
Discover Time
1-14
3Com Switch 7750 Series
Command Reference Guide – DHCP
10.110.1.2
Chapter 1 DHCP Server Configuration Commands
Jan 11 2003 11:57:07 PM
Table 1-1 Description on the fields of the display dhcp server conflict command
Field
Description
Address
Conflicting IP address
Discover Time
Time when the conflict is detected
1.1.16 display dhcp server expired
Syntax
display dhcp server expired { ip ip-address | pool [ pool-name ] | interface
[ interface-type interface-number ] | all }
View
Any view
Parameter
ip ip-address: Specifies an IP address.
pool [ pool-name ]: Specifies a global address pool. The pool-name argument, a string
of 1 to 35 characters, is the name of an address pool. If you do not provide this
argument, this command applies to all global address pools.
interface [ interface-type interface-number ]: Specifies a VLAN interface. If you do not
specify a VLAN interface, this command applies to all VLAN interfaces.
all: Specifies all DHCP address pools.
Description
Use the display dhcp server expired command to display the lease expiration
information about one IP address, or the lease expiration information about all IP
addresses in one or all DHCP address pools. When all the IP addresses in an address
pool are assigned, the DHCP server assigns the IP addresses that are expired to
DHCP clients.
Example
# Display the lease expiration information about the IP addresses in all DHCP address
pools.
<3Com> display dhcp server expired all
Global pool:
IP address
Hardware address
Lease expiration
1-15
Type
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Interface pool:
IP address
Hardware address
Lease expiration
Type
--- total 0 entry ---
Table 1-2 Description on the fields of the display dhcp server expired command
Field
Description
The
Global pool
information
about
the
expired
IP
addresses of global address pools
The
Interface pool
information
about
the
expired
IP
addresses of interface address pools
IP address
Bound IP addresses
MAC addresses to which IP addresses are
Hardware address
bound
Lease expiration
The time when a lease time expires
Type
Address binding type
1.1.17 display dhcp server free-ip
Syntax
display dhcp server free-ip
View
Any view
Parameter
None
Description
Use the display dhcp server free-ip command to display the free (that is, unassigned)
IP addresses.
Example
# Display the free IP addresses.
<3Com> display dhcp server free-ip
IP Range from 1.0.0.0
to 2.2.2.1
IP Range from 2.2.2.3
to 2.255.255.255
1-16
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
IP Range from 4.0.0.0
to 4.255.255.255
IP Range from 5.5.5.0
to 5.5.5.0
IP Range from 5.5.5.2
to 5.5.5.255
1.1.18 display dhcp server ip-in-use
Syntax
display dhcp server ip-in-use { ip ip-address | pool [ pool-name ] | interface
[ interface-type interface-number ] | all }
View
Any view
Parameter
ip ip-address: Specifies an IP address.
pool [ pool-name ]: Specifies a global address pool. The pool-name argument, a string
of 1 to 35 characters, is the name of an address pool. If you do not provide this
argument, this command applies to all global address pools.
interface [ interface-type interface-number ]: Specifies a VLAN interface. If you do not
specify a VLAN interface, this command applies to all VLAN interfaces.
all: Specifies all address pools.
Description
Use the display dhcp server ip-in-use command to display the address binding
information of one IP address, the specified DHCP address pool(s) or all DHCP
address pools.
Related command: reset dhcp server ip-in-use.
Example
# Display the address binding information of all DHCP address pools.
<3Com> display dhcp server ip-in-use all
Global pool:
IP address
Hardware address
2.2.2.2
44444-4444-4444
Lease expiration
NOT Used
Type
Manual
Interface pool:
IP address
5.5.5.1
Hardware address
Lease expiration
0050-ba28-930a
Type
Jun 5 2003 10:56: 7 AM Auto:COMMITED
--- total 2 entry ---
1-17
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Table 1-3 Description on the fields of the display dhcp server ip-in-use command
Field
Description
Address binding information of global DHCP
Global pool
address pools
Address binding information of interface
Interface pool
DHCP address pools
IP address
Bound IP address
MAC address to which the IP address is
Hardware address
bound
Lease expiration
Time when the lease expires
Type
Address binding type
1.1.19 display dhcp server statistics
Syntax
display dhcp server statistics
View
Any view
Parameter
None
Description
Use the display dhcp server statistics command to display the statistics on a DHCP
server.
Related command: reset dhcp server statistics.
Example
# Display the statistics on a DHCP server.
<3Com> display dhcp server statistics
Global Pool:
Pool Number:
5
Binding
Auto:
0
Manual:
1
1-18
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Expire:
0
Interface Pool:
Pool Number:
1
Binding
Auto:
1
Manual:
0
Expire:
0
Boot Request:
6
Dhcp Discover:
1
Dhcp Request:
4
Dhcp Decline:
0
Dhcp Release:
1
Dhcp Inform:
0
Boot Reply:
4
Dhcp Offer:
1
Dhcp Ack:
3
Dhcp Nak:
0
Bad Messages:
0
Table 1-4 Description on the fields of the display dhcp server statistics command
Field
Description
Global Pool
Statistics about global address pools
Interface Pool
Statistics about interface address pools
Pool Number
Number of address pools
Auto
Number of the automatically bound IP addresses
Manual
Number of the manually bound IP addresses
Expire
Number of the expired IP addresses
Boot Request:
6
Dhcp Discover:
1
Dhcp Request:
4
Statistics about the DHCP packets received from
Dhcp Decline:
0
DHCP clients
Dhcp Release:
1
Dhcp Inform:
0
1-19
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Field
Boot Reply:
Description
4
Dhcp Offer:
1
Statistics about the DHCP packets sent to DHCP
Dhcp Ack:
3
clients
Dhcp Nak:
0
Bad Messages
Number of the error DHCP packets
1.1.20 display dhcp server tree
Syntax
display dhcp server tree { pool [ pool-name ] | interface [ interface-type
interface-number ] | all }
View
Any view
Parameter
pool [ pool-name ]: Specifies a global address pool. The pool-name argument, a string
of 1 to 35 characters, is the name of an address pool. If you do not provide this
argument, this command applies to all global address pools.
interface [ interface-type interface-number ]: Specifies a VLAN interface. If you do not
specify a VLAN interface, this command applies to all VLAN interfaces.
all: Specifies all address pools.
Description
Use the display dhcp server tree command to display information about address
pool tree.
Example
# Display the information about address pool tree.
<3Com> display dhcp server tree all
Global pool:
Pool name: 5
network 10.10.1.0 mask 255.255.255.0
Child node:6
Sibling node:7
option 10 ip-address 255.0.0.0
expired 1 0 0
1-20
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Pool name: 6
static-bind ip-address 10.10.1.2 mask 255.0.0.0
static-bind mac-address 00e0-00fc-0001
Parent node:5
option 10 ip-address 255.255.0.0
expired 1 0 0
Pool name: 7
network 10.10.1.64 mask 255.255.255.192
PrevSibling node:5
option 10 ip-address 255.0.0.0
gateway-list 2.2.2.2
dns-list 1.1.1.1
domain-name 444444
nbns-list 3.3.3.3
expired 1 0 0
Table 1-5 Description on the fields of the display dhcp server tree command
Field
Description
Global pool
Information about global address pools
Interface pool
Information about interface address pools
Pool name
Address pool name
network
Assignable IP address range
static-bind ip-address 10.10.1.2
mask 255.0.0.0
static-bind
mac-address
Statically bound IP and MAC addresses
00e0-00fc-0001
1-21
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Field
Description
The address pool 6 is the child node of this
node.
This field can display the information about
the following types of node:
Child node: Displays the information about an
address pool that is a child of the current
address pool.
Parent node: Displays the information about
Child node:6
the address pool that is the parent of the
current address pool.
Sibling node: Displays the information about
the next sibling address pool of the current
address pool. (The order of sibling address
pools are determined by the time when they
are configured.)
PrevSibling node: Displays the information
about the previous sibling address pool of the
current address pool.
option
expired
gateway-list
dns-list
domain-name
nbns-list
Customized DHCP options
The address lease time (in terms of number of
days, hours, and minutes)
List of the gateways configured for the DHCP
clients
List of the DNS servers configured for the
DHCP clients
The domain name configured for the DHCP
clients
List of the NetBIOS servers configured for the
DHCP clients
1.1.21 dns-list
Syntax
dns-list ip-address&<1-8>
1-22
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
undo dns-list { ip-address | all }
View
DHCP address pool view
Parameter
ip-address&<1-8>: IP address of a DNS server. &<1-8> string means you can provide
up to eight DNS server IP addresses. When inputting more than one IP address,
separate two neighboring IP addresses with a space.
all: Specifies all configured DNS server IP addresses.
Description
Use the dns-list command to configure one or multiple DNS server IP addresses for a
global DHCP address pool.
Use the undo dns-list command to remove one or all DNS server IP addresses
configured for the DHCP address pool.
By default, no DNS server IP address is configured.
If you execute the dns-list command repeatedly, the new configuration overwrites the
previous one.
Related command: dhcp server dns-list and dhcp server ip-pool.
Example
# Configure the DNS server IP address 1.1.1.254 for global DHCP address pool 0.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0] dns-list 1.1.1.254
1.1.22 domain-name
Syntax
domain-name domain-name
undo domain-name
View
DHCP address pool view
Parameter
domain-name: Domain name for the DHCP clients of a global DHCP address pool, a
string of 3 to 50 characters.
1-23
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Description
Use the domain-name command to configure a domain name for the DHCP clients of
a global DHCP address pool.
Use the undo domain-name command to remove the domain name.
By default, no domain name is configured for the DHCP clients of a global DHCP
address pool.
Related command: dhcp server ip-pool and dhcp server domain-name.
Example
# Configure the domain name mydomain.com for the DHCP clients of the global
DHCP address pool 0.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0] domain-name mydomain.com
1.1.23 expired
Syntax
expired { day day [ hour hour [ minute minute ] ] | unlimited }
undo expired
View
DHCP address pool view
Parameter
day day: Specifies the number of days. The day argument ranges from 0 to 365.
hour hour: Specifies the number of hours. The hour argument ranges from 0 to 23.
minute minute: Specifies the number of minutes. The minute argument ranges from 0
to 59.
unlimited: Specifies that the lease time is unlimited. (But actually, the system limits the
maximum lease time to about 25 years.)
Description
Use the expired command to configure the lease time of the IP addresses in a global
DHCP address pool.
Use the undo expired command to restore the default lease time.
The default lease time is one day.
Related command: dhcp server ip-pool and dhcp server expired.
1-24
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Example
# Set the lease time of the IP addresses in the global DHCP address pool 0 to 1 day, 2
hours and 3 minutes.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0] expired day 1 hour 2 minute 3
1.1.24 gateway-list
Syntax
gateway-list ip-address&<1-8>
undo gateway-list { ip-address | all }
View
DHCP address pool view
Parameter
ip-address&<1-8>: IP address of a gateway. &<1-8> means you can provide up to
eight gateway IP addresses. When inputting more than one IP address, separate two
neighboring IP addresses with a space.
all: Specifies all configured gateway IP addresses.
Description
Use the gateway-list command to configure one or multiple gateway IP addresses for
the DHCP clients of a DHCP address pool.
Use the undo gateway-list command to remove one or all the configured gateway IP
addresses configured for the DHCP address pool.
By default, no gateway IP address is configured.
If you execute the gateway-list command repeatedly, the new configuration
overwrites the previous one.
Example
# Configure the gateway IP address 10.110.1.99 for the global DHCP address pool 0.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0] gateway-list 10.110.1.99
1-25
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
1.1.25 nbns-list
Syntax
nbns-list ip-address&<1-8>
undo nbns-list { ip-address | all }
View
DHCP address pool view
Parameter
ip-address&<1-8>: IP address of a NetBIOS server. &<1-8> means you can provide up
to eight NetBIOS server IP addresses. When inputting more than one IP address,
separate two neighboring IP addresses with a space.
all: Specifies all configured NetBIOS server IP addresses.
Description
Use the nbns-list command to configure one or multiple NetBIOS server IP addresses
for the DHCP clients of a global DHCP address pool.
Use the undo nbns-list command to remove one or all NetBIOS server IP addresses
configured for the DHCP clients.
By default, no NetBIOS server IP address is configured.
If you execute the nbns-list command repeatedly, the new configuration overwrites
the previous one.
Related command: dhcp server ip-pool, dhcp server nbns-list and netbios-type.
Example
# Configure the NetBIOS server IP address 10.12.1.99 for the global DHCP address
pool 0.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0] nbns-list 10.12.1.99
1.1.26 netbios-type
Syntax
netbios-type { b-node | h-node | m-node | p-node }
undo netbios-type
1-26
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
View
DHCP address pool view
Parameter
b-node: Specifies the broadcast type. Nodes of this type acquire host name-to-IP
address mapping by broadcasting.
p-node: Specifies the peer-to-peer type. Nodes of this type acquire host name-to-IP
address mapping by communicating with the NetBIOS server.
m-node: Specifies the mixed type. Nodes of this type are p-nodes with some
broadcasting features.
h-node: Specifies the hybrid type. Nodes of this type are b-nodes with peer-to-peer
communicating features.
Description
Use the netbios-type command to configure the DHCP clients of a global address
pool to be of specified NetBIOS node type.
Use the undo netbios-type command to restore the default NetBIOS node type.
By default, no NetBIOS node type is specified. In this case, the client uses h-node.
Related command: dhcp server ip-pool, dhcp server netbios-type and nbns-list.
Example
# Configure the DHCP clients of the global DHCP address pool 0 to be of b-node type.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0] netbios-type b-node
1.1.27 network
Syntax
network ip-address [ mask mask ]
undo network
View
DHCP address pool view
Parameter
ip-address: IP address of a network segment., used to specify an IP address range.
mask mask: Specifies a subnet mask in dotted decimal notation.
1-27
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
If neither subnet mask nor mask length is specified in this command, the default
subnet mask is adopted.
Description
Use the network command to configure a dynamically assigned IP address range
(where IP addresses will be dynamically assigned to DHCP clients).
Use the undo network command to remove a dynamically assigned IP address
range.
By default, no such IP address range is configured for a DHCP address pool.
Note that you can configure only one such IP address range for a DHCP address pool.
If you execute the network command repeatedly, the new configuration overwrites the
previous one.
Related command: dhcp server ip-pool and dhcp server forbidden-ip.
Example
# Configure the dynamically assigned IP address range 192.168.8.0/24 for the global
DHCP address pool 0.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0] network 192.168.8.0 mask 255.255.255.0
1.1.28 option
Syntax
option
code
{
ascii
ascii-string
|
hex
hex-string&<1-10>
|
ip-address
ip-address&<1-8> }
undo option code
View
DHCP address pool view
Parameter
code: Customized option number ranging from 2 to 254. Note that this argument
cannot be 3, 6, 15, 44, 46, 50 through 55, 57 through 59.
ascii ascii-string: Specifies a string that is of 1 to 63 characters. Note that each
character of the string needs to be an ASCII character.
hex hex-string&<1-10>: Specifies strings, a hexadecimal number of 1 to 8 digits. The
&<1-10> means that you can provide up to 10 such strings. When entering more than
one strings, separate two neighboring strings with a space.
1-28
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
ip-address ip-address&<1-8>: Specifies IP addresses. The &<1-8> string means that
you can provide up to eight IP addresses. When entering more than one IP addresses,
separate two neighboring IP addresses with a space.
Description
Use the option command to customize DHCP options for a global DHCP address
pool.
Use the undo option command to remove the customized DHCP options.
If you execute the option command repeatedly, the new configuration overwrites the
previous one.
Related command: dhcp server ip-pool and dhcp server option.
Example
# Configure option 100 to be 0x11 and 0x22 for the global DHCP address pools.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0] option 100 hex 11 22
1.1.29 reset dhcp server conflict
Syntax
reset dhcp server conflict { all | ip ip-address }
View
User view
Parameter
ip ip-address: Specifies an IP address, whose conflict statistics will be cleared.
all: Clears all address conflict statistics.
Description
Use the reset dhcp server conflict command to clear address conflict statistics.
Related command: display dhcp server conflict.
Example
# Clear all address conflict statistics.
<3Com> reset dhcp server conflict all
1-29
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
1.1.30 reset dhcp server ip-in-use
Syntax
reset dhcp server ip-in-use { all | interface [ interface-type interface-number ] | ip
ip-address | pool [ pool-name ] }
View
User view
Parameter
all: Clears the dynamic address binding information about all IP addresses.
interface [ interface-type interface-number ]: Clears the dynamic address binding
information about a specified interface address pool. If you do not specify the
interface-number argument, this command clears the dynamic address binding
information about all interface address pools.
ip ip-address: Clears the dynamic address binding information about a specified IP
address.
pool [ pool-name ]: Clears the dynamic address binding information about a specified
address pool. The pool-name argument, a string of 1 to 35 characters, is the name of
an address pool. If you do not provide this argument, this command clears the
dynamic address binding information about all global address pools.
Description
Use the reset dhcp server ip-in-use command to clear the specified or all dynamic
address binding information.
Related command: display dhcp server ip-in-use.
Example
# Clear the dynamic address binding information about the IP address 10.110.1.1.
<3Com> reset dhcp server ip-in-use ip 10.110.1.1
1.1.31 reset dhcp server statistics
Syntax
reset dhcp server statistics
View
User view
Parameter
None
1-30
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Description
Use the reset dhcp server statistics command to clear the statistics on a DHCP
server, such as the number of DHCP unrecognized packets/request packets/response
packets.
Related command: display dhcp server statistics.
Example
# Clear the statistics on a DHCP server.
<3Com> reset dhcp server statistics
1.1.32 static-bind ip-address
Syntax
static-bind ip-address ip-address [mask mask ]
undo static-bind ip-address
View
DHCP address pool view
Parameter
ip-address: IP address to be bound. If you do not specify the mask-length or mask
argument, the default subnet mask is used.
mask mask: Subnet mask of the specified IP address. If you do not specify the
mask-length or mask argument, the default subnet mask is used.
Description
Use the static-bind ip-address command to specify an IP address which will be
bound statically to a MAC address.
Use the undo static-bind ip-address command to remove a statically bound IP
address.
By default, no IP address is statically bound.
Note that:
z
The static-bind ip-address command must be used together with the
static-bind mac-address command, to specify a statically bound IP address or
MAC address.
z
If you execute the static-bind ip-address command repeatedly, the new
configuration overwrites the previous one.
Related command: dhcp server ip-pool and static-bind mac-address.
1-31
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
Example
# Bind the IP address 10.1.1.1 (with the subnet mask 255.255.255.0) to the MAC
address 0000-e03f-0305.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0
[3Com-dhcp-pool-0] static-bind mac-address 0000-e03f-0305
1.1.33 static-bind mac-address
Syntax
static-bind mac-address mac-address
undo static-bind mac-address
View
DHCP address pool view
Parameter
mac-address: MAC address of the host to which the IP address is to be bound. You
need to provide this argument in the form of H-H-H.
Description
Use the static-bind mac-address command to specify a MAC address to which an IP
address will be bound statically.
Use the undo static-bind mac-address command to remove such a MAC address.
By default, no such MAC address is specified.
Note that:
z
The static-bind ip-address command must be used together with the
static-bind mac-address command, to respectively specify a statically bound IP
address and MAC address.
z
If you execute the static-bind mac-address command or the static-bind
client-identifier command repeatedly, the new configuration overwrites the
previous one.
Related command: dhcp server ip-pool and static-bind ip-address.
Example
# Bind the IP address 10.1.1.1 (with the subnet mask 255.255.255.0) to the MAC
address 0000-e03f-0305.
<3Com> system-view
1-32
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 1 DHCP Server Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] dhcp server ip-pool 0
[3Com-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0
[3Com-dhcp-pool-0] static-bind mac-address 0000-e03f-0305
1-33
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
Chapter 2 DHCP Relay Configuration Commands
2.1 DHCP Relay Configuration Commands
2.1.1 address-check
Syntax
address-check enable
address-check disable
View
VLAN interface view
Parameter
None
Description
Use the address-check enable command to enable the address checking function of
the DHCP relay.
Use the address-check disable command to disable the address checking function
of the DHCP relay.
By default, the address checking function of the DHCP relay is disabled on a VLAN
interface.
Example
# Enable the address checking function of the DHCP relay on VLAN interface 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface vlan-interface 1
[3Com-Vlan-interface1] address-check enable
2.1.2 address-check dhcp-relay
Syntax
address-check dhcp-relay enable
address-check dhcp-relay disable
2-1
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
View
VLAN interface view
Parameter
None
Description
Use the address-check dhcp-relay enable command to validate the dynamic entries
generated by the DHCP relay.
Use the address-check dhcp-relay disable command to invalidate the dynamic
entries generated by the DHCP relay. If you invalidate the dynamic IP-to-MAC
mapping entries generated by the DHCP relay agent, this means that you specify the
clients as freely-connected hosts.
By default, the dynamic entries generated by the DHCP relay are valid.
Only valid entries can pass DHCP security check.
This configuration will take effect only after the address checking function of the DHCP
relay on the VLAN interface is enabled.
Example
# Invalidate the dynamic entries generated by the DHCP relay.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 1
[3Com-Vlan-interface1] address-check enable
[3Com-Vlan-interface1] address-check dhcp-relay disable
2.1.3 address-check no-matched
Syntax
address-check no-matched enable
address-check no-matched disable
View
VLAN interface view
Parameter
None
2-2
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
Description
Use the address-check no-matched enable command to forbid freely-connected
clients to pass DHCP security check.
Use the address-check no-matched disable command to allow freely-connected
clients to pass DHCP security check.
By default, freely-connected clients are not allowed to pass DHCP security check.
Freely-connected clients refer to the clients whose IP addresses and MAC addresses
are not in the DHCP security table.
This configuration will take effect only after the address checking function of the DHCP
relay on the VLAN interface is enabled.
Example
# Configure to not allow freely-connected clients to pass DHCP security check on
VLAN interface 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Vlan-interface 1
[3Com-Vlan-interface1] address-check enable
[3Com-Vlan-interface1] address-check no-matched enable
2.1.4 dhcp relay information enable
Syntax
dhcp relay information enable
undo dhcp relay information enable
View
System view
Parameter
None
Description
Use the dhcp relay information enable command to enable option 82 supporting on
a DHCP relay, through which you can enable the DHCP relay to insert option 82 into
DHCP request packets sent to a DHCP server.
Use the undo dhcp relay information enable command to disable option 82
supporting on a DHCP relay, through which you can disable the DHCP relay from
inserting option 82 into DHCP request packets sent to a DHCP server.
By default, this function is disabled.
2-3
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
Related command: dhcp relay information strategy.
Example
# Enable option 82 supporting on a DHCP relay.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp relay information enable
2.1.5 dhcp relay information strategy
Syntax
dhcp relay information strategy { drop | keep | replace }
undo dhcp relay information strategy
View
System view
Parameter
drop: Specifies to discard the DHCP request packets that carry option 82.
keep: Specifies to remain the DHCP request packets that carry option 82 unchanged.
replace: Specifies to replace the option 82 carried by a DHCP request packet with that
of the DHCP relay.
Description
Use the dhcp relay information strategy command to instruct a DHCP relay to
perform specified operations to DHCP request packets that carry option 82.
Use the undo dhcp relay information strategy command to instruct a DHCP relay to
perform the default operations to DHCP request packets that carry option 82.
By default, the DHCP relay replaces the option 82 carried by a DHCP request packet
with its own option 82.
dhcp relay information enable
Example
# Instruct the DHCP relay to drop the DHCP request packets that carry option 82.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp relay information strategy drop
2-4
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
2.1.6 dhcp-security static
Syntax
dhcp-security static ip-address mac-address
undo dhcp-security { ip-address | all | dynamic | static }
View
System view
Parameter
ip-address: User IP address.
mac-address: User MAC address.
all: Removes all user address entries.
dynamic: Removes dynamic user address entries.
static: Removes static user address entries.
Description
Use the dhcp-security static command to configure a static user address entry.
Use the undo dhcp-security command to remove one or all user address entries, or
all user address entries of a specified type.
Related Command: display dhcp-security.
Example
# Configure a user address entry for the DHCP server group, with the user IP address
being 1.1.1.1 and the user MAC address being 0005-5D02-F2B3.
<3Com> system-view
System View: return to User View with Ctrl+Z
[3Com] dhcp-security static 1.1.1.1 0005-5D02-F2B3
2.1.7 dhcp-security tracker
Syntax
dhcp-security tracker { interval | auto }
undo dhcp-security tracker [ interval ]
View
System view
Parameter
auto: Calculates the refresh interval according to the number of entries automatically.
2-5
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
interval: Specified refresh interval, in the range of 1 to 120 in seconds.
Description
Use the dhcp-security tracker command to configure the interval at which the DHCP
relay refreshes the addresses entries of dynamic users.
Use the undo dhcp-security tracker command to restore the default refresh interval.
By default, the refresh interval is auto, that is, the refresh interval is calculated
according to the number of entries.
Example
# Set the refresh interval to 100 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp-security tracker 100
2.1.8 dhcp-server
Syntax
dhcp-server groupNo
undo dhcp-server
View
VLAN interface view
Parameter
groupNo: DHCP server group number. This argument ranges from 0 to 19.
Description
Use the dhcp-server command to map the current VLAN interface to a DHCP server
group.
Use the undo dhcp-server command to cancel the mapping.
Related command: dhcp-server ip, display dhcp-server, and display dhcp-server
interface vlan-interface.
Example
# Specify that VLAN interface 1 corresponds to DHCP server group 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface vlan-interface 1
[3Com-Vlan-interface1] dhcp-server 1
2-6
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
2.1.9 dhcp-server ip
Syntax
dhcp-server groupNo ip ip-address&<1-8>
undo dhcp-server groupNo
View
System view
Parameter
groupNo: DHCP server group number, ranging from 0 to 19.
ip-address&<1-8>: IP address of the DNS server. &<1-8> indicates that up to eight IP
addresses can be input, with any two IP addresses separated by a space.
Description
Use the dhcp-server ip command to configure the DHCP server IP address(es) in a
specified DHCP server group.
Use the undo dhcp-server command to remove all DHCP server IP addresses in a
DHCP server group.
Related command: dhcp-server, and display dhcp-server.
Example
# Configure three DHCP server IP addresses 1.1.1.1, 2.2.2.2, and 3.3.3.3 for DHCP
server group 1, so that this group contains three DHCP servers (server 1, server 2 and
server 3).
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp-server 1 ip 1.1.1.1 2.2.2.2 3.3.3.3
2.1.10 display dhcp-security
Syntax
display dhcp-security [ ip-address | dynamic | static ]
View
Any view
Parameter
ip-address: IP address. This argument is used to display the user address entry with
the specified IP address.
2-7
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
dynamic: Displays the dynamic user address entries.
static: Displays the static user address entries.
Description
Use the display dhcp-security command to display one or all user address entries, or
a specified type of user address entries in the valid user address table of a DHCP
server group.
Example
# Display all user address entries contained in the valid user address table of the
DHCP server group.
<3Com> display dhcp-security
IP Address
MAC Address IP Address Type
2.2.2.3
0005-5d02-f2b2
Static
3.3.3.3
0005-5d02-f2b3
Dynamic
---
2 dhcp-security item(s) found
---
Table 2-1 Description on the fields of the display dhcp-security command
Field
Description
IP Address
IP address of a user of the DHCP server group
MAC Address
MAC address of the user of the DHCP server group
IP Address Type
Type of the user address entry (static/dynamic)
2.1.11 display dhcp-security tracker
Syntax
display dhcp-security tracker
View
System view
Parameter
None
Description
Use the display dhcp-security tracker command to display the interval at which the
DHCP relay refreshes the addresses entries of dynamic users.
2-8
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
Example
# Display the interval at which the DHCP relay refreshes the address entries of
dynamic users.
<3Com> display dhcp-security tracker
Current tracker interval: 10s
2.1.12 display dhcp-server
Syntax
display dhcp-server groupNo
View
Any view
Parameter
groupNo: DHCP server group number, ranging from 0 to 19.
Description
Use the display dhcp-server command to display information about a specified
DHCP server group.
Related command: dhcp-server ip, dhcp-server, and display dhcp-server
interface vlan-interface.
Example
# Display information about DHCP server group 0.
<3Com> display dhcp-server 0
IP address of DHCP server group 0:
1.1.1.1
IP address of DHCP server group 0:
2.2.2.2
IP address of DHCP server group 0:
3.3.3.3
IP address of DHCP server group 0:
4.4.4.4
IP address of DHCP server group 0:
5.5.5.5
IP address of DHCP server group 0:
6.6.6.6
IP address of DHCP server group 0:
7.7.7.7
IP address of DHCP server group 0:
8.8.8.8
Messages from this server group: 0
Messages to this server group: 0
Messages from clients to this server group: 0
Messages from this server group to clients: 0
DHCP_OFFER messages: 0
DHCP_ACK messages: 0
DHCP_NAK messages: 0
2-9
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
DHCP_DECLINE messages: 0
DHCP_DISCOVER messages: 0
DHCP_REQUEST messages: 0
DHCP_INFORM messages: 0
DHCP_RELEASE messages: 0
BOOTP_REQUEST messages: 0
BOOTP_REPLY messages: 0
Table 2-2 Description on the fields of the display dhcp-server command
Field
IP address of DHCP server
group 0:
Description
DHCP server IP addresses of DHCP server group 0
Messages from this server
Number of the packets received from the DHCP
group
server group
Messages to this server
Number of the packets sent to the DHCP server
group
group
Messages from clients to
Number of the packets received from the DHCP
this server group
clients
Messages from this server
group to clients
Number of the packets sent to the DHCP clients
DHCP_OFFER messages
Number of the received DHCP-OFFER packets
DHCP_ACK messages
Number of the received DHCP-ACK packets
DHCP_NAK messages
Number of the received DHCP-NAK packets
DHCP_DECLINE messages
Number of the received DHCP-DECLINE packets
DHCP_DISCOVER
messages
DHCP_REQUEST
messages
DHCP_INFORM messages
DHCP_RELEASE
messages
BOOTP_REQUEST
messages
BOOTP_REPLY messages
Number of the received DHCP-DISCOVER packets
Number of the received DHCP-REQUEST packets
Number of the received DHCP-INFORM packets
Number of the received DHCP-RELEASE packets
Number of the BOOTP request packets
Number of the BOOTP response packets
2-10
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
2.1.13 display dhcp-server interface
Syntax
display dhcp-server interface Vlan-interface vlan-id
View
Any view
Parameter
vlan-id: VLAN ID.
Description
Use the display dhcp-server interface command to display information about the
DHCP server group to which a VLAN interface is mapped.
Related command: dhcp-server and display dhcp-server.
Example
# Display information about the DHCP server group to which VLAN 2 interface is
mapped.
<3Com> display dhcp-server interface vlan-interface 2
The DHCP server group of this interface is 2
The above display information indicates the VLAN 2 interface is mapped to DHCP
server group 0.
2.1.14 reset dhcp-server
Syntax
reset dhcp-server groupNo
View
User view
Parameter
groupNo: DHCP server group number, ranging from 0 to 19.
Description
Use the reset dhcp-server command to clear the statistics information of the
specified DHCP server group.
Related command: dhcp server and display dhcp-server.
2-11
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 2 DHCP Relay Configuration Commands
Example
# Clear the statistics information of DHCP server group 2.
<3Com> reset dhcp-server 2
2-12
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 3 DHCP Snooping Configuration Commands
Chapter 3 DHCP Snooping Configuration
Commands
3.1 DHCP Snooping Configuration Commands
3.1.1 dhcp-snooping
Syntax
dhcp-snooping
undo dhcp-snooping
View
System view
Parameter
None
Description
Use the dhcp-snooping command to enable the DHCP snooping function, so as to
allow the switch to listen to the DHCP broadcast packets. Use the undo
dhcp-snooping command to disable the DHCP snooping function.
By default, the DHCP snooping function is disabled.
Related command: display dhcp-snooping.
Example
# Enable the DHCP snooping function.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp-snooping
3.1.2 dhcp-snooping trust
Syntax
dhcp-snooping trust
undo dhcp-snooping trust
3-1
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 3 DHCP Snooping Configuration Commands
View
Ethernet port view
Parameter
None
Description
Use the dhcp-snooping trust command to set an Ethernet port to a trusted port.
Use the undo dhcp-snooping trust command to restore an Ethernet port to an
untrusted port.
DHCP snooping security allow you to set a port to a trusted port or an untrusted port,
so that DHCP clients can obtain IP addresses from only valid DHCP servers.
z
Trusted ports can be used to connect DHCP servers or ports of other switches.
Untrusted ports can be used to connect DHCP clients or networks.
z
Trusted ports forward any received DHCP packets to ensure that DHCP clients
can obtain IP addresses from valid DHCP servers. Untrusted ports discard the
DHCP-ACK and DHCP-OFF responses received from DHCP servers.
z
By default, all the ports of a switch are untrusted ports.
Related command: display dhcp-snooping trust.
Example
# Set the Ethernet1/0/1 port to a trusted port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com-Ethernet1/0/1] dhcp-snooping trust
3.1.3 dhcp-snooping information enable
Syntax
dhcp-snooping information enable
undo dhcp-snooping information enable
View
System view
Parameter
None
3-2
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 3 DHCP Snooping Configuration Commands
Description
Use the dhcp-snooping information enable command to enable DHCP-Snooping
option 82.
Use
the
undo
dhcp-snooping
information
enable
command
to
disable
DHCP-Snooping option 82.
DHCP-Snooping option 82 is disabled by default.
Example
# Enable DHCP-Snooping option 82.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dhcp-snooping information enable
DHCP snooping option 82 is enabled globally.
3.1.4 display dhcp-snooping
Syntax
display dhcp-snooping
View
Any view
Parameter
None
Description
Use the display dhcp-snooping command to display the IP-MAC mapping relations
recorded by the DHCP snooping-enabled switch.
Related command: dhcp-snooping.
Example
# Display the IP-MAC mapping relations recorded by the DHCP snooping-enabled
switch.
<3Com> display dhcp-snooping
DHCP snooping is enabled globally.
Type : D--Dynamic , S--Static
Type IP Address
MAC Address
Lease
VLAN Interface
==== =============== =============== ========= ==== =================
---
0 DHCP snooping item(s) found
3-3
---
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 3 DHCP Snooping Configuration Commands
3.1.5 display dhcp-snooping trust
Syntax
display dhcp-snooping trust
View
Any view
Parameter
None
Description
Use the display dhcp-snooping trust command to display the (enabled/disabled)
state of the DHCP snooping function and the trusted ports.
Related command: dhcp-snooping trust.
Example
# Display the state of the DHCP snooping function and the trusted ports.
<3Com> display dhcp-snooping trust
DHCP-Snooping is enabled.
DHCP-Snooping trust become effective
Interface
Trusted
=================================
Ethernet3/0/3
Trusted
The above information indicates that the Ethernet3/0/3 port is a trusted port.
3.1.6 display dhcp-snooping vlan
Syntax
display dhcp-snooping vlan { vlan-id | all }
View
Any view
Parameter
vlan-id: Specifies a VLAN ID.
all:
Displays
all
the
IP/MAC
DHCP-Snooping-enabled switch.
3-4
mapping
relations
recorded
by
the
3Com Switch 7750 Series
Command Reference Guide – DHCP
Chapter 3 DHCP Snooping Configuration Commands
Description
Use the display dhcp-snooping vlan command to display the IP-MAC mapping
relations recorded by the DHCP-Snooping-enabled switch in the specified VLAN.
Example
# Display the IP-MAC mapping relations recorded by the DHCP-Snooping-enabled
switch in VLAN 2.
<3Com> display dhcp-snooping vlan 2
DHCP snooping is enabled globally.
The client binding table for untrusted ports on the VLANs assigned.
Type : D--Dynamic , S--Static
Type IP Address
MAC Address
Lease
VLAN Interface
==== =============== =============== ========= ==== =================
D
---
3.3.3.2
0012-3f83-6eef
1 dhcp snooping item(s) found
0
2
Ethernet3/0/1
---
3.1.7 reset dhcp-snooping
Syntax
reset dhcp-snooping [ ip-address ]
View
User view
Parameter
ip-address:
Clears
the
IP/MAC
mapping
relations
recorded
by
the
DHCP-Snooping-enabled switch.
Description
Use the reset dhcp-snooping command to clear the specified IP-MAC mapping
relation or all the IP-MAC mapping relations recorded by the DHCP-Snooping-enabled
switch.
Related command: dhcp server and display dhcp-server.
Example
# Clear the 10.1.1.1-MAC mapping relation recorded by the DHCP-Snooping-enabled
switch.
<3Com> reset dhcp-snooping 10.1.1.1
3-5
3Com Switch 7750 Series
Command Reference Guide – ACL
Table of Contents
Table of Contents
Chapter 1 ACL Commands........................................................................................................... 1-1
1.1 ACL Configuration Commands .......................................................................................... 1-1
1.1.1 acl............................................................................................................................ 1-1
1.1.2 acl mode.................................................................................................................. 1-2
1.1.3 acl order .................................................................................................................. 1-3
1.1.4 display acl config ..................................................................................................... 1-4
1.1.5 display acl config statistics ...................................................................................... 1-5
1.1.6 display acl mode...................................................................................................... 1-5
1.1.7 display acl order ...................................................................................................... 1-6
1.1.8 display acl remaining entry...................................................................................... 1-6
1.1.9 display acl running-packet-filter............................................................................... 1-8
1.1.10 display time-range................................................................................................. 1-8
1.1.11 packet-filter.......................................................................................................... 1-10
1.1.12 reset acl counter.................................................................................................. 1-13
1.1.13 rule (Basic ACL) .................................................................................................. 1-14
1.1.14 rule (Advanced ACL)........................................................................................... 1-15
1.1.15 rule (Layer 2 ACL)............................................................................................... 1-21
1.1.16 rule (user-defined ACL)....................................................................................... 1-24
1.1.17 time-range ........................................................................................................... 1-25
i
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Chapter 1 ACL Commands
1.1 ACL Configuration Commands
Note:
The A-type cards includes 3C16860, 3C16861, 3C16858, and 3C16859.
1.1.1 acl
Syntax
acl { number acl-number | name acl-name [ advanced | basic | link | user ] }
[ match-order { config | auto } ]
undo acl { number acl-number | name acl-name | all }
View
System view
Parameter
number acl-number: Specifies the number of an access control list (ACL) in the range
of:
2,000 to 2,999: identifies basic ACLs.
3,000 to 3,999: identifies advanced ACLs.
4,000 to 4,999: identifies layer 2 ACLs.
5,000 to 5,999: identifies user-defined ACLs.
name acl-name: Character string, which must be started with an English letter (i.e., a-z
or A-Z), and there should not be a space or quotation mark in it; case insensitive, key
word all is not allowed to use.
advanced: Advanced ACL.
basic: Basic ACL.
link: Layer 2 ACL.
user: User-defined ACL..
config: When matching ACL rules, the user’s configuration order is employed.
auto: When matching ACL rules, depth first order is employed.
1-1
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
all: Cancels all ACLs (including those identified by a number or a name).
Description
Use the acl command to define an ACL and enter the corresponding ACL view.
Use the undo acl command to delete all entries of an ACL identified by a number or a
name, or the entire ACL.
By default, ACL rules are matched according to the configured order (config).
After entering the corresponding ACL view, you can use the rule command to add
entries to the ACL (use the quit command to quit ACL view).
Note:
User-defined ACL can only be activated on the cards except A type ones.
You can use the match-order keyword to specify whether to use the configured order
or “depth-first” order (rules with smaller ranges are matched first) to match rules. If
neither match orders are specified, the configured match order will be adopted.
You cannot modify the match order for an ACL once you have specified it, unless you
delete all the entries of the ACL, and specify the match order over again.
The ACL match order feature is effective only when the ACL is referenced by software
for data filtering and traffic classification.
Related command: rule, acl mode.
Example
# Define rules for ACL 2000, and specify “depth-first” order as the rule match order.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] acl number 2000 match-order auto
1.1.2 acl mode
Syntax
acl mode { ip-based | link-based }
View
System view
1-2
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Parameter
ip-based: Performs traffic classification based on Layer 3 information.
link-based: Performs traffic classification based on Layer 2 information.
Description
Use the acl mode command to set the traffic classification mode for the device.
By default, traffic classification is performed based on Layer 3 information.
Related command: acl.
Note:
This configuration is only effective on A type cards.
Example
# Specify to perform traffic classification based on Layer 3 information.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] acl mode ip-based
1.1.3 acl order
Syntax
acl order { auto | first-config-first-match | last-config-first-match }
View
System view
Parameter
auto: Specifies the ACL rules sent to a port are match according to the depth-first
order.
first-config-first-match: Specifies the ACL rules sent to a port are matched according
to the sending order: first sent, first matched.
last-config-first-match: Specifies the ACL rules sent to a port are matched according
to the sending order: last sent, first matched.
Description
Use the acl order command to set the match order for the ACL rules sent to a port.
1-3
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
By default, the configured ACL rules sent to a port take effect in the depth-first order.
Use the acl match-order { config | auto } command to set the match order of ACL
rules when they are configured (before they are sent to a port). While use the acl
order command is to set the match order of ACL rules after they are configured (after
they are sent to a port).
Example
# Configure the match order of ACL rules sent to a port as first-config-first-match order.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] acl order first-config-first-match
1.1.4 display acl config
Syntax
display acl config { all | acl-number | acl-name }
View
Any view
Parameter
all: Displays all ACLs (including those identified by a number or a name).
acl-number: Sequence number of the ACL to be displayed. It can be a number chosen
from 2000~5999.
acl-name: Name of the ACL to be displayed. It is a case insensitive character string
started with an English letter (a-z or A-Z), and there should not be a space or quotation
mark in it; the all keyword is not allowed to use in it.
Description
Using the display acl config command, you can view the detailed configuration
information of an ACL, including every subrule, sequence number and the times
matched with this rule.
The matched times displayed by this command is software matched times, namely,
the matched times of ACL to be processed by switch CPU. You can use the
traffic-statistic command to calculate the matched times of hardware during
packet-forwarding. You can use the display qos-interface traffic-statistic command
to view the calculation result. For the traffic-statistic and display qos-interface
traffic-statistic commands, refer to the QoS part of the Command Manual.
Example
# Display all content of ACL.
1-4
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
<3Com> display acl config all
Basic ACL 2000, 1 rule,
rule 0 permit source 1.1.1.1 0 (0 times matched)
1.1.5 display acl config statistics
Syntax
display acl config statistics
View
Any view
Parameter
None
Description
Use the command display acl config statistics to display the statistics of the current
configured ACL rules, including the basic, advanced, Layer 2 and user-defined ACL
rules number, and the total number of ACL rules configured by the system.
Example
# Display statistics information about the current configured ACL rules.
[3Com] display acl config statistics
The configured rule statistics:
Basic rule(s): 5
Advanced rule(s): 132
Link rule(s): 4
User rule(s): 2
Total 143 rule(s) configured
1.1.6 display acl mode
Syntax
display acl mode
View
Any view
Parameter
None
1-5
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Description
Use the display acl mode command to view the ACL running mode chosen by the
switch for filtering the traffic.
Example
# Display the ACL running mode chosen by the switch.
<3Com> display acl mode
The current acl mode: ip-based.
1.1.7 display acl order
Syntax
display acl order
View
Any view
Parameter
None
Description
Use the display acl order command to display the match order of the ACL rules sent
to a port.
Example
# Display the match order of ACL rules sent to a port
<3Com> display acl order
the current order is auto
1.1.8 display acl remaining entry
Syntax
display acl remaining entry slot slot-number
View
Any view
Parameter
slot-number: Number of a slot. The number 0 indicates the SRPU.
1-6
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Description
Use the display acl remaining entry slot command to display the remaining ACL
entries on a specified slot. The displayed content includes the entry resource type,
total entries resource number, reserved entries number for system ACL, number of
configured ACL entries, number of remaining ACL entries, and the corresponding start
port number and end port number of each type of entry.
Example
# Display the remaining ACL resource on the SRPU.
<3Com> display acl remaining entry slot 3
Slot: 3
Resource Total
Type
Reserved Configured Remaining
Number
Number
Number
Number
Start
End
Port Name Port Name
-------------------------------------------------------------------------MASK
16
6
1
9
GE3/0/1
RULE
128
17
1
110
GE3/0/1
GE3/0/1
METER
128
11
1
116
GE3/0/1
GE3/0/1
COUNTER
1
113
GE3/0/1
GE3/0/1
128
14
MASK
16
6
1
9
RULE
128
17
1
110
GE3/0/2
GE3/0/2
METER
128
11
1
116
GE3/0/2
GE3/0/2
COUNTER
128
14
1
113
GE3/0/2
GE3/0/2
GE3/0/2
GE3/0/1
GE3/0/2
Table 1-1 Description on the fields of the display acl remaining entry slot command
Field
Description
ResouceType
Entry resource type
Total Number
Total entries resource number
Reserved Number
Number of entries reserved for system
ACL during initiation
Configured Number
Number of entries used by the ACL
configured by users
Remaining Number
Number of remaining entries
Start PortName
The corresponding start port number of
each type of entry
End PortName
The corresponding end port number of
each type of entry
1-7
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
1.1.9 display acl running-packet-filter
Syntax
display acl running-packet-filter { all | interface interface-type interface-number }
View
Any view
Parameter
all: Represents all the ACLs to be displayed (including those identified by a number or
a name).
interface interface-type interface-number: Interface of the switch.
Description
Use the display acl running -packet-filter command to view the information of the
activated ACL. The displayed content includes the interface on which ACL is activated,
the activation direction, ACL name, ACL rule number and activation status.
Example
# Display the information of the activated ACL of all interfaces.
<3Com> display acl running-packet-filter all
Ethernet3/0/1
Inbound:
Acl 2000 rule 0 running
1.1.10 display time-range
Syntax
display time-range { all | time-name }
View
Any view
Parameter
all: Specifies to display all time ranges.
name: Name of a time range, a string that starts with [a-z, A-Z] and contains up to 32
characters.
1-8
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Description
Use the display time-range command to view the configuration and status of the
current time range. For an active time range, this command displays “active”; for an
inactive time range, this command displays “inactive”.
Note that there is a delay (about 1 minute) when the system updates the ACL status.
And the display time-range command will judge according to the current time.
Therefore, sometimes you may find that a time range is active while the ACL
referencing the time range is not activated by using the display time-range command.
This is natural.
Related command: time-range.
Example
# Display all time ranges.
<3Com> display time-range all
Current time is 14:36:36 4-3-2003 Thursday
Time-range : hhy ( Inactive )
from 08:30 2-5-2005 to 18:00 2-19-2005
Time-range : hhy1 ( Inactive )
from 08:30 2-5-2003 to 18:00 2-19-2003
Table 1-2 Description on the fields of the display time-range command
Field
Current time is
4-3-2003 Thursday
Description
14:36:36
Time-range : hhy ( Inactive )
from 08:30 2-5-2005 to 18:00
2-19-2005
System time
Time range hhy. “Inactive” indicates that this time
range is currently in the inactive state (while
“Active” indicates that the time range is in the
active state), and the time range is from 8:30
February 5, 2005 to 18:00 February 19 2005.
# Display the time range named “tm1”.
<3Com> display time-range tm1
Current time is 14:37:31 4-3-2003 Thursday
Time-range : tm1 ( Inactive )
from 08:30 2-5-2005 to 18:00 2-19-2005
1-9
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Table 1-3 Description of the fields of the display time-range command
Field
Description
Current time is
4-3-2003 Thursday
14:36:36
Time-range : tm1 ( Inactive )
from 08:30 2-5-2005 to 18:00
2/19/2005
The current time of the system.
Time range tm1. “Inactive” indicates that this
time range is currently in the inactive state (while
“Active” indicates that the time range is in the
active state), and the time range is from 8:30
February 5, 2005 to 18:00 February 19 2005.
1.1.11 packet-filter
Syntax
I. The command line format for A type card
packet-filter
{
inbound
|
outbound
}
acl-rule
[
system-index
]
[ not-care-for-interface ]
undo packet-filter { inbound | outbound } acl-rule [ not-care-for-interface ]
II. The command line format for the cards except A type ones
packet-filter inbound acl-rule [ system-index ]
undo packet-filter inbound acl-rule
Note:
Combined activating of IP ACL and Link ACL is supported by the cards except A type
ones. But the sum of the bytes number defined by IP ACL and that defined by the Link
ACL can not exceed 32 bytes; otherwise the ACL can not be activated.
View
QoS view
Parameter
inbound: Specifies to filter packets received on the port.
outbound: Specifies to filter packets sent through the port.
acl-rule: Applied ACL rules, which can be the combination of different types of ACL
rules. Table 1-4and Table 1-6 describe the ACL combinations on service board of A
type and the corresponding parameter description. Table 1-5 and Table 1-6 describe
1-10
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
the ACL combinations on service boards other than A type and the corresponding
parameter description.
Table 1-4 Combined application of ACLs on service board of A type
Combination mode
Form of acl-rule
Apply all rules in an IP type ACL
separately
ip-group { acl-number | acl-name }
Apply one rule in an IP type ACL
separately
ip-group { acl-number | acl-name } rule
rule-id
Apply all rules in a link type ACL
separately
link-group { acl-number | acl-name }
Apply one rule in a link type
separately
link-group { acl-number | acl-name } rule
rule-id
Apply one rule in an IP type ACL
and one rule in a link type ACL
simultaneously
ip-group { acl-number | acl-name } rule
rule-id link-group { acl-number | acl-name }
rule rule-id
Table 1-5 Combined application of ACLs on service board other than A type.
Combination mode
Form of acl-rule
Apply all rules in an IP type ACL
separately
ip-group { acl-number | acl-name }
Apply one rule in an IP type ACL
separately
ip-group { acl-number | acl-name } rule
rule-id
Apply all rules in a link type ACL
separately
link-group { acl-number | acl-name }
Apply one rule in a link type
separately
link-group { acl-number | acl-name } rule
rule-id
Apply all rules in a user-defined
ACL separately
user-group { acl-number | acl-name }
Apply one rule in a user-defined
ACL separately
user-group { acl-number | acl-name } rule
rule-id
Apply one rule in an IP type ACL
and one rule in a Link type ACL
simultaneously
ip-group { acl-number | acl-name } rule
rule-id link-group { acl-number | acl-name }
rule rule-id
1-11
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Table 1-6 Parameters description of ACL combinations
Parameter
Description
Basic and advanced ACL.
ip-group { acl-number |
acl-name }
acl-number: ACL number of basic and advanced ACL,
ranging from 2,000 to 3,999.
acl-name: ACL name, case insensitive string, up to 32
characters long, beginning with an English letter (a to z
or A to Z), without space or quotation mark.
Layer 2 ACL
link-group { acl-number |
acl-name }
acl-number: ACL number of the Layer 2 ACL, ranging
from 4,000 to 4,999.
acl-name: ACL name, case insensitive string, up to 32
characters long, beginning with an English letter (a to z
or A to Z), without space or quotation mark.
User-defined ACL
user-group { acl-number |
acl-name }
rule-id
acl-number: ACL number of the user-defined ACL,
ranging from 5,000 to 5,999.
acl-name: ACL name, case insensitive string, up to 32
characters long, beginning with an English letter (a to z
or A to Z), without space or quotation mark.
Number of the ACL rule, ranging from 0 to 127. If this
argument is not specified, all rules in the specified ACL
will be applied.
system-index: Specifies an interior index value which is used when an ACL rule is
applied to the port. The index value ranges from 0 to 4294,967,295. This keyword is
only available when the ACL rule number is specified in the command. After the
specified ACL takes effect, there are three scenarios when you input the index value:
z
If you do not input an index value or the index value you input is 0, the system will
automatically assign an index whose value is greater than 0;
z
If the input index value is not 0 and does not conflict with the interior index used
by the system, the system will adopt the index value input by you;
z
If the input index value is not 0 but conflicts with the interior index used by the
system, the system will reassign an index value.
When the specified ACL rule is not effective, the system will adopt the index value
input by you.
not-care-for-interface: As for non-48-port interface card, the packet-filtering function
will take place on the interface card where the current port resides after the parameter
is chosen. As for the 48-port interface, if the number of the current port belong to the
range of 1 to 24, the packet filtering will take effect on port 1 to port 24 after the
parameter is chosen; if the number of the current port belong to the range of 25 to 48,
the packet filtering will take effect on port 25 to port 48 after the parameter is chosen.
1-12
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Description
Use the packet-filter command to activate ACL on a port to filter packets.
Use the undo packet-filter command to cancel it.
Note:
ARP packets are allowed to pass by default on the Switch 7750. You cannot use the
packet-filter command to filter ARP packets, even though you have used the rule
command to define a Layer 2 ACL, in which the argument protocol is defined as ARP.
Example
# Apply ACL 2000 on Ethernet 3/0/1 to filter packets.
[3Com-qoss-Ethernet3/0/1] packet-filter inbound ip-group 2000
1.1.12 reset acl counter
Syntax
reset acl counter { all | acl-number | acl-name }
View
User view
Parameter
all: All ACLs (including those identified by a number or a name).
acl-number: The sequence number of an ACL, ranging from 2000~3999.
acl-name: ACL name, a case insensitive character string, which must start with an
English letter (a-z or A-Z), and there should not be a space or quotation mark in it; key
word all is not allowed to use.
Description
Use the reset acl counter command to clear ACL statistics.
Table 1-7 The comparison between reset commands of statistics information
Command
reset acl counter
Function
Reset the statistics information of the ACL which is used to
filter or classify the data treated by the software of a switch.
The case includes: ACL cited by route policy function, ACL
used for controlling logon user, etc.
1-13
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Command
reset
traffic-statistic
Function
Reset statistic information of traffic. This command is
applicable to the ACL which is used to filter or classify the
data transmitted by the hardware of a switch. Commonly,
this command is used to reset the statistics information
recorded by the traffic-statistic command.
Example
# Clear the statistic information of ACL 2000.
<3Com> reset acl counter 2000
1.1.13 rule (Basic ACL)
Syntax
rule [ rule-id ] { permit | deny } [ source { source-addr wildcard | any } | fragment |
time-range time-name ]*
undo rule rule-id [ source | fragment | time-range ]*
View
Basic ACL view
Parameter
rule-id: ACL rule ID, in the range of 0 to 127.
deny: Drops packets that satisfy the condition.
permit: Permits packets that satisfy the condition to pass.
fragment: Specifies that the rule takes effect on non-initial fragment packets.
source { sour-addr sour-wildcard | any }: Specifies the source address information in
the rule. sour-addr is used to specify the source IP address of the packet, expressed in
dotted decimal notation. sour-wildcard is used to specify the wildcard mask for the
source subnet mask of the packet, expressed in dotted decimal notation. For example,
you need to input 0.0.255.255 for the subnet mask 255.255.0.0. You can set
sour-wildcard to 0 to represent the host IP address. any is used to represent any
arbitrary IP address.
time-range time-name: Specifies a time range within which the rule is valid.
Description
Use the rule command to define an ACL rule.
Use the undo rule command to delete an ACL rule or the attribute information of an
ACL rule.
1-14
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Before you can delete a rule, you need to specify the rule ID. If you do not know the
rule ID, you can view it by the display acl command.
In the case that you specify the rule ID when defining a rule:
z
If the rule corresponding to the specified rule ID already exists, you will edit the
rule, and the modified part in the rule will replace the original content, while other
parts remain unchanged.
z
If the rule corresponding to the specified rule ID does not exists, you will create
and define a new rule.
z
The content of a modified or created rule must not be identical with the content of
any existing rule; otherwise the rule modification or creation will fail, and the
system will prompt that the rule already exists.
If you do not specify a rule ID, you will create and define a new rule, and the system
will assign an ID for the rule automatically.
Note:
The ACL rule configured with the fragment keyword can not be applied to the A type
card.
Example
# Define a rule to deny the packets whose source IP addresses are 1.1.1.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] acl number 2000
[3Com-acl-basic-2000] rule deny source 1.1.1.1 0
1.1.14 rule (Advanced ACL)
Syntax
rule [ rule-id ] { permit | deny } rule-string
undo rule rule-id [ source | destination | source-port | destination-port | icmp-type
| precedence | tos | dscp | fragment | time-range ]*
View
Advanced ACL view
Parameter
rule-id: ACL rule ID, in the range of 0 to 127.
deny: Drops packets that satisfy the condition.
1-15
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
permit: Permits packets that satisfy the condition to pass.
rule-string: Rule information, which can be combination of the parameters described in
Table 1-8. You need to configure the protocol argument in the rule information before
you can configure other arguments.
Table 1-8 Rule information
Parameter
Type
Function
Description
When expressed in numerals,
the value range is 1 to 255.
Protocol
type
Type of the
protocols
carried by IP
Source
address
information
Specifies the
source address
information in
the rule
destination
{
dest-addr
dest-wildcard |
any }
Destination
address
information
Specifies the
destination
address
information in
the rule
precedence
precedence
Packet
precedence
IP priority
Value range: 0 to 7
tos tos
Packet
precedence
ToS priority
Value range: 0 to 15
dscp dscp
Packet
precedence
DSCP priority
Value range: 0 to 63
fragment
Fragment
information
Specifies that
the
rule
is
effective
for
non-initial
fragment
packets
—
time-range
time-name
Time range
information
Specifies the
time range in
which the rule
is active
—
protocol
source
{
sour-addr
sour-wildcard |
any }
1-16
When expressed with a name,
the value can be GRE, ICMP,
IGMP, IP, IPinIP, OSPF, TCP,
and UDP.
sour-addr sour-wildcard is used
to specify the source address of
the packet, expressed in dotted
decimal notation.
any represents
address.
any
source
dest-addr dest-wildcard is used
to specify the destination
address
of
the
packet,
expressed in dotted decimal
notation.
any represents any destination
address.
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Note:
sour-wildcard/dest-wildcard is the complement of the wildcard mask of the
source/destination subnet mask. For example, you need to input 0.0.255.255 to
specify the subnet mask 255.255.0.0. The arguments can be set as 0 to represent the
host IP address.
To define DSCP priority, you can directly input a value ranging from 0 to 63, or input a
keyword listed in Table 1-9.
Table 1-9 Description of DSCP values
Keyword
DSCP value in decimal
DSCP value in binary
ef
46
101110
af11
10
001010
af12
12
001100
af13
14
001110
af21
18
010010
af22
20
010100
af23
22
010110
af31
26
011010
af32
28
011100
af33
30
011110
af41
34
100010
af42
36
100100
af43
38
100110
cs1
8
001000
cs2
16
010000
cs3
24
011000
cs4
32
100000
cs5
40
101000
cs6
48
110000
cs7
56
111000
be (default)
0
000000
1-17
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
To define the IP precedence, you can directly input a value ranging from 0 to 7, or input
a keyword listed in the following table.
Table 1-10 Description of IP precedence value
IP Precedence value in
decimal
IP Precedence value in
binary
routine
0
000
priority
1
001
immediate
2
010
flash
3
011
flash-override
4
100
critical
5
101
internet
6
110
network
7
111
Keyword
To define the ToS value, you can directly input a value ranging from 0 to 15, or input a
keyword listed in the following table.
Table 1-11 Description of ToS value
Keyword
ToS value in decimal
ToS value in binary
normal
0
0000
min-monetary-cost
1
0001
max-reliability
2
0010
max-throughput
4
0100
min-delay
8
1000
If the protocol type is TCP or UDP, you can also define the following information:
1-18
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Table 1-12 TCP/UDP-specific rule information
Parameter
Function
Description
Source
port(s)
Defines
the
source
port
information
of
UDP/TCP
packets
destination-port
operator
port1
[ port2 ]
Destination
port(s)
Defines
the
destination port
information
of
UDP/TCP
packets
The value of operator can
be lt (less than), gt (greater
than), eq (equal to), neq
(not equal to) or range
(within the range of) Only
the range requires two port
numbers as the operands,
and other operators require
only one port number as the
operand.
established
“TCP
connection
established”
flag
Specifies
that
the
rule
will
match
TCP
connection
packets with the
ack or rst flag
source-port
operator
port1
[ port2 ]
Type
port1 and port2: TCP/UDP
port number(s), expressed
with name(s) or numerals;
when
expressed
with
numerals, the value range
is 0 to 65,535.
TCP-specific argument
Note:
Only the A type card supports the “range” operation on the TCP/UDP port.
If the protocol type is ICMP, you can also define the following information:
Table 1-13 ICMP-specific rule information
Parameter
icmp-type
icmp-type
icmp-code
Type
Function
Type
and
message
code
information
of
ICMP
packets
Specifies
the
type
and
message code
information of
ICMP packets
in the rule
Description
icmp-type: ICMP message
type, ranging 0 to 255
icmp-code: ICMP message
code, ranging 0 to 255
If the protocol type is ICMP, you can also directly input the ICMP message name after
the icmp-type argument. Table 1-14 describes some common ICMP messages.
1-19
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Table 1-14 ICMP messages
Name
ICMP TYPE
ICMP CODE
echo
Type=8
Code=0
echo-reply
Type=0
Code=0
fragmentneed-DFset
Type=3
Code=4
host-redirect
Type=5
Code=1
host-tos-redirect
Type=5
Code=3
host-unreachable
Type=3
Code=1
information-reply
Type=16
Code=0
information-request
Type=15
Code=0
net-redirect
Type=5
Code=0
net-tos-redirect
Type=5
Code=2
net-unreachable
Type=3
Code=0
parameter-problem
Type=12
Code=0
port-unreachable
Type=3
Code=3
protocol-unreachable
Type=3
Code=2
reassembly-timeout
Type=11
Code=1
source-quench
Type=4
Code=0
source-route-failed
Type=3
Code=5
timestamp-reply
Type=14
Code=0
timestamp-request
Type=13
Code=0
ttl-exceeded
Type=11
Code=0
Description
Use the rule command to define an ACL rule.
Use the undo rule command to delete an ACL rule or the attribute information of an
ACL rule.
Before you can delete a rule, you need to specify the rule ID. If you do not know the
rule ID, you can view it by the display acl command.
In the case that you specify the rule ID when defining a rule:
z
If the rule corresponding to the specified rule ID already exists, you will edit the
rule, and the modified part in the rule will replace the original content, while other
parts remain unchanged.
1-20
3Com Switch 7750 Series
Command Reference Guide – ACL
z
Chapter 1 ACL Commands
If the rule corresponding to the specified rule ID does not exists, you will create
and define a new rule.
z
The content of a modified or created rule must not be identical with the content of
any existing rule; otherwise the rule modification or creation will fail, and the
system will prompt that the rule already exists.
If you do not specify a rule ID, you will create and define a new rule, and the system
will assign an ID for the rule automatically.
Note:
A type card does not support ACL rules configured with icmp-type type code, tos tos,
or fragment.
Example
# Define a rule to permit packets from hosts in the network segment of 129.9.0.0 to
hosts in the network of 202.38.160.0 and with the port number of 80 to pass.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] acl number 3101
[3Com-acl-adv-3101] rule permit tcp source 129.9.0.0 0.0.255.255 destination
202.38.160.0 0.0.0.255 destination-port eq 80
1.1.15 rule (Layer 2 ACL)
Syntax
rule [ rule-id ] { permit | deny } [ rule-string ]
undo rule rule-id
View
Layer 2 ACL view
Parameter
rule-id: ACL rule ID, in the range of 0 to 127.
deny: Drops packets that satisfy the condition.
permit: Permits packets that satisfy the condition to pass.
rule-string: ACL rule information, which can be combination of the parameters
described in Table 1-15.
1-21
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
Table 1-15 Rule information
Parameter
format-type
lsap lsap-code
lsap-wildcard
source
{ source-addr
source-mask |
vlan-id }*
Type
Function
Description
Link
layer
encapsulation
type
Defines the link
layer
encapsulation
type in the rule
format-type: the value can be
802.3/802.2, 802.3, ether_ii,
or snap.
lsap field
Source MAC
address
information
Defines the lsap
field in the rule
Specifies
the
source
MAC
address range
in the rule
lsap-code: the encapsulation
format of data frames, a
16-bit hexadecimal number
lsap-wildcard: mask of the
lsap
value,
a
16-bit
hexadecimal number used to
specify the mask bit
source-addr: source MAC
address, in the format of
H-H-H
source- mask: source MAC
address mask, in the format
of H-H-H
vlan-id: source VLAN ID, in
the range of 1 to 4,094
dest-addr: destination MAC
address, in the format of
H-H-H
dest dest-addr
dest-mask
Destination
MAC address
information
Specifies
the
destination MAC
address range
in the rule
cos vlan-pri
Priority
Defines
the
802.1p priority
of the rule
vlan-pri: VLAN priority, in the
range of 0 to 7
time-range
time-name
Time range
information
Specifies
the
time range in
which the rule is
active
time-name: specifies the
name of the time range in
which the rule is active; a
string of 1 to 32 characters
type
protocol-type
protocol-mask
Protocol type
of
Ethernet
frames
Defines
the
protocol type of
Ethernet frames
protocol-type: protocol type
dest- mask: destination MAC
address mask, in the format
of H-H-H
protocol-mask: protocol type
mask
Note:
ARP packets are allowed to pass by default on the Switch 7750. You cannot use the
packet-filter command to filter ARP packets, even though you have used the rule
command to define a Layer 2 ACL, in which the argument protocol is defined as ARP.
1-22
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
To define the CoS value, you can directly input a value ranging from 0 to 7, or input a
keyword listed in the following table.
Table 1-16 Description of CoS value
Keyword
CoS value in decimal
CoS value in binary
best-effort
0
000
background
1
001
spare
2
010
excellent-effort
3
011
controlled-load
4
100
video
5
101
voice
6
110
network-management
7
111
Description
Use the rule command to define an ACL rule.
Use the undo rule command to delete an ACL rule.
Before you can delete a rule, you must specify the rule ID. If you do not know the rule
ID, you can view it by using the display acl command.
In the case that you specify the rule ID when defining a rule:
z
If the rule corresponding to the specified rule ID already exists, you will edit the
rule, and the modified part in the rule will replace the original content, while other
parts remain unchanged.
z
If the rule corresponding to the specified rule ID does not exists, you will create
and define a new rule.
z
The content of a modified or created rule must not be identical with the content of
any existing rule; otherwise the rule modification or creation will fail, and the
system will prompt that the rule already exists.
If you do not specify a rule ID, you will create and define a new rule, and the system
will assign an ID for the rule automatically.
Example
# Define an ACL to deny the packets with the source MAC address being
000d-88f5-97ed, the destination MAC address being 011-4301-991e, and the 802.1p
priority being 3, to pass.
<3Com> system-view
[3Com] acl number 4000
1-23
3Com Switch 7750 Series
Command Reference Guide – ACL
[3Com-acl-ethernetframe-4000]
Chapter 1 ACL Commands
rule
deny
cos
3
source
000d-88f5-97ed
ffff-ffff-ffff dest 0011-4301-991e ffff-ffff-ffff
1.1.16 rule (user-defined ACL)
Syntax
rule [ rule-id ] { permit | deny } { rule-string rule-mask offset } &<1-8> [ time-range
time-name ]
undo rule rule-id
View
User-defined ACL view
Parameter
rule-id: ACL rule ID, in the range of 0 to 127.
deny: Drops packets that satisfy the condition.
permit: Permits packets that satisfy the condition to pass.
rule-string: User-defined string of the rule. It must be an even number containing 2 to
160 hexadecimal characters.
rule-mask: User-defined mask of the rule. It is used to perform the logical AND
operations with packets and must be an even number containing 2 to 160 hexadecimal
characters. Note that its length must be the same with that of rule-string.
offset: Mask offset of the rule. It specifies a byte, through its offset from the packet
header, in the packet as the starting point to perform logical AND operations. It ranges
from 0 to 79 bytes, and the maximum value becomes one byte less when the value of
rule-string (and rule-mask) has two more characters. For example, when rule-string
and rule-mask contains two characters respectively, the maximum value of offset is 79
bytes; when the former contains four characters respectively, the maximum value of
offset is 78 bytes, and so on.
&<1-8>: At most eight rules can be defined at one time.
time-range time-name: Specifies a time range within which the rule is valid.
Description
Use the rule command to define an ACL rule.
Use the undo rule command to delete an ACL rule or the attribute information of an
ACL rule.
Before you can delete a rule, you need to specify the rule ID. If you do not know the
rule ID, you can view it by the display acl command.
In the case that you specify the rule ID when defining a rule:
1-24
3Com Switch 7750 Series
Command Reference Guide – ACL
z
Chapter 1 ACL Commands
If the rule corresponding to the specified rule ID already exists, you will edit the
rule, and the modified part in the rule will replace the original content, while other
parts remain unchanged.
z
If the rule corresponding to the specified rule ID does not exists, you will create
and define a new rule.
z
The content of a modified or created rule must not be identical with the content of
any existing rule; otherwise the rule modification or creation will fail, and the
system will prompt that the rule already exists.
If you do not specify a rule ID, you will create and define a new rule, and the system
will assign an ID for the rule automatically.
Note:
Only cards other than A type ones support the user-defined ACL.
Example
# Define a rule to forbid all TCP packets to pass through.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] time-range t1 18:00 to 23:00 sat
[3Com] acl number 5001
[3Com-acl-user-5001] rule 25 deny 06 ff 35 time-range t1
1.1.17 time-range
Syntax
time-range time-name { start-time to end-time days-of-the-week [ from start-time
start-date ] [ to end-time end-date ] | from start-time start-date [ to end-time end-date ]
| to end-time end-date }
undo time-range { time-name [ start-time to end-time days-of-the-week [ from
start-time start-date ] [ to end-time end-date ] | from start-time start-date [ to end-time
end-date ] | to end-time end-date ] | all }
View
System view
Parameter
time-name: Name of a special time range, used as the identifier of a reference.
start-time: Start time of a special time range, in the form of hh:mm. Optional argument.
1-25
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
end-time: End time of a special time range, in the form of hh:mm. Optional argument.
days-of-the-week: Day of the week when the special time range is effective. Optional
argument. Available arguments and argument combinations are as follows:
z
Numerals (0 to 6)
z
Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, and Sunday
z
Working days (Monday through Friday)
z
Off days (Saturday and Sunday)
z
Daily, namely everyday of the week
from start-time start-date: Specifies the start date of a special time range, optional. In
the form of hh:mm MM/DD/ YYYY, start-time start-date and end-time end-date jointly
define a date in which the special time range takes effect.
to end-time end-date: Specifies the end date of a special time range, optional. In the
form of hh:mm MM/DD/ YYYY, start-time start-date and end-time end-date jointly
define a date on which the special time range takes effect.
all: Deletes all time ranges.
Description
Use the time-range command to define a time range.
Use the undo time-range command to delete a time range.
Use the undo time-range all command to delete all time ranges.
The time range defined by means of the time-range command can include absolute
time sections and periodic time sections. start-time and end-time days-of-the-week
jointly define a periodic time section, while start-time start-date and end-time end-date
jointly define an absolute time section.
If only a periodic time section is defined in a time range, the time range is active only
within the defined periodic time section.
If only an absolute time section is defined in a time, the time range is active only within
the defined absolute time section.
If both a periodic time section and an absolute time section are defined in a time range,
the time range is active only when the periodic time range and the absolute time range
are both matched. Assume that a time range defines an absolute time section from
00:00 January 1, 2004 to 23:59 December 31, 2004, and a periodic time section from
12:00 to 14:00 every Wednesday. This time range is active only from 12:00 to 14:00
every Wednesday in 2004.
If you include any argument undo time-range command, the system will delete only
the content defined by the argument from the time range.
Example
# Defines a time range test that is effective from 0:0 January 1, 2000.
1-26
3Com Switch 7750 Series
Command Reference Guide – ACL
Chapter 1 ACL Commands
[3Com] time-range test from 0:0 2000/1/1
1-27
3Com Switch 7750 Series
Command Reference Guide – QoS
Table of Contents
Table of Contents
Chapter 1 QoS Commands........................................................................................................... 1-1
1.1 QoS Commands ................................................................................................................ 1-1
1.1.1 display priority trust ................................................................................................. 1-1
1.1.2 display qos cos-local-precedence-map................................................................... 1-2
1.1.3 display qos-interface all........................................................................................... 1-2
1.1.4 display qos-interface line-rate ................................................................................. 1-3
1.1.5 display qos-interface queue-scheduler ................................................................... 1-4
1.1.6 display qos-interface traffic-bandwidth.................................................................... 1-6
1.1.7 display qos-interface traffic-limit.............................................................................. 1-6
1.1.8 display qos-interface traffic-priority ......................................................................... 1-7
1.1.9 display qos-interface traffic-red ............................................................................... 1-8
1.1.10 display qos-interface traffic-redirect ...................................................................... 1-9
1.1.11 display qos-interface traffic-remark-vlanid ............................................................ 1-9
1.1.12 display qos-interface traffic-statistic .................................................................... 1-10
1.1.13 inboundcar........................................................................................................... 1-11
1.1.14 line-rate ............................................................................................................... 1-12
1.1.15 priority.................................................................................................................. 1-13
1.1.16 priority trust.......................................................................................................... 1-14
1.1.17 qos....................................................................................................................... 1-15
1.1.18 qos cos-local-precedence-map ........................................................................... 1-17
1.1.19 queue-scheduler ................................................................................................. 1-19
1.1.20 reset traffic-statistic ............................................................................................. 1-20
1.1.21 traffic-bandwidth.................................................................................................. 1-23
1.1.22 traffic-limit ............................................................................................................ 1-26
1.1.23 traffic-priority........................................................................................................ 1-28
1.1.24 traffic-red ............................................................................................................. 1-31
1.1.25 traffic-redirect ...................................................................................................... 1-33
1.1.26 traffic-remark-vlanid ............................................................................................ 1-35
1.1.27 traffic-statistic ...................................................................................................... 1-37
i
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Chapter 1 QoS Commands
1.1 QoS Commands
Note:
The A-type LPUs (cards) include 3C16860, 3C16861, 3C16858, and 3C16859.
1.1.1 display priority trust
Syntax
display priority trust
View
Any view
Parameter
None
Description
Use the display priority trust command to display the priority type according to which
the switch puts a packet into an output queue on a port.
Related command: priority-trust.
Example
# Display the queue scheduling mode and the related parameters.
<3Com> display priority-trust
Priority trust mode: local-precedence
The information above shows that the switch put a packet into an output queue on a
port according to the local precedence of the packet.
1-1
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
1.1.2 display qos cos-local-precedence-map
Syntax
display qos cos-local-precedence-map
View
Any view
Parameter
None
Description
Use
the
display
qos
cos-local-precedence-map
command
to
view
the
“COS-to-local-precedence” mapping table.
Example
# Display the “COS-to-local-precedence” mapping table.
<3Com> display qos cos-local-precedence-map
cos-local-precedence-map:
cos :
0
1
2
3
4
5
6
7
-------------------------------------------------------------------local-precedence :
2
0
1
3
4
5
6
7
1.1.3 display qos-interface all
Syntax
display qos-interface [ interface-type interface-number ] all
View
Any view
Parameter
interface-type interface-number: Port index.
Description
Use the display qos-interface all command to view all the QoS configuration of the
ports. If you do not provide the interface-type interface-number argument, this
1-2
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
command will display the QoS parameter configuration of all the ports of the switch; if
you provide the interface-type interface-number argument, this command will display
QoS parameter configuration of the specified port.
Example
# Display all the QoS parameter configuration.
<3Com> display qos-interface all
GigabitEthernet0/0/1:
Queue scheduling mode: strict-priority
COS configuration:
Config (max queues): 8
Schedule mode: strict
Egress port queue statistics(in bytes):
Priority
CosQ
Threshold
Count
Used(%):
0
2
18432
0
0
1
3
2560
0
0
2
4
2560
0
0
3
1
2560
0
0
4
7
2560
0
0
5
0
2560
0
0
6
5
2560
0
0
7
6
2560
0
0
0
0
common queue statistics(in bytes):
49152
GigabitEthernet0/0/2:
Queue scheduling mode: strict-priority
COS configuration:
---- More ----
1.1.4 display qos-interface line-rate
Syntax
display qos-interface [ interface-type interface-number ] line-rate
View
Any view
1-3
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Parameter
interface-type interface-number: Port index.
Description
Use the display qos-interface line-rate command to view the rate limit configuration
(including the outbound port and the limit rate) for the outbound direction of a port or all
the ports of a switch. If you do not specify the interface-type interface-number argument,
you will view the rate limit configuration for the outbound direction of all the ports of a
switch; if you specify that argument, you will view the rate limit configuration for the
outbound direction of the specified port.
Example
# Display the rate limit configuration of a specific port.
<3Com> display qos-interface line-rate
GigabitEthernet1/0/2: line-rate
Line rate: 3072 kbps
E GigabitEthernet1/0/4: line-rate
Line rate: 5120 kbps
Table 1-1 Description on the fields of the display qos-interface line-rate command
Field
GigabitEthernet1/0/2:
line-rate
Line rate: 3072 kbps
Description
Rate limit configuration on GigabitEthernet1/0/2:
The maximum sum of all the packet rates on
GigabitEthernet1/0/2 is 3,072 kbps.
1.1.5 display qos-interface queue-scheduler
Syntax
display qos-interface [ interface-type interface-number ] queue-scheduler
View
Any view
Parameter
interface-type interface-number: Port index.
1-4
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Description
Use the display qos-interface queue-scheduler command to display the queue
scheduling mode configuration of the specified port or all ports. If the interface-type
interface-number argument is not specified, you will view the queue scheduling mode
parameters of all the ports. If you specify the interface-type interface-number argument,
you will view the queue scheduling mode parameter of the specified port.
Example
# Display the queue scheduling mode parameter of GigabitEthernet1/0/1.
<3Com> display qos-interface gigabitethernet 1/0/1 queue-scheduler
GigabitEthernet1/0/1:
Queue scheduling mode: weighted round robin
weight of queue 1: 10
weight of queue 2: 5
weight of queue 3: 10
weight of queue 4: 10
weight of queue 5: 5
weight of queue 6: 10
weight of queue 7: 5
weight of queue 8: 10
COS configuration:
Config (max queues): 8
Schedule mode: weighted round-robin
Weighting (in packets):
COSQ 0 = 10 packets
COSQ 1 = 5 packets
COSQ 2 = 10 packets
COSQ 3 = 10 packets
COSQ 4 = 5 packets
COSQ 5 = 10 packets
COSQ 6 = 5 packets
COSQ 7 = 10 packets
Egress port queue statistics(in bytes):
Priority
CosQ
Threshold
Count
Used(%):
0
2
18432
0
0
1
0
2560
0
0
2
1
2560
0
0
3
3
2560
0
0
4
4
2560
0
0
5
5
2560
0
0
6
6
2560
0
0
1-5
3Com Switch 7750 Series
Command Reference Guide – QoS
7
7
Chapter 1 QoS Commands
2560
0
0
0
0
common queue statistics(in bytes):
49152
1.1.6 display qos-interface traffic-bandwidth
Syntax
display qos-interface [ interface-type interface-number ] traffic-bandwidth
View
Any view
Parameter
interface-type interface-number: Port index.
Description
Use the display qos-interface traffic-bandwidth command to view the configuration
information of the bandwidth guarantee.
Related command: traffic-bandwidth.
Example
# Display the parameters of traffic limit.
<3Com> display qos-interface traffic-bandwidth
Ethernet1/0/1: traffic-bandwidth
Outbound:
Matches: Acl 2000 rule 0
running
Minimum guaranteed bandwidth: 64 Kbps
Maximum available bandwidth: 128 Kbps
Bandwidth weight: 20
1.1.7 display qos-interface traffic-limit
Syntax
display qos-interface [ interface-type interface-number ] traffic-limit
View
Any view
1-6
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Parameter
interface-type interface-number: Port index.
Description
Use the display qos-interface traffic-limit command to view the traffic limit
configuration of a port or all the ports of a switch, including the applied ACLs for traffic
limit, committed average rate (CAR), and the corresponding actions.
Related command: traffic-limit.
Example
# Display the traffic limit configuration.
<3Com> display qos-interface traffic-limit
GigabitEthernet1/0/1: traffic-limit
Inbound:
Matches: Acl 3000 rule 1
running
Target rate: 20480 Kbps
Exceed action: remark-dscp 4
1.1.8 display qos-interface traffic-priority
Syntax
display qos-interface [ interface-type interface-number ] traffic-priority
View
Any view
Parameter
interface-type interface-number: Port index.
Description
Use the display qos-interface traffic-priority command to view the traffic priority
configuration. The information displayed includes the ACL corresponding to the traffic
tagged with priority, priority type and value.
Related command: traffic-priority.
1-7
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Example
# Display the traffic priority configuration.
<3Com> display qos-interface traffic-priority
Ethernet1/0/1: traffic-priority
Outbound:
Matches: Acl 2000 rule 0
running
Priority action: dscp be
1.1.9 display qos-interface traffic-red
Syntax
display qos-interface [ interface-type interface-number ] traffic-red
View
Any view
Parameter
interface-type interface-number: Port index.
Description
Use the display qos-interface traffic-red command to view the configuration of the
RED operation.
Related command: traffic-red.
Example
# Display the configuration of traffic red.
<3Com> display qos-interface traffic-red
Ethernet1/0/1: traffic-red
Outbound:
Matches: Acl 2000 rule 0
running
Queue length of start random discarding: 16 Kbyte
Queue length of stop random discarding: 32 Kbyte
Max probability of discarding: 20
1-8
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
1.1.10 display qos-interface traffic-redirect
Syntax
display qos-interface [ interface-type interface-number ] traffic-redirect
View
Any view
Parameter
interface-type interface-number: Port index.
Description
Use the display qos-interface traffic-redirect command to view the configuration of
traffic redirect. The displayed content includes the corresponding ACLs of the traffics to
be redirected, and the port to which the traffic is redirected.
Related command: traffic-redirect.
Example
# Display the configuration of traffic redirect.
<3Com> display qos-interface traffic-redirect
GigabitEthernet1/0/1: traffic-redirect
Inbound:
Matches: Acl 2002 rule 0
running
Redirected to: interface GigabitEthernet1/0/8
1.1.11 display qos-interface traffic-remark-vlanid
Syntax
display qos-interface [ interface-type interface-number ] traffic-remark-vlanid
View
Any view
Parameter
interface-type interface-number:: Port index.
1-9
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Description
Use the display qos-interface traffic-remark-vlanid command to display the
configuration of the traffic-based flexible QinQ function. The displayed information
includes the ACL rules used for traffic identifying and the ID of the external VLAN tag.
Related command: traffic-remark-vlanid.
Example
# Display the configuration of traffic-based flexible QinQ.
<3Com> display qos-interface traffic-remark-vlanid
Ethernet1/0/1: traffic-remark-vlanid
Inbound:
Matches: Acl 3000 rule 3
running
RemarkVlanId action: remark-vlan 25
1.1.12 display qos-interface traffic-statistic
Syntax
display qos-interface [ interface-type interface-number ] traffic-statistic
View
Any view
Parameter
interface-type interface-number: Port index.
Description
Use the display qos-interface traffic-statistic command to view the traffic statistics
information. The information displayed includes the ACL corresponding to the traffic to
be counted and the number of packets counted.
Related command: traffic-statistic.
Example
# Display the traffic statistics information.
<3Com> display qos-interface traffic-statistic
Ethernet1/0/1: traffic-statistic
Inbound:
1-10
3Com Switch 7750 Series
Command Reference Guide – QoS
Matches: Acl 2000 rule 0
Chapter 1 QoS Commands
running
105 packets
1.1.13 inboundcar
Syntax
inboundcar { enable | disable }
View
System view
Parameter
enable: Enables the inbound CAR function.
disable: Disables the inbound CAR function.
Description
Use the inboundcar enable command to enable the inbound CAR function.
Use the inboundcar disable command to disable the inbound CAR function.
By default, the inbound CAR function is disabled.
Note:
The inboundcar command takes effect only after you restart the switch.
When the inbound CAR function is enabled and the same ACL rules are sent to the
different ports, they are treated as different rules, thus seizing multiple entries. If you
enable the CAR function for the traffic matching the same rule on multiple ports, the
switch provides guaranteed bandwidth to the traffic matching the CAR rule on each
port.
When the inbound CAR function is disabled and the same ACL rules are sent to the
different ports, they are treated as the same one, thus seizing one entry only. If you
enable the CAR function for the traffic matching the same rule on multiple ports, the
switch provides guaranteed bandwidth to the traffic matching the CAR rule on these
ports.
1-11
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
For example, if you want to set the CAR bandwidth of 2 M for the traffic matching the
rule 0 on the switch, use the traffic-limit command to enable the CAR function on two
ports.
z
If the inbound CAR function is enabled, the two ports provides guaranteed
bandwidth of 2 M for the traffic matching the rule 0 on each port.
z
If the inbound CAR function is disabled, the two ports provide the total guaranteed
bandwidth of 2M for the traffic matching the rule 0 on the two ports.
Example
# Enable the inbound CAR function on the switch.
<3Com> system-view
[3Com] inboundcar enable
1.1.14 line-rate
Syntax
line-rate [ kbps ] target-rate
undo line-rate
View
QoS view
Parameter
kbps: Specifies the limit rate to be measured in kbps.
target-rate: Total limit rate of all the packets sent by the port. If the kbps keyword is
specified, the rate is measured in kbps, in the range of 64 to 1,024,000 with the
granularity being 64. If the number you input is in the range of N*64 to (N+1)*64 (N is a
natural number), the switch will set the value to (N+1)*64 kbps automatically. If the
kbps keyword is not specified, the rate is in the range of 1 to 1,000 in mbps.
Description
Use the line-rate command to limit the rate of the packets on the port.
Use the undo line-rate command to cancel the rate limit configuration on the port.
1-12
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Note:
Only type-A LPUs support the rate limit configuration.
Example
# Limit the rate of packets on GigabitEthernet1/0/1 to 10 Mbps.
<3Com> system-view
[3Com] interface GigabitEthernet1/0/1
[3Com-GigabitEthernet1/0/1] qos
[3Com-qosb-GigabitEthernet1/0/1] line-rate 10
1.1.15 priority
Syntax
priority priority-level
undo priority
View
Ethernet port view
Parameter
priority-level: Priority value of the port, ranging from 0 to 7.
Description
Use the priority command to configure the priority of the Ethernet port.
Use the undo priority command to restore the default priority of the Ethernet port.
By default, the priority of a port is 0.
If the switch receives a packet without VLAN tags, the switch will tag the packet with the
default VLAN of the port receiving the packet. In this case the switch assigns the port
priority of the port receiving the packet to the 802.1p priority of the VLAN tag in the
packet.
The switch does not perform the operation above if it receives a packet with VLAN tags.
Example
# Set the local precedence of Ethernet1/0/1 to 7.
1-13
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
<3Com> system-view
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] priority 7
1.1.16 priority trust
Syntax
priority-trust { dscp | ip-precedence | cos | local-precedence }
View
System view
Parameter
dscp: Puts a packet into the corresponding output queue on a port according to the
DSCP precedence.
ip-precedence: Puts a packet into the corresponding output queue on a port according
to the IP precedence.
cos: Puts a packet into the corresponding output queue on a port according to the COS
precedence.
local-precedence: Puts a packet into the corresponding output queue on a port
according to the local precedence.
Description
Use the priority trust command to specify the priority according to which the switch
puts a packet into the output queue on a port.
By default, the switch puts a packet into the output queue on a port according to the
local precedence of the packet.
The switch ports support eight output queues with different levels of precedence. The
higher the precedence is, the earlier it will be delivered. The switch puts a packet into
an output queue on a port according to the precedence of the packet.
z
dscp precedence: dscp precedence value ranges from 0 to 63 inclusive, the
packets with precedence value from 0 to 7 are put into queue 0, and those with
precedence value from 8 to 15 are put into queue 1, and so on.
z
ip-precedence: ip-precedence value ranges from 0 to 7, the packets with
precedence value 0 are put into queue 0, and those with precedence value 1 are
put into queue 1, and so on.
1-14
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
cos precedence: cos precedence value ranges from 0 to 7, the packet whose
z
precedence value is 0 is put into queue 2, the packet whose precedence value is 1
is put into queue 0, the packet whose precedence value is 2 is put into queue 1. As
for the left precedence values, the queue number is equal to the precedence value.
For example, the packet whose precedence value is 3 is put into queue 3.
local-precedence: local-precedence value ranges from 0 to 7. The packet
z
whose precedence value is 0 is put into queue 0, and so on.
You can choose the corresponding packet precedence as the basis for putting a packet
into an output queue on a port as required.
Example
# Specify the switch to put a packet into an output queue according to the DSCP
precedence of the packet.
<3Com> system-view
[3Com] priority-trust dscp
1.1.17 qos
Syntax
qos
View
Ethernet port view
Parameter
None
Description
Use the qos command to enter QoS view and perform the corresponding QoS
configuration.
Note:
Different LPUs of the Switch 7750 support different QoS functions. You can use “?” to
query the supported QoS configurations after entering different QoS views.
1-15
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Example
# Enter QoS view of a non-type-A LPU and query the QoS configuration supported by
the LPU.
<3Com> system-view
[3Com] interface GigabitEthernet1/0/1
[3Com-GigabitEthernet1/0/1] qos
[3Com-qosb-GigabitEthernet1/0/1] ?
Qosb view commands:
display
Display current system information
line-rate
Limit the rate of the outbound packets of the
interface
mirrored-to
Mirror the packets
msdp-tracert
MSDP traceroute to source RP
packet-filter
Filter packets based on acl
ping
Send echo messages
queue-scheduler
Specify queue scheduling mode and parameters
quit
Exit from current command view
reset
Reset operation
return
Exit to User View
tracert
Trace route function
traffic-limit
Limit the rate of the packets
traffic-priority
Specify new priority of the packets
traffic-redirect
Redirect the packets
traffic-remark-vlanid
Remark vlan ID of the packets
traffic-statistic
Count the packets
undo
Cancel current setting
# Enter QoS view of a type-A LPU and query the QoS configuration supported by the
LPU.
<3Com> system-view
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] qos
[3Com-qoss-Ethernet1/0/1]?
Qoss view commands:
display
Display current system information
msdp-tracert
MSDP traceroute to source RP
packet-filter
Filter packets based on acl
ping
Send echo messages
quit
Exit from current command view
reset
Reset operation
return
Exit to User View
tracert
Trace route function
1-16
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
traffic-bandwidth
Guarantee the bandwidth of the packets
traffic-limit
Limit the rate of the packets
traffic-priority
Specify new priority of the packets
traffic-red
Random early detect the packets
traffic-remark-vlanid
Remark vlan ID of the packets
traffic-statistic
Count the packets
undo
Cancel current setting
1.1.18 qos cos-local-precedence-map
Syntax
qos cos-local-precedence-map cos0-map-local-prec cos1-map-local-prec
cos2-map-local-prec cos3-map-local-prec cos4-map-local-prec cos5-map-local-prec
cos6-map-local-prec cos7-map-local-prec
undo qos cos-local-precedence-map
View
System view
Parameter
cos0-map-local-prec: Local precedence to which the CoS 0 is to be mapped, in the
range of 0 to 7.
cos1-map-local-prec: Local precedence to which the CoS 1 is to be mapped, in the
range of 0 to 7.
cos2-map-local-prec: Local precedence to which the CoS 2 is to be mapped, in the
range of 0 to 7.
cos3-map-local-prec: Local precedence to which the CoS 3 is to be mapped, in the
range of 0 to 7.
cos4-map-local-prec: Local precedence to which the CoS 4 is to be mapped, in the
range of 0 to 7.
cos5-map-local-prec: Local precedence to which the CoS 5 is to be mapped, in the
range of 0 to 7.
cos6-map-local-prec: Local precedence to which the CoS 6 is to be mapped, in the
range of 0 to 7.
cos7-map-local-prec: Local precedence to which the CoS 7 is to be mapped, in the
range of 0 to 7.
1-17
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Description
Use
the
qos
cos-local-precedence-map
command
to
configure
the
“CoS-to-local-precedence” mapping table.
Use the undo qos cos-local-precedence-map command to restore the default
values.
The following is the default “CoS-to-local-precedence” mapping table.
Table 1-2 Default “CoS-to-local-precedence” mapping table
CoS value
Local precedence
0
2
1
0
2
1
3
3
4
4
5
5
6
6
7
7
Example
# Configure the “CoS-to-local-precedence” mapping table.
<3Com> system-view
[3Com] qos cos-local-precedence-map 0 1 2 3 4 5 6 7
The following is the configured "CoS-to-local-precedence” mapping table.
1-18
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Table 1-3 “CoS-to-local-precedence” mapping table
CoS value
Local precedence
0
0
1
1
2
2
3
3
4
4
5
5
6
6
7
7
1.1.19 queue-scheduler
Syntax
queue-scheduler { rr | strict-priority | wrr queue1-weight queue2-weight
queue3-weight
queue4-weight
queue5-weight
queue6-weight
queue7-weight
queue8-weight }
undo queue-scheduler
View
QoS view
Parameter
rr: Adopts round robin (RR) algorithm.
strict-priority: Adopts strict priority (SP) scheduling.
wrr queue1-weight queue2-weight queue3-weight queue4-weight queue5-weight
queue6-weight queue7-weight queue8-weight: Adopts the weighted round robin (WRR)
algorithm, with the weight in the range of 0 to 15.
Description
Use the queue-scheduler command to configure the queue scheduling mode and
related parameters.
Use the undo queue-scheduler command to restore the default queue scheduling
mode.
1-19
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
By default, the SP algorithm is adopted.
Related command: display qos-interface queue-scheduler.
Note:
Only non-type-A LPUs support the configuration of queue scheduling mode.
Example
# Adopt the WRR queue scheduling mode, and the weight value of each queue is 10, 5,
10, 10, 5, 10, 5, and 10.
<3Com> system-view
[3Com] interface GigabitEthernet1/0/1
[3Com-GigabitEthernet1/0/1] qos
[3Com-qosb-GigabitEthernet1/0/1] queue-scheduler wrr 10 5 10 10 5 10 5 10
1.1.20 reset traffic-statistic
Syntax
I. For type-A LPUs:
reset traffic-statistic { inbound | outbound } acl-rule [ system-index ]
II. For non-type-A LPUs:
reset traffic-statistic inbound acl-rule [ system-index ]
Note:
LPUs support applying the combination of IP ACL rules and link ACL rules. However,
the field defined by the IP ACL rules and link ACL rules cannot be of more than 32
characters. Otherwise, the combination cannot be applied successfully.
View
QoS view
1-20
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Parameter
acl-rule: Applied ACL which can be the combination of various ACL rules. For the ways
of type-A LPUs to combine ACLs and the description on related parameters, refer to
Table 1-4 and Table 1-6. For the ways of non-type-A LPUs to combine ACLs and the
description on related parameters, refer to Table 1-5 and Table 1-6.
Table 1-4 Type-A LPUs’ ways of applying combined ACLs
ACL combination
Form of the acl-rule argument
Apply all the rules in an IP ACL
separately
ip-group { acl-number | acl-name }
Apply a rule in an IP ACL separately
ip-group { acl-number | acl-name } rule
rule-id
Apply all the rules in a Link ACL
separately
link-group { acl-number | acl-name }
Apply a rule in a Link ACL separately
link-group { acl-number | acl-name } rule
rule-id
Apply a rule in an IP ACL and a rule in
a Link ACL at the same time
ip-group { acl-number | acl-name } rule
rule-id link-group { acl-number |
acl-name } rule rule-id
Table 1-5 Non-type-A LPUs’ ways of applying combined ACLs
ACL combination
Form of the acl-rule argument
Apply all the rules in an IP ACL
separately
ip-group { acl-number | acl-name }
Apply a rule in an IP ACL separately
ip-group { acl-number | acl-name } rule
rule-id
Apply all the rules in a Link ACL
separately
link-group { acl-number | acl-name }
Apply a rule in a Link ACL separately
link-group { acl-number | acl-name } rule
rule-id
Apply all the rules in an user-defined
ACL separately
user-group { acl-number | acl-name }
Apply a rule in an user-defined ACL
separately
user-group { acl-number | acl-name } rule
rule-id
Apply a rule in an IP ACL and a rule in
a Link ACL at the same time
ip-group { acl-number | acl-name } rule
rule-id link-group { acl-number |
acl-name } rule rule-id
1-21
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Table 1-6 Description on the parameters in the ACL combination
Parameter
Description
Basic and advanced ACL
acl-number: ACL number in the range of 2,000 to 3,999.
ip-group { acl-number |
acl-name }
acl-name: ACL name which contains up to 32 characters.
It must start with English letters (a to z or A to Z) and
cannot contain spaces or quotation marks. It is not
sensitive to capitals.
Layer 2 ACL
acl-number: ACL number in the range of 4,000 to 4,999.
link-group { acl-number
| acl-name }
acl-name: ACL name which contains up to 32 characters.
It must start with English letters (a to z or A to Z) and
cannot contain spaces or quotation marks. It is not
sensitive to capitals.
User-defined ACL
acl-number: ACL number in the range of 5,000 to 5,999.
user-group { acl-number
| acl-name }
rule-id
acl-name: ACL name which contains up to 32 characters.
It must start with English letters (a to z or A to Z) and
cannot contain spaces or quotation marks. It is not
sensitive to capitals.
ID of an ACL rule, in the range of 0 to 127. If the rule-id
argument is not specified, the rule keyword refers to all
the rules in the ACL.
system-index: Specifies an interior index value which is used when an ACL rule is
applied to the port. The index value ranges from 0 to 4294,967,295. This keyword is
only available when the ACL rule number is specified in the command. After the
specified ACL takes effect, there are three scenarios when you input the index value:
z
If you do not input an index value or the index value you input is 0, the system will
automatically assign an index whose value is greater than 0;
z
If the input index value is not 0 and does not conflict with the interior index used by
the system, the system will adopt the index value input by you;
z
If the input index value is not 0 but conflicts with the interior index used by the
system, the system will reassign an index value.
When the specified ACL rule is not effective, the system will adopt the index value input
by you.
Description
Use the reset traffic-statistic command to clear the statistics of all or specified traffic.
1-22
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Table 1-7 The reset acl counter command vs the reset traffic-statistic command
Command
Function
Clear the ACL statistics.
This command is applicable to ACLs used for filtering and
classifying the traffic processed by software.
ACLs are referenced by software in the following cases:
reset acl counter
z
Referenced by routing policies
z
Referenced when login users are controlled
In these cases, the ACL number is in the range of 2,000 to
3,999.
Refer to the ACL module in this manual for the introduction
to the reset acl counter command.
Clear the traffic statistics.
reset traffic-statistic
This command is applicable to ACLs applied to the
hardware of the switch for filtering and classifying traffic
during data forwarding. Generally, this command is used to
clear the statistics information obtained through the
traffic-statistic command.
Example
# Clear the statistics about traffic matching ACL 2000.
<3Com> system-view
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] qos
[3Com-qoss-Ethernet1/0/1] reset traffic-statistic inbound ip-group 2000
1.1.21 traffic-bandwidth
Syntax
traffic-bandwidth outbound acl-rule [ system-index ] min-guaranteed-bandwidth
max-guaranteed-bandwidth weight
undo traffic-bandwidth outbound acl-rule
View
QoS view
1-23
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Parameter
outbound: Guarantees the bandwidth for the outbound packets sent by the port.
acl-rule: Applied ACL rules which can be the combination of various ACL rules. For the
ways of combining ACLs and the description on related parameters, refer to Table 1-4
and Table 1-6.
system-index: Specifies an interior index value which is used when an ACL rule is
applied to the port. The index value ranges from 0 to 4294,967,295. This keyword is
only available when the ACL rule number is specified in the command. After the
specified ACL takes effect, there are three scenarios when you input the index value:
z
If you do not input an index value or the index value you input is 0, the system will
automatically assign an index whose value is greater than 0;
z
If the input index value is not 0 and does not conflict with the interior index used by
the system, the system will adopt the index value input by you;
z
If the input index value is not 0 but conflicts with the interior index used by the
system, the system will reassign an index value.
When the specified ACL rule is not effective, the system will adopt the index value input
by you.
min-guaranteed-bandwidth: Minimum guaranteed bandwidth in kbps, in the range of 0
to 8,388,608. It must be the multiple(s) of 64.
max-guaranteed-bandwidth: Maximum guaranteed bandwidth in kbps, in the range of 0
to 8,388,608. It must be the multiple(s) of 64.
weight: Bandwidth weight in the range of 1 to 100, in percentage. It is used in the
situations when there is several traffic bandwidth guarantees at the current port. For
instance, there is 10 M of bandwidth supporting two flows on a port. The minimum
guaranteed bandwidth for each flow is 2 M, the maximum guaranteed bandwidth is 8 M,
and the bandwidth weights are 40% and 80% respectively. After the port guarantees
the minimum bandwidth for both flows (that is, 4 M), the remaining bandwidth (6M)
cannot support the maximum bandwidth of both flows (16M). If the bandwidth occupied
by the two flows exceeds the minimum guaranteed bandwidth, then the remaining
bandwidth (6 M) will be allocated to each flow according to the bandwidth weights
(40% : 80%).
1-24
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Note:
Assume there are N flows on a port, the bandwidth of the port is Bp, the minimum
guaranteed bandwidth of the ith flow is Bimin, and the maximum guaranteed bandwidth
of the ith flow is Bimax, and the weight is Wi. If the bandwidth occupied by all the flows
is greater than their minimum guaranteed bandwidth, and the sum of maximum
guaranteed bandwidth is greater than port bandwidth Bp, the bandwidth allocated to
the ith flow is Bi= Bimin+(Bp-
∑B
i min
)*Wi/
N
∑Wi .
N
Description
Use the traffic-bandwidth command to activate the ACL for traffic identifying and
provide bandwidth guarantee for the corresponding traffic. This command is applicable
to only the permit rule).
Use the undo traffic-bandwidth command to remove this function.
This configuration provides the minimum guaranteed bandwidth and maximum
available bandwidth for the specific traffic. Note that the maximum available bandwidth
must be no smaller than the minimum guaranteed bandwidth.
Related command: display qos-interface traffic-bandwidth.
Note:
z
Only type-A LPUs support this command.
z
Only the permit rule can be referenced in this command and applied to hardware.
Example
# Guarantee the bandwidth of the packets that match the permit rule in ACL 2000: The
minimum guaranteed bandwidth is 64 k, the maximum available bandwidth is 128 k,
and bandwidth weight is 50.
<3Com> system-view
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] qos
[3Com-qoss-Ethernet1/0/1] traffic-bandwidth outbound ip-group 2000 64 128 50
1-25
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
1.1.22 traffic-limit
Syntax
I. For type-A LPUs:
traffic-limit { inbound | outbound } acl-rule [ system-index ] target-rate
undo traffic-limit { inbound | outbound } acl-rule
II. For non-type-A LPUs:
traffic-limit inbound acl-rule [ system-index ] [ kbps ] target-rate [ exceed action ]
undo traffic-limit inbound acl-rule
Note:
LPUs support applying the combination of IP ACL rules and link ACL rules. However,
the field defined by the IP ACL rules and link ACL rules cannot be of more than 32
characters. Otherwise, the combination cannot be applied successfully.
View
QoS view
Parameter
inbound: Performs traffic policing on the packets received by the port.
outbound: Performs traffic policing on the packets sent by the port.
acl-rule: Applied ACL which can be the combination of various ACL rules. For the ways
of type-A LPUs to combine ACLs and the description on related parameters, refer to
Table 1-4 and Table 1-6. For the ways of non-type-A LPUs to combine ACLs and the
description on related parameters, refer to Table 1-5 and Table 1-6.
system-index: Specifies an interior index value which is used when an ACL rule is
applied to the port. The index value ranges from 0 to 4294,967,295. This keyword is
only available when the ACL rule number is specified in the command. After the
specified ACL takes effect, there are three scenarios when you input the index value:
z
If you do not input an index value or the index value you input is 0, the system will
automatically assign an index whose value is greater than 0;
1-26
3Com Switch 7750 Series
Command Reference Guide – QoS
z
Chapter 1 QoS Commands
If the input index value is not 0 and does not conflict with the interior index used by
the system, the system will adopt the index value input by you;
z
If the input index value is not 0 but conflicts with the interior index used by the
system, the system will reassign an index value.
When the specified ACL rule is not effective, the system will adopt the index value input
by you.
kbps: Specifies the limit rate to be measured in kbps. If the kbps keyword is specified,
the rate is measured in kbps, in the range of 64 to 1,024,000 with the granularity being
64. If the number you input is in the range of N*64 to (N+1)*64 (N is a natural number),
the switch will set the value to (N+1)*64 kbps automatically.
target-rate: Total rate to limit all the packets sent on a port. For type-A LPUs, the
target-rate argument is in the range of 64 to 8,388,608 in kbps with the granularity being
64. If the kbps keyword is not provided, the target-rate argument is in mbps in the range
of 1 to 1,000.
exceed action: Optional. The action is taken when the traffic exceeds the threshold.
Only type-A LPUs support this keyword. The action argument can be:
z
drop: Drops the packets.
z
remark-dscp value: Sets new DSCP value.
Description
Use the traffic-limit command to activate ACL for traffic identifying and perform traffic
policing.
Use the undo traffic-limit command to remove traffic policing.
The granularity of traffic limit is 64 kbps.
This command performs traffic limit on the packets matching the permit rule only.
Note:
Only the permit rule can be referenced in this command and applied to hardware.
Example
# Perform traffic limit on the packets matching the permit rule in ACL 2000 on
Ethernet1/0/1 of a type-A LPU. The maximum rate is 128 kbps.
<3Com> system-view
[3Com] interface Ethernet1/0/1
1-27
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
[3Com-Ethernet1/0/1] qos
[3Com-qoss-Ethernet1/0/1] traffic-limit inbound ip-group 2000 128
# Perform traffic limit on the packets matching the permit rule in ACL 2000 on
GigabitEthernet1/0/1 of a non-type-A LPU. The maximum rate is 128 kbps.
<3Com> system-view
[3Com] interface GigabitEthernet1/0/1
[3Com-GigabitEthernet1/0/1] qos
[3Com-qosb-GigabitEthernet1/0/1] traffic-limit inbound ip-group 2000 kbps 128
1.1.23 traffic-priority
Syntax
I. For type-A LPUs:
traffic-priority { inbound | outbound } acl-rule [ system-index ] { { dscp dscp-value |
ip-precedence pre-value } | local-precedence pre-value }*
undo traffic-priority { inbound | outbound } acl-rule
II. For non-type-A LPUs:
traffic-priority inbound acl-rule [ system-index ] { { dscp dscp-value |
ip-precedence pre-value } | { cos cos | local-precedence pre-value } }*
undo traffic-priority inbound acl-rule
Note:
LPUs support applying the combination of IP ACL rules and link ACL rules. However,
the field defined by the IP ACL rules and link ACL rules cannot be of more than 32
characters. Otherwise, the combination cannot be applied successfully.
View
QoS view
Parameter
inbound: Performs priority marking to the packets received by the port.
outbound: Performs priority marking to the packets sent by the port.
1-28
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
acl-rule: Applied ACL which can be the combination of various ACL rules. For the ways
of type-A LPUs to combine ACLs and the description on related parameters, refer to
Table 1-4 and Table 1-6. For the ways of non-type-A LPUs to combine ACLs and the
description on related parameters, refer to Table 1-5 and Table 1-6.
system-index: Specifies an interior index value which is used when an ACL rule is
applied to the port. The index value ranges from 0 to 4294,967,295. This keyword is
only available when the ACL rule number is specified in the command. After the
specified ACL takes effect, there are three scenarios when you input the index value:
If you do not input an index value or the index value you input is 0, the system will
z
automatically assign an index whose value is greater than 0;
If the input index value is not 0 and does not conflict with the interior index used by
z
the system, the system will adopt the index value input by you;
If the input index value is not 0 but conflicts with the interior index used by the
z
system, the system will reassign an index value.
When the specified ACL rule is not effective, the system will adopt the index value input
by you.
dscp dscp-value: Sets DSCP precedence, ranging from 0 to 63. You can also enter the
keywords in Table 1-8.
Table 1-8 Description on DSCP precedence values
Keyword
DSCP value (decimal)
DSCP value (binary)
ef
46
101110
af11
10
001010
af12
12
001100
af13
14
001110
af21
18
010010
af22
20
010100
af23
22
010110
af31
26
011010
af32
28
011100
af33
30
011110
af41
34
100010
af42
36
100100
af43
38
100110
cs1
8
001000
cs2
16
010000
1-29
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Keyword
DSCP value (decimal)
DSCP value (binary)
cs3
24
011000
cs4
32
100000
cs5
40
101000
cs6
48
110000
cs7
56
111000
be (default)
0
000000
ip-precedence pre-value: Sets IP precedence. The pre-value argument ranges from 0
to 7. You can also enter the keywords in Table 1-9.
Table 1-9 Description on IP precedence values
Keyword
IP Precedence (decimal)
IP Precedence (binary)
routine
0
000
priority
1
001
immediate
2
010
flash
3
011
flash-override
4
100
critical
5
101
internet
6
110
network
7
111
cos cos: Sets 802.1p priority. The pre-value argument ranges from 0 to 7. You can also
enter the keywords in Table 1-10.
Table 1-10 Description on 802.1p priority values
Keyword
802.1p priority (decimal)
802.1p priority value
(binary)
best-effort
0
000
background
1
001
spare
2
010
excellent-effort
3
011
controlled-load
4
100
video
5
101
voice
6
110
1-30
3Com Switch 7750 Series
Command Reference Guide – QoS
Keyword
network-management
Chapter 1 QoS Commands
802.1p priority (decimal)
7
802.1p priority value
(binary)
111
Note:
If you have redirected the packets to CPU, it is not recommended to set the 802.1p
priority to 7, and vice versa.
local-precedence pre-value: Sets local precedence. The pre-value argument ranges
from 0 to 7.
Description
Use the traffic-priority command to enable ACLs for remarking priority.
Use the undo traffic-priority command to remove the function of remarking priority .
Related command: display qos-interface traffic-priority.
Note:
Only the permit rule can be referenced in this command and applied to hardware.
Example
# Remark the local precedence of the packets matching the permit rule in ACL 2000 as
0.
<3Com> system-view
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] qos
[3Com-qoss-Ethernet1/0/1]
traffic-priority
outbound
ip-group
local-precedence 0
1.1.24 traffic-red
Syntax
traffic-red outbound acl-rule [ system-index ] qstart qstop probability
1-31
2000
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
undo traffic-red outbound acl-rule
View
QoS view
Parameter
outbound: Performs RED operation on the sent packets.
acl-rule: Applied ACL rules which can be the combination of various ACL rules. For the
ways of combining ACLs and the description on related parameters, refer to Table 1-4
and Table 1-6.
system-index: Specifies an interior index value which is used when an ACL rule is
applied to the port. The index value ranges from 0 to 4294,967,295. This keyword is
only available when the ACL rule number is specified in the command. After the
specified ACL takes effect, there are three scenarios when you input the index value:
z
If you do not input an index value or the index value you input is 0, the system will
automatically assign an index whose value is greater than 0;
z
If the input index value is not 0 and does not conflict with the interior index used by
the system, the system will adopt the index value input by you;
z
If the input index value is not 0 but conflicts with the interior index used by the
system, the system will reassign an index value.
When the specified ACL rule is not effective, the system will adopt the index value input
by you.
qstart: Queue length where the system starts to drop packets at random, in the range of
0 to 262,128 in kbyte. The packets in the queue whose length is less than the qstart
argument will not be dropped. The value must be the multiples of 16 KB.
qstop: Queue length where the system stops dropping of packets at random, in the
range of 0 to 262,128 in kbyte. All the packets in the queue whose length is greater than
the qstop argument will be dropped. The value must be the multiples of 16 KB.
probability: Drop probability when the qstop argument is reached, in the range of 0% to
100%.
Description
Use the traffic-red command to enable the RED operation and set RED parameters.
Use the undo traffic-red command to remove the RED configuration.
Note that the qstop argument in this command must be no smaller than the qstart
argument.
1-32
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Related command: display qos-interface traffic-red.
Note:
z
Only type-A LPUs support this command.
z
Only the permit rule can be referenced in this command and applied to hardware.
Example
# Perform the RED operation on the packets matching the permit rule in ACL 2000.
RED parameters can be set as follows: the qstart argument is 64 KB, the qstop
argument is 128 KB, and the probability argument is 20%.
<3Com> system-view
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] qos
[3Com-qoss-Ethernet1/0/1] traffic-red outbound ip-group 2000 64 128 20
1.1.25 traffic-redirect
Syntax
traffic-redirect inbound acl-rule [ system-index ] { cpu | interface interface-type
interface-number }
undo traffic-redirect inbound acl-rule
View
QoS view
Parameter
inbound: Performs traffic redirect on the packets received by the port.
outbound: Performs traffic redirect on the packets sent by the port.
acl-rule: Applied ACL rules which can be the combination of various ACL rules. For the
ways of combining ACLs and the description on related parameters, refer to Table 1-4
and Table 1-6.
system-index: Specifies an interior index value which is used when an ACL rule is
applied to the port. The index value ranges from 0 to 4294,967,295. This keyword is
1-33
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
only available when the ACL rule number is specified in the command. After the
specified ACL takes effect, there are three scenarios when you input the index value:
z
If you do not input an index value or the index value you input is 0, the system will
automatically assign an index whose value is greater than 0;
z
If the input index value is not 0 and does not conflict with the interior index used by
the system, the system will adopt the index value input by you;
z
If the input index value is not 0 but conflicts with the interior index used by the
system, the system will reassign an index value.
When the specified ACL rule is not effective, the system will adopt the index value input
by you.
cpu: Redirects the traffic to the CPU.
interface { interface-type interface-number }: Redirects the packets to the specified
Ethernet port. The interface-type argument refers to the port type, and the
interface-number argument refers to the port number.
Description
Use the traffic-redirect command to enable the ACL to identify and redirect the traffic.
This command is applicable to the permit rules in an ACL only.
Use the undo traffic-redirect command to disable the traffic redirect function. .
Related command: display qos-global traffic-redirect.
Note:
z
Only type-A LPUs support this command.
z
Only the permit rule can be referenced in this command and applied to hardware.
Example
# Redirect the packets matching the permit rule in ACL 2000 to GigabitEthernet1/0/1.
<3Com> system-view
[3Com] interface GigabitEthernet1/0/1
[3Com-GigabitEthernet1/0/1] qos
[3Com-qosb-GigabitEthernet1/0/1]
interface gigabitethernet1/0/1
1-34
traffic-redirect
inbound
ip-group
2000
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
1.1.26 traffic-remark-vlanid
Syntax
traffic-remark-vlanid inbound acl-rule [ system-index ] remark-vlan vlan-id
undo traffic-remark-vlanid inbound acl-rule
Note:
LPUs support applying the combination of IP ACL rules and link ACL rules. However,
the field defined by the IP ACL rules and link ACL rules cannot be of more than 32
characters. Otherwise, the combination cannot be applied successfully.
View
QoS view
Parameter
inbound: Tags the packets received by the port with external VLAN tags.
acl-rule: Applied ACL rules which can be the combination of various ACL rules. For the
ways of combining ACLs and the description on related parameters, refer to Table 1-11
and Table 1-12.
Table 1-11 Ways of applying combined ACL rules
ACL combination
Form of the acl-rule argument
Apply all the rules in an IP ACL
separately
ip-group { acl-number | acl-name }
Apply a rule in an IP ACL separately
ip-group { acl-number | acl-name } rule
rule-id
Apply all the rules in a Link ACL
separately
link-group { acl-number | acl-name }
Apply a rule in a Link ACL separately
link-group { acl-number | acl-name } rule
rule-id
Apply a rule in an IP ACL and a rule in
a Link ACL at the same time
ip-group { acl-number | acl-name } rule
rule-id link-group { acl-number |
acl-name } rule rule-id
1-35
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Table 1-12 Description on the parameters in the ACL combination
Parameter
Description
Basic and advanced ACL
ip-group {
acl-name }
acl-number
|
acl-number: ACL number in the range of 2,000 to
3,999.
acl-name: ACL name which contains up to 32
characters. It must start with English letters (a to z
or A to Z) and cannot contain spaces or quotation
marks. It is not sensitive to capitals.
Layer 2 ACL
link-group
acl-name }
{
acl-number
|
acl-number: ACL number in the range of 4,000 to
4,999.
acl-name: ACL name which contains up to 32
characters. It must start with English letters (a to z
or A to Z) and cannot contain spaces or quotation
marks. It is not sensitive to capitals.
User-defined ACL
user-group { acl-number |
acl-name }
rule-id
acl-number: ACL number in the range of 5,000 to
5,999.
acl-name: ACL name which contains up to 32
characters. It must start with English letters (a to z
or A to Z) and cannot contain spaces or quotation
marks. It is not sensitive to capitals.
ID of an ACL rule, in the range of 0 to 127. If the
rule-id argument is not specified, the rule keyword
refers to all the rules in the ACL.
vlan-id: ID of the external VLAN tag which is tagged to the packet, in the range of 1 to
4,094.
Description
Use the traffic-remark-vlanid command to enable the ACL for traffic identifying and
tag the packet matching the ACL with the external VLAN tag to implement the
traffic-based flexible QinQ function.
Use the undo traffic-remark-vlanid command to disable the configuration.
This command is applicable to only the permit rules in the ACL.
Refer to the Flexible QinQ module in this manual for the detailed information about
flexible QinQ.
1-36
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Caution:
z
Execute the vlan-vpn enable command in the corresponding port view before
executing the traffic-remark-vlanid command.
z
The QinQ feature cannot be enabled on a port if any of the following features is
enabled on this port: GVRP, NTDP, STP, 802.1x and Voice VLAN.
Example
# Tag the packets matching the permit rule in ACL 200 with the external VLAN tag on
Ethernet1/0/1, thus implementing the traffic-based flexible QinQ function.
<3Com> system-view
[3Com] vlan 25
[3Com-vlan25] quit
[3Com] acl number 2000
[3Com-acl-basic-2000] rule permit source 10.1.1.1 0.0.0.255
[3Com-acl-basic-2000] quit
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] port access vlan 25
[3Com-Ethernet1/0/1] vlan-vpn enable
[3Com-Ethernet1/0/1] qos
[3Com-qoss-Ethernet1/0/1]
traffic-remark-vlanid
inbound
remark-vlan 25
1.1.27 traffic-statistic
Syntax
I. For type-A LPUs:
traffic-statistic { inbound | outbound } acl-rule [ system-index ]
undo traffic-statistic { inbound | outbound } acl-rule
II. For non-type-A LPUs:
traffic-statistic inbound acl-rule [ system-index ]
undo traffic-statistic inbound acl-rule
1-37
ip-group
2000
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Note:
LPUs support applying the combination of IP ACL rules and link ACL rules. However,
the field defined by the IP ACL rules and link ACL rules cannot be of more than 32
characters. Otherwise, the combination cannot be applied successfully.
View
QoS view
Parameter
inbound: Performs traffic statistic on the packets received by the port.
outbound: Performs traffic statistic on the packets sent by the port.
acl-rule: Applied ACL rules which can be the combination of various ACL rules. For the
ways of combining ACLs and the description on related parameters, refer to Table 1-4
and Table 1-6.
system-index: Specifies an interior index value which is used when an ACL rule is
applied to the port. The index value ranges from 0 to 4294,967,295. This keyword is
only available when the ACL rule number is specified in the command. After the
specified ACL takes effect, there are three scenarios when you input the index value:
z
If you do not input an index value or the index value you input is 0, the system will
automatically assign an index whose value is greater than 0;
z
If the input index value is not 0 and does not conflict with the interior index used by
the system, the system will adopt the index value input by you;
z
If the input index value is not 0 but conflicts with the interior index used by the
system, the system will reassign an index value.
When the specified ACL rule is not effective, the system will adopt the index value input
by you.
Description
Use the traffic-statistic command to activate the ACL for traffic identifying and count
the traffic. This command is applicable to only the permit rules in the ACL.
Use the undo traffic-statistic command to cancel the traffic statistics.
The statistics information of traffic-statistic command includes the times of ACL
matches on the hardware. You can use display qos-interface traffic-statistic
command to display the statistics information.
Related command: display qos-interface traffic-statistic.
1-38
3Com Switch 7750 Series
Command Reference Guide – QoS
Chapter 1 QoS Commands
Note:
Only the permit rule can be referenced in this command and applied to hardware.
Example
# Perform traffic statistics on the packets matching the permit rule in ACL 2000.
<3Com> system-view
[3Com] interface Ethernet1/0/1
[3Com-Ethernet1/0/1] qos
[3Com-qoss-Ethernet1/0/1] traffic-statistic inbound ip-group 2000
1-39
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Table of Contents
Table of Contents
Chapter 1 Mirroring Commands ...................................................................................................... 1-1
1.1 Mirroring Commands ......................................................................................................... 1-1
1.1.1 display mirroring-group ........................................................................................... 1-1
1.1.2 display qos-interface mirrored-to............................................................................. 1-2
1.1.3 mirrored-to............................................................................................................... 1-3
1.1.4 mirroring-group........................................................................................................ 1-6
1.1.5 mirroring-group (only for recovery).......................................................................... 1-7
1.1.6 mirroring-group mirroring-port ................................................................................. 1-8
1.1.7 mirroring-group mirroring-slot.................................................................................. 1-9
1.1.8 mirroring-group monitor-port ................................................................................... 1-9
1.1.9 mirroring-group monitor-slot.................................................................................. 1-10
1.1.10 mirroring-group reflector-port .............................................................................. 1-11
1.1.11 mirroring-group remote-probe vlan ..................................................................... 1-12
1.1.12 remote-probe vlan ............................................................................................... 1-12
i
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
Chapter 1 Mirroring Commands
1.1 Mirroring Commands
1.1.1 display mirroring-group
Syntax
display mirroring-group { group-id | all | local | remote-destination |
remote-source }
View
Any view
Parameter
group-id: Group number of a mirroring group, in the range of 1 to 20.
local: Specifies the mirroring group to be a local mirroring group.
remote-destination: The specified mirroring group is the destination group for remote
mirroring.
remote-source: The specified mirroring group is the source group for remote
mirroring.
all: All mirroring groups
Description
Use the display mirroring-group command to display the parameter settings of a
mirroring group.
Local mirroring group information includes:
z
Group number
z
Group type: local
z
Group status
z
Information about the source port of mirroring
z
Information about the destination port of mirroring
Information displayed on the destination mirroring group for remote mirroring includes:
z
Group number
z
Group type: remote-destination
z
Group status
z
Information of the destination port
z
Remote-probe VLAN information
1-1
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
Information displayed on the source mirroring group for remote mirroring includes:
z
Group number
z
Group type: remote-source
z
Group status
z
Information of the source port
z
Information of the reflector port
z
Remote-probe VLAN information
Example
# Display the parameter settings of the mirroring group.
<3Com> display mirroring-group all
mirroring-group 2:
type: local
status: active
mirroring port:
GigabitEthernet1/0/1
both
monitor port: GigabitEthernet1/0/4
1.1.2 display qos-interface mirrored-to
Syntax
display qos-interface [ interface-type interface-number ] mirrored-to
View
Any view
Parameter
interface-type interface-number: Port of the switch. If you enter this argument, the
switch will display the parameter settings of the specified port. If not, the switch will
display the parameters settings of all ports.
Description
Use the display qos-interface mirrored-to command to display the parameter
settings of traffic mirroring.
Information displayed includes:
z
Port name and action name of traffic mirroring
z
Direction of traffic mirroring
z
ACL for identifying traffics
z
Mirroring group
Related command: mirrored-to
1-2
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
Example
# Display the parameter settings of traffic mirroring on GigabitEthernet1/0/1.
<3Com> display qos-interface GigabitEthernet 1/0/1 mirrored-to
GigabitEthernet1/0/1: mirrored-to
Inbound:
Matches: Acl 2000 rule 0
running
Mirrored to: mirroring-group 3
1.1.3 mirrored-to
Syntax
mirrored-to inbound
acl-rule [ system-index system-index ] { interface
interface-type interface-number [ reflector ] | mirroring-group group-id }
undo mirrored-to inbound acl-rule
View
QoS view
Parameter
inbound: Mirrors packets received on the port.
acl-rule: Applied ACL rules, which can be the combination of different types of ACL
rules. Table 1-1 and Table 1-3 describe the ACL combinations on service board of A
type and the corresponding parameter description. Table 1-2 and Table 1-3 describe
the ACL combinations on service boards other than A type and the corresponding
parameter description.
Table 1-1 Combined application of ACLs on service board of A type
Combination mode
Form of acl-rule
Apply all rules in an IP type ACL
separately
ip-group { acl-number | acl-name }
Apply one rule in an IP type ACL
separately
ip-group { acl-number | acl-name } rule
rule-id
Apply all rules in a link type ACL
separately
link-group { acl-number | acl-name }
Apply one rule in a link type separately
link-group { acl-number | acl-name }
rule rule-id
1-3
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
Table 1-2 Combined application of ACLs on service board other than A type.
Combination mode
Form of acl-rule
Apply all rules in an IP type ACL
separately
ip-group { acl-number | acl-name }
Apply one rule in an IP type ACL
separately
ip-group { acl-number | acl-name } rule
rule-id
Apply all rules in a link type ACL
separately
link-group { acl-number | acl-name }
Apply one rule in a link type separately
link-group { acl-number | acl-name }
rule rule-id
Apply all rules in a user-defined ACL
separately
user-group { acl-number | acl-name }
Apply one rule in a user-defined ACL
separately
user-group { acl-number | acl-name }
rule rule-id
Apply one rule in an IP type ACL and
one rule in a Link type ACL
simultaneously
ip-group { acl-number | acl-name } rule
rule-id link-group { acl-number |
acl-name } rule rule-id
Table 1-3 Parameters description of ACL combinations
Parameter
Description
Basic and advanced ACL.
acl-number: ACL number of basic and
advanced ACL, ranging from 2,000 to
3,999.
ip-group { acl-number | acl-name }
acl-name: ACL name, up to 32
characters long, beginning with an
English letter (a to z or A to Z) without
space and quotation mark, not case
sensitive.
Layer 2 ACL
acl-number: ACL number of the Layer 2
ACL, ranging from 4,000 to 4,999.
link-group { acl-number | acl-name }
1-4
acl-name: ACL name, up to 32
characters long, beginning with an
English letter (a to z or A to Z) without
space and quotation mark, not case
sensitive.
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
Parameter
Description
User-defined ACL
acl-number: ACL number of the
user-defined ACL, ranging from 5,000 to
5,999.
user-group { acl-number | acl-name }
acl-name: ACL name, up to 32
characters long, beginning with an
English letter (a to z or A to Z) without
space and quotation mark, not case
sensitive.
Number of the ACL rule, ranging from 0 to
127. If this argument is not specified, all
rules in the specified ACL will be applied.
rule-id
system-index: Specifies an interior index value which is used when an ACL rule is
applied to the port. The index value ranges from 0 to 4294,967,295. This keyword is
only available when the ACL rule number is specified in the command. After the
specified ACL takes effect, there are three scenarios when you input the index value:
z
If you do not input an index value or the index value you input is 0, the system will
automatically assign an index whose value is greater than 0;
z
If the input index value is not 0 and does not conflict with the interior index used by
the system, the system will adopt the index value input by you;
z
If the input index value is not 0 but conflicts with the interior index used by the
system, the system will reassign an index value.
When the specified ACL rule is not effective, the system will adopt the index value input
by you.
Interface interface-type interface-number [ reflector ]: Mirrors traffic flows to specific
port. interface-type interface-number indicates an Ethernet port. With the reflector
keyword specified, the parameters represent a reflector port, together with
corresponding configuration to realize remote traffic mirroring; without the reflector
keyword, the parameters represent a destination port, used to realize the local traffic
mirroring.
mirroring-group group-id: Mirrors traffic flows to specific mirroring group.
Description
Use the mirrored-to command to start ACLs to identify traffics and perform traffic
mirroring for packets that match.
Use the undo mirrored-to command to remove traffic mirroring configuration.
This command only applies to the rules whose actions are permit in matching the
specified ACL, and only mirrors the received traffic flows. If you want to mirror traffic
flows to a specified port, the port must be a destination port or reflector port of a
mirroring group.
1-5
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
Related command: display qos-interface mirrored-to, monitor-port
Example
#
Mirror packets
that match
ACL 2000
on port
GigabitEthernet1/0/1
to
GigabitEthernet1/0/4 through traffic mirroring.
<3Com> system-view
[3Com] mirroring-group 3 local
[3Com]mirroring-group 3 monitor-port GigabitEthernet 1/0/4
[3Com]interface GigabitEthernet 1/0/1
[3Com-GigabitEthernet1/0/1] qos
[3Com-qosb-GigabitEthernet1/0/1]mirrored-to inbound ip-group 3000 interface
GigabitEthernet 1/0/4
1.1.4 mirroring-group
Syntax
mirroring-group group-id { local | remote-destination | remote-source }
undo mirroring-group { group-id | all | local | remote-destination | remote-source }
View
System view
Parameter
group-id: Group number of a mirroring group, in the range of 1 to 20.
local: Specifies the mirroring group as a local mirroring group.
remote-destination: Specifies the mirroring group as the destination mirroring group
for remote port mirroring.
remote-source: Specifies the mirroring group as the source mirroring group for remote
mirroring.
all: Deletes all mirroring groups
Description
Use the mirroring-group command to configure a mirroring group.
Use the undo mirroring-group command to delete a mirroring group.
Example
# Configure a mirroring group on the local switch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mirroring-group 3 local
1-6
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
1.1.5 mirroring-group (only for recovery)
Syntax
mirroring-group group-id { inbound | outbound } mirroring-port-list mirrored-to
monitor-port
undo mirroring-group group-id
View
System view
Parameter
group-id: Group ID of the mirroring group, in the range of 1 to 20.
inbound: Monitors the received packets only.
outbound: Monitors the sending packets only.
mirroring-port-list: Ethernet port list. It means there can be multiple ports.
This
argument is provide in the form of port-list={ interface-type interface-number [ to
interface-type interface-number ] }&<1-8>, where Interface-type interface-number
means an Ethernet port, and &<1-8> means you can specify eight Ethernet ports or
Ethernet port lists.
mirrored-to monitor-port: Specifies the destination port.
Description
Use the mirroring-group command to configure a mirroring group.
Use the undo mirroring-group command to cancel the configuration.
This command is only used to recover configurations. You cannot execute the
command actually, so that after executing the command, the system prompts ”Error:
The command is only used in resuming config!”.
Example
# Configure mirroring group 2, specify Ethernet1/0/1 through Ethernet1/0/3 as source
ports, and Ethernet1/0/4 as destination port, and only monitor the packets received
through ports.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mirroring-group 2 inbound Ethernet 1/0/1 to Ethernet 1/0/3 mirrored-to
Ethernet 1/0/4
1-7
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
1.1.6 mirroring-group mirroring-port
Syntax
mirroring-group group-id mirroring-port mirroring-port-list { both | inbound |
outbound }
undo mirroring-group group-id mirroring-port mirroring-port-list
View
System view/Ethernet port view
Parameter
group-id: Group number of a mirroring group, in the range of 1 to 20.
mirroring-port mirroring-port-list: Specifies a list of source ports, provided in the form
of
mirroring-port-list={
interface-type
interface-number
[
to
interface-type
interface-number ] }&<1-8>, where Interface-type interface-number means an Ethernet
port, and &<1-8> means you can specify eight source ports or source port lists.
Note:
For a centralized LPU, if multiple source ports are specified in remote port mirroring
configuration, all the source ports must be on the same LPU.
both: Mirrors packets both received and sent via the port.
inbound: Mirrors only packets received via the port.
outbound: Mirrors only packets sent via the port.
Description
Use the mirroring-group mirroring-port command to configure the source port.
Use the undo mirroring-group mirroring-port command to remove the configuration
of the source port.
Example
# Configure GigabitEthernet1/0/1 as the source port and mirror all packets received via
this port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mirroring-group 1 mirroring-port Gigabitethernet1/0/1 inbound
1-8
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
1.1.7 mirroring-group mirroring-slot
Syntax
mirroring-group group-id mirroring-slot slot-number { inbound | outbound | both }
undo mirroring-group group-id mirroring-slot slot-number { inbound | outbound |
both }
View
System view
Parameter
group-id: Group number of a mirroring group, in the range of 1 to 20.
slot-number: Number of the slot where the mirroring source LPU resides.
Description
Use the mirroring-group mirroring-slot command to configure the mirroring source
LPU.
Use the undo mirroring-group mirroring-slot command to remove the mirroring
source LPU.
Example
# Specify the LPU residing in slot 3 as the mirroring source LPU and mirror all the
packets received on the LPU.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mirroring-group 1 mirroring-slot 3 inbound
1.1.8 mirroring-group monitor-port
Syntax
mirroring-group group-id monitor-port monitor-port
undo mirroring-group group-id monitor-port monitor-port
View
System view/Ethernet port view
Parameter
group-id: Group number of a mirroring group, in the range of 1 to 20.
monitor-port monitor-port: Specifies the destination port for port mirroring.
monitor-port is available in system view only.
1-9
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
Description
Use the mirroring-group monitor-port command to configure the destination port.
Use the undo mirroring-group monitor-port to remove the configuration of the
destination port.
Note the following when you configure the destination port:
z
LACP must be disabled on the mirroring destination port and STP is
recommended to be disabled on the port.
z
The destination port for remote mirroring must be an Access port.
z
After a port is configured as a reflector port, the switch does not allow you to
change the port type and its default VLAN ID.
Example
# Configure GigabitEthernet1/0/4 as the source port and monitor all packets received
via this port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mirroring-group 1 monitor-port Gigabitethernet1/0/4
1.1.9 mirroring-group monitor-slot
Syntax
mirroring-group group-id monitor-slot slot-number
undo mirroring-group group-id monitor-slot slot-number
View
System view
Parameter
group-id: Group number of a mirroring group, in the range of 1 to 20.
slot-number: Number of the slot where the mirroring destination LPU resides.
Description
Use the mirroring-group monitor-slot command to configure the destination
mirroring LPU. In order to mirror a port to a LPU, the mirroring group must be active.
Use the undo mirroring-group monitor-slot command to remove the configured
mirroring destination LPU.
Example
# Specify the module in slot 4 as the mirroring destination LPU.
1-10
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]mirroring-group 1 monitor-slot 4
1.1.10 mirroring-group reflector-port
Syntax
mirroring-group group-id reflector-port reflector-port
undo mirroring-group group-id reflector-port reflector-port
View
System view/Ethernet port view
Parameter
group-id: Group number of a mirroring group, in the range of 1 to 20.
reflector-port reflector-port: Specifies the reflector port. reflector-port is available in
system view only.
Description
Use the mirroring-group reflector-port command to specify the reflector port.
Use the undo mirroring-group reflector-port command to remove the configuration
of the reflector port..
Note the following when you configure the reflector port:
z
The reflector port must be an Access port.
z
LACP must be disabled on the reflector port.
z
The reflector ports are mutually exclusive with STP or DLDP. That is, if STP or
DLDP is enabled on a port, you are not recommended to configure it as a reflector
port; you are not recommended to enable STP or DLDP on a reflector port.
z
After a port is configured as a reflector port, the switch does not allow you to
change the port type and its default VLAN ID, or to add it to another VLAN.
z
To mirror tagged packets, you need to configure VLAN VPN on the reflector port.
Example
# Configure GigabitEthernet1/0/2 as the reflector port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mirroring-group 1 reflector-port GigabitEthernet1/0/2
1-11
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
1.1.11 mirroring-group remote-probe vlan
Syntax
mirroring-group group-id remote-probe vlan remote-probe-vlan-id
undo mirroring-group group-id remote-probe vlan remote-probe-vlan-id
View
System view
Parameter
group-id: Group number of a mirroring group, in the range of 1 to 20.
remote-probe vlan remote-probe-vlan-id: Specifies the remote-probe VLAN for the
mirroring group.
Description
Use the mirroring-group remote-probe vlan command to specify the remote-probe
VLAN for a mirroring group.
Use the undo mirroring-group remote-probe vlan command to remove the
configuration of remote-probe VLAN for a mirroring group.
Example
# Configure VLAN 100 as the remote-probe VLAN.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] mirroring-group 1 remote-probe vlan 100
1.1.12 remote-probe vlan
Syntax
remote-probe vlan enable
undo remote-probe vlan enable
View
VLAN view
Parameter
None
Description
Use the remote-probe vlan enable command to configure the current VLAN as the
remote-probe VLAN. After you input the command, the system will check whether the
1-12
3Com Switch 7750 Series
Command Reference Guide – Mirroring
Chapter 1 Mirroring Commands
current VLAN is a dynamic VLAN or not. If it is a dynamic VLAN , the command fails to
be executed, and the system prompts that “Can not set dynamic VLAN as
remote-probe VLAN!”.
Use the undo remote-probe vlan enable command to configure the remote-probe
VLAN as a normal VLAN.
Before configuring the remote-probe VLAN, make sure that no Access or Hybrid port
belongs to this VLAN. If any Trunk port exists in this VLAN, the port PVID cannot be the
ID of remote-probe VLAN. After setting a VLAN as remote-probe VLAN, it is
recommended that you do not add Access or Hybrid port to the VLAN.
Note:
The undo vlan all command cannot be used to remove the specified remote-probe
VLAN.
Example
# Configure VLAN 5 as remote-probe vlan.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] vlan 5
[3Com-vlan5] remote-probe vlan enable
1-13
3Com Switch 7750 Series
Command Reference Guide – PoE
Table of Contents
Table of Contents
Chapter 1 PoE Configuration Commands .................................................................................. 1-1
1.1 PoE Configuration Commands .......................................................................................... 1-1
1.1.1 display poe interface ............................................................................................... 1-1
1.1.2 display poe interface power .................................................................................... 1-3
1.1.3 display poe powersupply......................................................................................... 1-5
1.1.4 display poe pse ....................................................................................................... 1-6
1.1.5 poe enable............................................................................................................... 1-7
1.1.6 poe enable slot ........................................................................................................ 1-8
1.1.7 poe legacy enable slot ............................................................................................ 1-9
1.1.8 poe max-power...................................................................................................... 1-10
1.1.9 poe max-power slot............................................................................................... 1-10
1.1.10 poe mode ............................................................................................................ 1-11
1.1.11 poe power max-value.......................................................................................... 1-12
1.1.12 poe power-management ..................................................................................... 1-12
1.1.13 poe priority........................................................................................................... 1-13
1.1.14 poe upgrade ........................................................................................................ 1-14
Chapter 2 PoE PSU Supervision Configuration Commands .................................................... 2-1
2.1 PoE PSU Supervision Display Commands ....................................................................... 2-1
2.1.1 display poe-power ac-input state ............................................................................ 2-1
2.1.2 display poe-power alarm ......................................................................................... 2-2
2.1.3 display poe-power dc-output state .......................................................................... 2-3
2.1.4 display poe-power dc-output value ......................................................................... 2-4
2.1.5 display poe-power switch state ............................................................................... 2-5
2.1.6 display supervision-module information.................................................................. 2-5
2.2 PoE PSU Supervision Configuration Commands.............................................................. 2-7
2.2.1 poe-power input-thresh lower.................................................................................. 2-7
2.2.2 poe-power input-thresh upper ................................................................................. 2-7
2.2.3 poe-power output-thresh lower ............................................................................... 2-8
2.2.4 poe-power output-thresh upper............................................................................... 2-9
i
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
Chapter 1 PoE Configuration Commands
1.1 PoE Configuration Commands
1.1.1 display poe interface
Syntax
display poe interface { interface-type interface-number | all }
View
Any view
Parameter
interface-type interface-number: Port on the switch. Refer to Command Manual – Basic
Port Configuration for details.
all: Displays the PoE information of all the PoE ports on the switch.
Description
Use the display poe interface command to view the PoE status of a specific port. If the
all keyword is specified, the command displays the PoE status of all the PoE ports.
Example
# Display the PoE status of Ethernet3/0/1.
<3Com> display poe interface Ethernet 3/0/1
Port power status
:PD searching
Port power mode
:signal
Port PD class
:0
port power priority
:low
Port max power
:15400 mW
Port current power
:0 mW
Port average power
:0 mW
Port peak power
:0 mW
Port current
:0 mA
Port voltage
:0.0 V
1-1
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
Table 1-1 Description on the fields of the display poe interface command
Field
Description
PoE status of the port:
Disabled: Power is disabled on the port.
PD searching: The port is searching PD.
Port power status
delivering: The port is delivering power to PD.
PD disconnected: PD is disconnected.
testing: The port is testing the PD.
fault: Nonstandard PD is detected or failure
occurs.
PoE mode of the port:
Port power mode
signal: The port supplies port in the signal
mode.
spare: The port supplies power in the spare
mode.
Port PD class
Class of power to the PD
PoE priority of the port:
Port power priority
z
z
z
critical: The highest
high: High
low: Low
Port max power
The maximum available power on the port
Port current power
The current power on the port
Port average power
The average power on the port
Port peak power
The peak power on the port
Port current
The current on the port
Port voltage
The voltage on the port
# Display the PoE status of all ports.
<3Com> display poe interface all
Interface Ethernet3/0/1 power status: delivering
Interface Ethernet3/0/2 power status: PD searching
Interface Ethernet3/0/3 power status: PD searching
Interface Ethernet3/0/4 power status: PD searching
Interface Ethernet3/0/5 power status: PD searching
Interface Ethernet3/0/6 power status: PD searching
Interface Ethernet3/0/7 power status: PD searching
Interface Ethernet3/0/8 power status: PD searching
Interface Ethernet3/0/9 power status: PD searching
Interface Ethernet3/0/10 power status: PD searching
Interface Ethernet3/0/11 power status: PD searching
1-2
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
Interface Ethernet3/0/12 power status: PD searching
Interface Ethernet3/0/13 power status: PD searching
Interface Ethernet3/0/14 power status: PD searching
Interface Ethernet3/0/15 power status: PD searching
Interface Ethernet3/0/16 power status: PD searching
Interface Ethernet3/0/17 power status: delivering
Interface Ethernet3/0/18 power status: PD searching
Interface Ethernet3/0/19 power status: PD searching
Interface Ethernet3/0/20 power status: PD searching
Interface Ethernet3/0/21 power status: PD searching
Interface Ethernet3/0/22 power status: PD searching
Interface Ethernet3/0/23 power status: PD searching
Interface Ethernet3/0/24 power status: PD searching
Interface Ethernet3/0/25 power status: PD searching
Interface Ethernet3/0/26 power status: PD searching
Interface Ethernet3/0/27 power status: PD searching
Interface Ethernet3/0/28 power status: PD searching
Interface Ethernet3/0/29 power status: PD searching
Interface Ethernet3/0/30 power status: PD searching
Interface Ethernet3/0/31 power status: PD searching
Interface Ethernet3/0/32 power status: PD searching
Interface Ethernet3/0/33 power status: PD searching
Interface Ethernet3/0/34 power status: PD searching
Interface Ethernet3/0/35 power status: PD searching
Interface Ethernet3/0/36 power status: PD searching
Interface Ethernet3/0/37 power status: PD searching
Interface Ethernet3/0/38 power status: PD searching
Interface Ethernet3/0/39 power status: PD searching
Interface Ethernet3/0/40 power status: PD searching
Interface Ethernet3/0/41 power status: PD searching
Interface Ethernet3/0/42 power status: PD searching
Interface Ethernet3/0/43 power status: PD searching
Interface Ethernet3/0/44 power status: PD searching
Interface Ethernet3/0/45 power status: PD searching
Interface Ethernet3/0/46 power status: PD searching
Interface Ethernet3/0/47 power status: PD searching
Interface Ethernet3/0/48 power status: PD searching
1.1.2 display poe interface power
Syntax
display poe interface power { interface-type interface-number | all }
1-3
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
View
Any view
Parameter
interface-type interface-number: Port on the switch. Refer to Command Manual – Port
for details.
all: Displays the power of all PoE ports on the switch.
Description
Use the display poe interface power command to view the power information of a
specific port of the switch. If the all keyword is specified, the command displays the
power information of all PoE ports on the switch.
Example
# Display the power information of the PoE port Ethernet3/0/1.
<3Com> display poe interface power Ethernet 3/0/1
Port power
:700 mW
# Display the power information of all PoE ports.
<3Com> display poe interface power all
Interface Ethernet3/0/1 current power : 700 mw
Interface Ethernet3/0/2 current power : 0 mw
Interface Ethernet3/0/3 current power : 0 mw
Interface Ethernet3/0/4 current power : 0 mw
Interface Ethernet3/0/5 current power : 0 mw
Interface Ethernet3/0/6 current power : 0 mw
Interface Ethernet3/0/7 current power : 0 mw
Interface Ethernet3/0/8 current power : 0 mw
Interface Ethernet3/0/9 current power : 0 mw
Interface Ethernet3/0/10 current power : 0 mw
Interface Ethernet3/0/11 current power : 0 mw
Interface Ethernet3/0/12 current power : 0 mw
Interface Ethernet3/0/13 current power : 0 mw
Interface Ethernet3/0/14 current power : 0 mw
Interface Ethernet3/0/15 current power : 0 mw
Interface Ethernet3/0/16 current power : 0 mw
Interface Ethernet3/0/17 current power : 13900 mw
Interface Ethernet3/0/18 current power : 0 mw
Interface Ethernet3/0/19 current power : 0 mw
Interface Ethernet3/0/20 current power : 0 mw
Interface Ethernet3/0/21 current power : 0 mw
Interface Ethernet3/0/22 current power : 0 mw
1-4
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
Interface Ethernet3/0/23 current power : 0 mw
Interface Ethernet3/0/24 current power : 0 mw
Interface Ethernet3/0/25 current power : 0 mw
Interface Ethernet3/0/26 current power : 0 mw
Interface Ethernet3/0/27 current power : 0 mw
Interface Ethernet3/0/28 current power : 0 mw
Interface Ethernet3/0/29 current power : 0 mw
Interface Ethernet3/0/30 current power : 0 mw
Interface Ethernet3/0/31 current power : 0 mw
Interface Ethernet3/0/32 current power : 0 mw
Interface Ethernet3/0/33 current power : 0 mw
Interface Ethernet3/0/34 current power : 0 mw
Interface Ethernet3/0/35 current power : 0 mw
Interface Ethernet3/0/36 current power : 0 mw
Interface Ethernet3/0/37 current power : 0 mw
Interface Ethernet3/0/38 current power : 0 mw
Interface Ethernet3/0/39 current power : 0 mw
Interface Ethernet3/0/40 current power : 0 mw
Interface Ethernet3/0/41 current power : 0 mw
Interface Ethernet3/0/42 current power : 0 mw
Interface Ethernet3/0/43 current power : 0 mw
Interface Ethernet3/0/44 current power : 0 mw
Interface Ethernet3/0/45 current power : 0 mw
Interface Ethernet3/0/46 current power : 0 mw
Interface Ethernet3/0/47 current power : 0 mw
Interface Ethernet3/0/48 current power : 0 mw
1.1.3 display poe powersupply
Syntax
display poe powersupply
View
Any view
Parameter
None
Description
Use the display poe powersupply command to view the parameters of the external
PoE power supply units (PSU).
1-5
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
Example
# Display the parameters of external PoE PSUs.
<3Com> display poe powersupply
Power Model
:Spring Pms
Power Manufacturer
:Tyco Electronics Com
Power Nominal Value
:2400 W
Power Peak Value
:0 W
Power Average Value
:0 W
Power Current Current
:0 mA
Power Current Voltage
:54.0 V
Power Current Value
:18 W
Power Software Version
:512
Power Hardware Version
:000
Table 1-2 Description on the fields of the display poe powersupply command
Field
Description
Power Model
Identification of the PSU manufacturer
Power manufacturer
Name of the power manufacturer
Power Nominal Value
Nominal power of the PSU
Power Peak Value
Peak power of the PSU
Power Average Value
Average power of the PSU
Power Current Current
Current current of the PSU
Power Current Voltage
Current voltage of the PSU
Power Current Value
Current power of the PSU
Power Software Version
Version of the PSU software
Power Hardware Version
Version of the PSU hardware
1.1.4 display poe pse
Syntax
display poe pse
View
Any view
Parameter
None
1-6
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
Description
Use the display poe pse command to display the parameters of all boards that serve
as power sourcing equipment (PSE).
Example
# Display the parameters of all boards that serve as PSE on the switch.
<3Com> display poe pse
PSE Information of board 4:
Power Current Value
:450 W
Power Max Value
:806 W
Power Peak Value
:700 W
Power Average Value
:475 W
Software Version
:290
Hardware Version
:000
CPLD Version
:000
Table 1-3 Description on the fields of the display poe pse command
Field
Description
Power Current Value
Current power of the board
Power Max Value
Maximum power of the board
Power Peak Value
Peak power of the board
Power Average Value
Average power of the board
Software Version
Version of the PSE software
Hardware Version
Version of the PSE hardware
CPLD Version
Version of the PSE complex programmable
logic device (CPLD)
1.1.5 poe enable
Syntax
poe enable
undo poe enable
View
Ethernet port view
Parameter
None
1-7
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
Description
Use the poe enable command to enable the PoE feature on a port.
Use the undo poe enable command to disable the PoE feature on a port.
By default, the PoE feature on a port is enabled if the PoE feature is enabled on a
board.
Example
# Enable the PoE feature on Ethernet3/0/1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet3/0/1
[3Com-Ethernet3/0/1] poe enable
1.1.6 poe enable slot
Syntax
poe enable slot slot-number
undo poe enable slot slot-number
View
System view
Parameter
slot-number: Number of the slot where the board resides.
Description
Use the poe enable slot command to enable the PoE feature on a board.
Use the undo poe enable slot command to disable the PoE feature on a board.
By default, the PoE feature is disabled on a board.
Note:
z
Before enabling the PoE feature on a board, you must ensure that the remaining
power output is not less than the maximum power required for the board.
Otherwise, PoE cannot be enabled on the board correctly.
z
After PoE is enabled on a PoE board, the rated power output shall be reserved for
the slot even when the board is removed from the slot. You need to release this
power output using the undo poe enable slot command.
z
If you insert a board which does not support PoE into the slot for which a rated
power output is reserved, the reserved power output shall be released.
z
If you insert a PoE board of another type into the slot for which a rated power
output is reserved, the switch still applies the former PoE configuration to the port.
1-8
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
Example
# Enable the PoE feature on the PoE board in slot 3.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] poe enable slot 3
1.1.7 poe legacy enable slot
Syntax
poe legacy enable slot slot-number
undo poe legacy enable slot slot-number
View
System view
Parameter
slot-number: Number of the slot where the board resides.
Description
Use the poe legacy enable slot command to enable the board to perform
PoE-compatibility detection for the remote PDs.
Use the undo poe legacy slot command to disable PoE-compatibility detection for the
remote PDs.
By default, PoE-compatibility detection for PDs is disabled on the board.
Through the PoE-compatibility detection, the switch can detect the PDs incompatible
with IEEE802.3af and supply power to them.
Caution:
PoE-compatibility detection process is very slow and has impact on the system
performance, so you are recommended not to enable the PoE-compatibility detection
on a board if all PDs connected are IEEE802.3af-compatible.
Example
# Enable PoE-compatibility detection on the PoE board in slot 2.
<3Com> system-view
System View: return to User View with Ctrl+Z.
1-9
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
[3Com] poe enable slot 2
[3Com] poe legacy enable slot 2
1.1.8 poe max-power
Syntax
poe max-power max-power
undo poe max-power
View
Ethernet port view
Parameter
max-power: Maximum power distributed to the port, ranging from 1,000 to 15,400 in
mW.
Description
Use the poe max-power command to configure the maximum power supplied by the
current port.
Use the undo poe max-power command to restore the maximum power supplied by
the current port to the default value.
By default, the maximum power that a port can supply is 15,400 mW.
Example
# Set the maximum power supplied by Ethernet3/0/1 to 12,000 mW.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 3/0/1
[3Com-Ethernet3/0/1] poe max-power 12000
1.1.9 poe max-power slot
Syntax
poe max-power max-power slot slot-number
undo poe max-power slot slot-number
View
System view
Parameter
max-power: Maximum power distributed to the board, ranging from 37 to 806 in W.
1-10
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
slot-num: Number of the slot where the board resides.
Description
Use the poe max-power command to set the maximum power of a board.
Use the undo poe max-power command to restore the default maximum power of a
board.
By default, the maximum power of a board is 37 W.
Example
# Set the maximum power of the board in slot 3 to 400 W.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] poe max-power 400 slot 3
1.1.10 poe mode
Syntax
poe mode { signal | spare }
undo poe mode
View
Ethernet port view
Parameter
signal: Supplies power through a signal cable.
spare: Supplies power through a spare cable.
Description
Use the poe mode command to configure the PoE mode on the current port.
Use the undo poe mode command to restore the PoE mode on the current port to the
default mode.
By default, the port supplies power through a signal cable.
Note that the Switch 7750 series switches do not support the spare mode currently.
Example
# Set the PoE mode on Ethernet3/0/1 to signal.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 3/0/1
[3Com-Ethernet3/0/1] poe mode signal
1-11
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
1.1.11 poe power max-value
Syntax
poe power max-value max-value
View
System view
Parameter
max-value: Maximum PoE power output on the switch, ranging from 37 to 2,400 in W.
Description
Use the poe power max-value command to set the maximum power output on the
switch.
By default, the maximum PoE power output on the switch is 2,400 W.
Note that this command works only when the power you specify is greater than the
power that has been distributed to the boards.
Example
# Set the maximum power output of the switch to 2,000 W.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] poe power max-value 2000
1.1.12 poe power-management
Syntax
poe power-management { auto | manual } slot slot-number
View
System view
Parameter
auto: Manages PoE of the switch automatically.
manual: Manages PoE of the switch manually.
slot-number: Number of the slot where the board resides.
Description
Use the poe power-management command to configure the PoE management mode
of the switch.
1-12
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
By default, the PoE management mode of the switch is auto.
This command and the PoE priority settings of PoE ports will work together to control
the power feeding of the switch when the switch is reaching its full power load in power
supply.
z
auto mode: When the switch is reaching its full load in supplying power, it will first
supply power to the PDs that are connected to the ports with critical priority, and
secondly supply power to the PDs that are connected to the ports with high priority.
For example: Port A has the power priority of critical. When the switch is reaching
full load and a new PD is now added to the port A, the switch will power down a PD
that is connected to a port with the lowest priority and turn to feed this new PD.
z
manual mode: When the switch is reaching its full load in supplying power
externally and a new PD is added, it will neither take the priority into account nor
make change to its original power supply status; only the information about the
newly added device is provided. For example: Port A has the priority of critical.
When the switch is reaching full load and a new PD is now connected to port A, the
switch does not supply power to this new device.
Example
# Configure the PoE management mode of the board in slot 3 of the switch to auto.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] poe power-management auto slot 3
1.1.13 poe priority
Syntax
poe priority { critical | high | low }
undo poe priority
View
Ethernet port view
Parameter
critical: Sets the PoE priority of the port to critical.
high: Sets the PoE priority of the port to high.
low: Sets the PoE priority of the port to low.
Description
Use the poe priority command to configure the PoE priority of a port.
Use the undo poe priority command to restore the default PoE priority.
1-13
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
By default, the PoE priority of a port is low.
Note:
This command is used together with the poe power-management command, and
takes effect when the PoE power output of the switch reaches nearly to its maximum
value.
Example
# Set the PoE priority of Ethernet3/0/1 to critical.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 3/0/1
[3Com-Ethernet3/0/1] poe priority critical
1.1.14 poe upgrade
Syntax
poe upgrade { refresh | full } filename
View
System view
Parameter
refresh: Upgrades the existing valid software in the PSE in the refresh mode.
full: Reloads the software to the PSE when there is no valid software in the PSE.
filename: Upgrade file name, with a length of 1 character to 63 characters.
Description
Use the poe upgrade command to update the processing software in the PSE online.
1-14
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 1 PoE Configuration Commands
Note:
z
The full mode is used only when you cannot use the refresh mode.
z
When the PSE processing software is damaged (that is, all the PoE commands
cannot be successfully executed), you can use the full mode to update and restore
the software.
z
When the upgrade procedure is interrupted for some unexpected reasons (such as
failure which cause restart), if the update in the full mode fails after restart, you must
update the software in the full mode after power-off and restart of the device, and
then restart the device manually. In this way, the former PoE configuration is
restored.
Example
# Update the processing software in the PSE online.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] poe upgrade refresh 0400_001.S19 slot 2
This will update poe
file on board 2. Continue? [Y/N] y
Board 2 upgrading poe, please wait...
Load finished!
Start Upgrading...
Frame 0 IO Board 2 upgrade POE Pse succeeded
1-15
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 2 PoE PSU Supervision Configuration Commands
Chapter 2 PoE PSU Supervision Configuration
Commands
2.1 PoE PSU Supervision Display Commands
2.1.1 display poe-power ac-input state
Syntax
display poe-power ac-input state
View
Any view
Parameter
None
Description
Use the display poe-power ac-input state command to display the AC input state of
the PoE power supply units (PSUs) contained in the external PoE power supply
system.
Example
# Display the AC input state of the PoE PSUs.
<3Com> display poe-power ac-input state
PSU 1 AC Input State : Lack Phrase
PSU 2 AC Input State : Normal
PSU 3 AC Input State : Lack Phrase
2-1
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 2 PoE PSU Supervision Configuration Commands
Table 2-1 Description on the fields of the display poe-power ac-input state
command
Field
Description
Normal: The AC input is normal.
Lack Phrase: The PSU is idle.
AC input state of PoE PSU 1
Under Limit: The AC input voltage is lower than
the lower threshold.
Upper Limit: The AC input voltage is higher than
the upper threshold.
Fuse Broken: The fuse is broken.
Switch Off: The switch is off.
2.1.2 display poe-power alarm
Syntax
display poe-power alarm
View
Any view
Parameter
None
Description
Use the display poe-power alarm command to display the detailed alarm information
about the external PoE PSUs.
Example
# Display the detailed alarm information about the external PoE PSUs.
<3Com> display poe-power alarm
PSU alarm detail:
Number of PSUs
: 1
PSU 1
: Absent
PSU is absent.
PSU 2
: Normal
PSU is in normal state.
PSU 3
: Absent
PSU is absent.
2-2
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 2 PoE PSU Supervision Configuration Commands
Table 2-2 Description on the fields of the display poe-power alarm command
Field
Description
PSU is in normal state: The PSU operates normally.
NOTLINK: The PSU is not linked (the controller fails to
communicate with this PSU or the PSU is not inserted). You
can clear the failure by powering off the PSU or inserting a
PSU.
INERROR: PSU input error. Restoring the normal AC input can
clear the error.
The
alarm
information about
PoE PSU1
OUTERROR: PSU output error (No normal DC output from the
PSU).
HIGHVOL: Overvoltage on the PSU (the PSU is shut down
because its outputs overvoltage).
HIGHTEP: It is overheated in the PSU.
FANERROR: The fan fails.
CLOSE: The PSU is shut down.
CURLIMIT: The current of the PSU is limited.
Absent: The PSU is absent.
2.1.3 display poe-power dc-output state
Syntax
display poe-power dc-output state
View
Any view
Parameter
None
Description
Use the display poe-power dc-output state command to display the DC output state
of the PoE PSUs in-use.
Example
# Display the DC output states of the in-use PoE PSUs.
<3Com> display poe-power dc-output state
DC Output State : Normal
2-3
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 2 PoE PSU Supervision Configuration Commands
Table 2-3 Description on the fields of the display poe-power dc-output state
command
Field
Description
Normal: The DC output is normal.
Under Limit: The DC output voltage is lower than the
lower threshold.
DC output state of the
external PoE PSU
Upper Limit: The DC output voltage is higher than the
upper threshold.
Fuse Broken: The fuse is broken.
Switch Off: The switch is off.
Hardware Fault: Hardware fails.
2.1.4 display poe-power dc-output value
Syntax
display poe-power dc-output value
View
Any view
Parameter
None
Description
Use the display poe-power dc-output value command to display the DC output
voltage/current values of the external PoE PSUs.
Example
# Display the DC output voltage/current values of the external PoE PSUs.
<3Com> display poe-power dc-output value
DC Output Voltage : 53.997
DC Output Current : 0.350 A
Table 2-4 Description on the fields of the display poe-power dc-output value
command
Field
Description
DC Out Voltage
DC output voltage
DC Output Current
DC output current
2-4
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 2 PoE PSU Supervision Configuration Commands
2.1.5 display poe-power switch state
Syntax
display poe-power switch state
View
Any view
Parameter
None
Description
Use the display poe-power switch state command to display the number and current
state of the AC power distribution switches in the external PoE PSU.
Example
# Display the number and current state of the AC power distribution switches.
<3Com> display poe-power switch state
Switch Number : 0
Note:
Currently, the Switch 7750 series do not use any AC power distribution switch, so the
returned value is always 0.
2.1.6 display supervision-module information
Syntax
display supervision-module information
View
Any view
Parameter
None
2-5
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 2 PoE PSU Supervision Configuration Commands
Description
Use the display supervision-module information command to display the basic
information about the external PoE PSUs, including the name, the model, the
specifications and output power.
Example
# Display the information about the PoE PSUs.
<3Com> display supervision-module information
Supervision Module Version
: 2.6
Supervision Module Name
: Spring Pms
Power Type
: PSE2500-A
Power Rating Value
: 2400 W
Power Peak Value
: 1506 W
Power Average Value
: 1482 W
Power Current Value
: 1502 W
PSU Number
: 1
PSU 2
Rating Output Power
: 2500 W (220V)/1250 W(110V)
Hard Version Info
: NP Series
Table 2-5 Description on the fields of the display supervision-module information
command
Field
Description
Supervision Module Version
Software version of the supervision module
Supervision Module Name
Name of the supervision module
Power Type
Model of the external PoE PSU
Power Rating Value
Rated power of the external PoE PSU
Power Peak Value
Peak power of the external PoE PSU
Power Average Value
Average Power of the external PoE PSU
Power Current Value
Current power of the external PoE PSU
PSU number
Number of PoE PSUs
Rating Output Power
Rated output power of the PoE PSU: 2,500 W for 220
VAC input, 1,250 W for 110 VAC input
Hard Version Info
Hardware version information of the external PoE
PSUs
2-6
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 2 PoE PSU Supervision Configuration Commands
2.2 PoE PSU Supervision Configuration Commands
2.2.1 poe-power input-thresh lower
Syntax
poe-power input-thresh lower string
View
System view
Parameter
string: Undervoltage alarm threshold (in V) in the format of X.X.
z
For 220 VAC input, it ranges from 176.0V to 264.0V
z
For 110 VAC input, it ranges from 90.0V to 132.0V
Description
Use the poe-power input-thresh lower command to set the undervoltage alarm
threshold of AC input for the external PoE PSUs.
For 220 VAC input, the recommended value is 181.0 V; for 110VAC input, the
recommended value is 90.0 V.
Example
# Set the undervoltage alarm threshold of AC input for the external PoE PSUs to 181.0
V.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] poe-power input-thresh lower 181.0
Set lower input-threshold power successfully!
2.2.2 poe-power input-thresh upper
Syntax
poe-power input-thresh upper string
View
System view
Parameter
string: Overvoltage alarm threshold (in V) in the format of X.X.
z
For 220 VAC input, it ranges from 176.0V to 264.0V.
z
For 110 VAC input, it ranges from 90.0V to 132.0V.
2-7
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 2 PoE PSU Supervision Configuration Commands
Description
Use the poe-power input-thresh upper command to set the overvoltage alarm
threshold of AC input for the external PoE PSUs.
For 220 VAC input, the recommended value is 264.0 V; For 110VAC input, the
recommended value is 132.0 V.
Example
# Set the overvoltage alarm threshold of AC input for the external PoE PSUs to 264.0 V.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] poe-power input-thresh upper 264.0
Set upper input-threshold power successfully!
2.2.3 poe-power output-thresh lower
Syntax
poe-power output-thresh lower string
View
System view
Parameter
string: Undervoltage alarm threshold (in volts V) in the format of X.X, in the range of
45.0 to 47.0.
Description
Use the poe-power output-thresh lower command to set the undervoltage alarm
threshold of DC output for the external PoE PSUs.
For either 220 VAC or 110 VAC input, the recommended threshold is 47.0 V.
Example
# Set the undervoltage alarm threshold of DC output for the external PoE PSUs to 47.0
V.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] poe-power output-thresh lower 47.0
Set lower output-threshold power successfully!
2-8
3Com Switch 7750 Series
Command Reference Guide – PoE
Chapter 2 PoE PSU Supervision Configuration Commands
2.2.4 poe-power output-thresh upper
Syntax
poe-power output-thresh upper string
View
System view
Parameter
string: Overvoltage alarm threshold (in volts V) in the format of X.X, in the range of 55.0
to 57.0.
Description
Use the poe-power output-thresh upper command to set the overvoltage alarm
threshold of DC output for the external PoE PSUs.
For either 220 VAC or 110 VAC input, the recommended threshold is 55.0 V.
Example
# Set the overvoltage alarm threshold of DC output for the external PoE PSUs to 55.0
V.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] poe-power output-thresh upper 55.0
Set upper output-threshold power successfully!
2-9
3Com Switch 7750 Series
Command Reference Guide – UDP Helper
Table of Contents
Table of Contents
Chapter 1 UDP-Helper Configuration Commands ..................................................................... 1-1
1.1 UDP-Helper Configuration Commands ............................................................................. 1-1
1.1.1 debugging udp-helper ............................................................................................. 1-1
1.1.2 display udp-helper server........................................................................................ 1-1
1.1.3 reset udp-helper packet .......................................................................................... 1-2
1.1.4 udp-helper port ........................................................................................................ 1-3
1.1.5 udp-helper server .................................................................................................... 1-4
i
3Com Switch 7750 Series
Command Reference Guide – UDP Helper
Chapter 1 UDP-Helper Configuration Commands
Chapter 1 UDP-Helper Configuration Commands
1.1 UDP-Helper Configuration Commands
1.1.1 debugging udp-helper
Syntax
debugging udp-helper { event | packet [ receive | send ] }
undo debugging udp-helper { event | packet [ receive | send ] }
View
User view
Parameter
event: Enables/disables debugging for UDP-Helper events.
event: Enables/disables debugging for sending/receiving UDP-Helper packets.
receive: Enables/disables debugging for receiving UDP-Helper packets.
send: Enables/disables debugging for sending UDP-Helper packets.
Description
Use the debugging udp-helper command to enable debugging for UDP-Helper.
Use the undo debugging udp-helper command to disable debugging for UDP-Helper.
By default, debugging for UDP-Helper is disabled.
Example
# Enable debugging for sending/receiving UDP-Helper packets.
<3Com> debugging udp-helper packet
1.1.2 display udp-helper server
Syntax
display udp-helper server [ interface vlan-interface vlan-id ]
View
Any view
Parameter
vlan-id: ID of a VLAN.
1-1
3Com Switch 7750 Series
Command Reference Guide – UDP Helper
Chapter 1 UDP-Helper Configuration Commands
Description
Use the display udp-helper server command to display the information about the
configured destination servers connected to a specified VLAN interface and the
number of the packets forwarded to each destination server. If you do not specified the
vlan-id argument, the corresponding information about all the VLAN interfaces is
displayed.
Example
# Display the information about the configured destination servers connected to VLAN
1 interface and the number of the packets forwarded to the destination servers.
<3Com> display udp-helper server interface Vlan-interface 1
Interface name
Server address
Packets sent
Vlan-interface1
192.1.1.2
0
The information above shows that the server with its IP address being 192.1.1.2 is
configured as a destination server and is connected to VLAN 1 interface, and no
packets are forwarded to it so far.
1.1.3 reset udp-helper packet
Syntax
reset udp-helper packet
View
User view
Parameter
None
Description
Use the reset udp-helper packet command to clear the statistics about the packets
forwarded by UDP-Helper.
Example
# Clear the statistics about the packets forwarded by UDP-Helper.
<3Com> reset udp-helper packet
udp-helper enable
Syntax
udp-helper enable
undo udp-helper enable
1-2
3Com Switch 7750 Series
Command Reference Guide – UDP Helper
Chapter 1 UDP-Helper Configuration Commands
View
System view
Parameter
None
Description
Use the udp-helper enable command to enable the UDP-Helper function.
Use the undo udp-helper enable command to disable the UDP-Helper function.
By default, UDP-Helper is disabled.
Example
# Enable UDP-Helper.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] udp-helper enable
1.1.4 udp-helper port
Syntax
udp-helper port { port | dns | netbios-ds | netbios-ns | tacacs | tftp | time }
undo udp-helper port { port | dns | netbios-ds | netbios-ns | tacacs | tftp | time }
View
System view
Parameter
port: number of a UDP port to be configured as a UDP-Helper destination port, in the
range 1 to 65535 (except for 67 and 68).
dns: Specifies the DNS UDP port (port 53) as a UDP-Helper destination port.
netbios-ds: Specifies the NetBIOS-DS UDP port (port 138) as a UDP-Helper
destination port.
netbios-ns: Specifies the NetBIOS-NS UDP port (port 137) as a UDP-Helper
destination port.
tacacs: Specifies the TACACS UDP port (port 49) as a UDP-Helper destination port.
tftp: Specifies the TFTP UDP port (port 69) as a UDP-Helper destination port.
time: Specifies the time service UDP port (port 37) as a UDP-Helper destination port.
1-3
3Com Switch 7750 Series
Command Reference Guide – UDP Helper
Chapter 1 UDP-Helper Configuration Commands
Description
Use the udp-helper port command to specify a UDP-Helper destination port.
Use the undo udp-helper port command to disable a port from being a UDP-Helper
destination port.
With UDP-Helper enabled, UDP broadcast packets with their destination port being the
six default UDP ports (that is, port 69, 53, 37, 137, 138, and 49) are forwarded to the
configured destination servers by default. After the UDP-Helper function is disabled, all
the configured UDP-Helper destination ports are cancelled, including the default UDP
ports.
Note that before configuring udp-helper port, you must enable UDP-Helper.
Example
# Configure the DNS UDP port as a UDP-Helper destination port.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] udp-helper port dns
1.1.5 udp-helper server
Syntax
udp-helper server ip-address
undo udp-helper server [ ip-address ]
View
VLAN interface view
Parameter
ip-address: IP address of the device to be configured as a destination server, in dotted
decimal notation.
Description
Use the udp-helper server command to specify a destination server for the UDP
broadcast packets to be forwarded.
Use the undo udp-helper server command to remove a configured destination server.
No destination server is configured by default.
Currently, you can configure up to 20 destination servers on a VLAN interface.
Note that if you do not provide the ip-address argument when executing the undo
udp-helper server command, all the destination servers configured on the VLAN
interface are removed.
1-4
3Com Switch 7750 Series
Command Reference Guide – UDP Helper
Chapter 1 UDP-Helper Configuration Commands
Related command: display udp-helper server.
Example
# Configure the device with its IP address being 192.1.1.2 as a destination server for
the UDP broadcast packets to be forwarded on VLAN 1 interface.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Vlan-interface 1
[3Com-Vlan-interface1] udp-helper server 192.1.1.2
1-5
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Table of Contents
Table of Contents
Chapter 1 SNMP Configuration Commands ............................................................................... 1-1
1.1 SNMP Configuration Commands....................................................................................... 1-1
1.1.1 display snmp-agent ................................................................................................. 1-1
1.1.2 display snmp-agent community............................................................................... 1-1
1.1.3 display snmp-agent group....................................................................................... 1-2
1.1.4 display snmp-agent mib-view.................................................................................. 1-3
1.1.5 display snmp-agent statistics .................................................................................. 1-5
1.1.6 display snmp-agent sys-info.................................................................................... 1-6
1.1.7 display snmp-agent usm-user ................................................................................. 1-7
1.1.8 enable snmp trap updown....................................................................................... 1-8
1.1.9 snmp-agent ............................................................................................................. 1-9
1.1.10 snmp-agent community......................................................................................... 1-9
1.1.11 snmp-agent group ............................................................................................... 1-10
1.1.12 snmp-agent local-engineid .................................................................................. 1-11
1.1.13 snmp-agent mib-view .......................................................................................... 1-12
1.1.14 snmp-agent packet max-size .............................................................................. 1-13
1.1.15 snmp-agent sys-info............................................................................................ 1-14
1.1.16 snmp-agent target-host ....................................................................................... 1-15
1.1.17 snmp-agent trap enable ...................................................................................... 1-16
1.1.18 snmp-agent trap life ............................................................................................ 1-17
1.1.19 snmp-agent trap queue-size ............................................................................... 1-18
1.1.20 snmp-agent trap source ...................................................................................... 1-19
1.1.21 snmp-agent usm-user ......................................................................................... 1-20
Chapter 2 RMON Configuration Commands .............................................................................. 2-1
2.1 RMON Configuration Commands ...................................................................................... 2-1
2.1.1 display rmon alarm.................................................................................................. 2-1
2.1.2 display rmon event .................................................................................................. 2-2
2.1.3 display rmon eventlog ............................................................................................. 2-3
2.1.4 display rmon history ................................................................................................ 2-4
2.1.5 display rmon prialarm.............................................................................................. 2-5
2.1.6 display rmon statistics ............................................................................................. 2-7
2.1.7 rmon alarm .............................................................................................................. 2-9
2.1.8 rmon event ............................................................................................................ 2-11
2.1.9 rmon history........................................................................................................... 2-12
2.1.10 rmon prialarm ...................................................................................................... 2-13
2.1.11 rmon statistics ..................................................................................................... 2-15
i
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
Chapter 1 SNMP Configuration Commands
1.1 SNMP Configuration Commands
1.1.1 display snmp-agent
Syntax
display snmp-agent { local-engineid | remote-engineid }
View
Any view
Parameter
local-engineid: Displays a local engine ID.
remote-engineid: Displays a remote engine ID.
Description
Use the display snmp-agent command to view the engine ID of the current device.
An SNMP engine ID identifies an SNMP entity uniquely within an SNMP domain. As an
indispensable part of an SNMP entity, an SNMP engine performs the function of
sending, receiving and authenticating SNMP message, extracting PDU, packet
encapsulation and the communication with SNMP application.
Example
# Display the local engine ID of the current device.
<3Com> display snmp-agent local-engineid
SNMP local EngineID: 00000009020000000C025808
SNMP local EngineID in the above information represents the ID of the local SNMP
engine.
1.1.2 display snmp-agent community
Syntax
display snmp-agent community [ read | write ]
View
Any view
1-1
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
Parameter
read: Displays read-only community information.
write: Displays read-write community information.
Description
Use the display snmp-agent community command to view the information about the
currently configured community names for SNMPv1 or SNMPv2c.
Example
# Display the currently configured community names.
<3Com> display snmp-agent community
Community name:public
Group name:public
Storage-type: nonVolatile
Community name:private
Group name:private
Storage-type: nonVolatile
Table 1-1 Description on the fields of the display snmp-agent community command
Field
Description
Community name
Community name
Group name
Group name
Storage-type
Storage type, including volatile, nonVolatile, permanent,
readOnly, and other.
1.1.3 display snmp-agent group
Syntax
display snmp-agent group [ group-name ]
View
Any view
Parameter
groupname: The group name, ranging from 1 to 32 bytes.
1-2
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
Description
Use the display snmp-agent group command to view group name, security model,
state of various views and storage models.
Example
# Display SNMP group name and security model.
<3Com> display snmp-agent group
Group name: hello
Security model: v2c noAuthnoPriv
Readview: ViewDefault
Writeview:
Notifyview :
Storage-type: nonvolatile
The following table describes the output fields.
Table 1-2 Description on the fields of the display snmp-agent group command
Field
Description
Group name
SNMP group name
Security model
Security model of that group, including authorization and
encryption (AuthPriv), authorization and no encryption
(AuthnoPriv), no authorization and no encryption
(noAuthnoPriv).
Readview
Read-only MIB view name corresponding to that group
Writeview
Writable MIB view corresponding to that group
Notifyview
The name of the notify MIB view corresponding to that group
Storage-type
Storage type, including volatile, nonVolatile, permanent,
readOnly and other.
1.1.4 display snmp-agent mib-view
Syntax
display snmp-agent mib-view [ exclude | include | viewname view-name ]
View
Any view
Parameter
exclude: Displays the SNMP MIB view (excluded).
Include: Displays the SNMP MIB view (included).
1-3
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
Viewname: Displays the SNMP MIB according to the view name.
view-name: SNMP MIB view to be displayed. It is a character string, ranging from 1 to
32 characters.
Description
Use the display snmp-agent mib-view command to view the MIB view configuration
information of the current Ethernet switch.
Example
# Display the information about the currently configured MIB view.
<3Com> display snmp-agent mib-view
View name:system
MIB Subtree:system
Subtree mask:
Storage-type: nonVolatile
View Type:included
View status:active
View name:ViewDefault
MIB Subtree:iso
Subtree mask:
Storage-type: nonVolatile
View Type:included
View status:active
View name:ViewDefault
MIB Subtree:snmpUsmMIB
Subtree mask:
Storage-type: nonVolatile
View Type:excluded
View status:active
View name:ViewDefault
MIB Subtree:snmpVacmMIB
Subtree mask:
Storage-type: nonVolatile
View Type:excluded
View status:active
View name:ViewDefault
MIB Subtree:snmpModules.18
Subtree mask:
Storage-type: nonVolatile
View Type:excluded
View status:active
1-4
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
Table 1-3 Description on the fields of the display snmp-agent mib-view command
Field
Description
View name
View name
MIB Subtree
MIB subtree
Subtree mask
Subtree mask
Storage-type
Storage type
View Type
Includes or excludes access to an MIB object
View status: active/inactive
Indicates the MIB view status: active or
inactive
Caution:
For the above commands, when the SNMP agent is disabled, the system gives the
prompt “SNMP agent disabled”.
1.1.5 display snmp-agent statistics
Syntax
display snmp-agent statistics
View
Any view
Parameter
None
Description
Use the display snmp-agent statistics command to view the statistics information
about SNMP packets.
This command provides statistics for SNMP operations.
Example
# Display the statistics information about SNMP packets.
<3Com> display snmp-agent statistics
9232 Messages delivered to the SNMP entity
0 Messages which were for an unsupported version
0 Messages which used a SNMP community name not known
1-5
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
0 Messages which represented an illegal operation for the community supplied
0 ASN.1 or BER errors in the process of decoding
9266 Messages passed from the SNMP entity
0 SNMP PDUs which had badValue error-status
0 SNMP PDUs which had genErr error-status
11 SNMP PDUs which had noSuchName error-status
0 SNMP PDUs which had tooBig error-status (Maximum packet size 2000)
33029 MIB objects retrieved successfully
26 MIB objects altered successfully
714 GetRequest-PDU accepted and processed
8514 GetNextRequest-PDU accepted and processed
10 GetBulkRequest-PDU accepted and processed
9230 GetResponse-PDU accepted and processed
1 SetRequest-PDU accepted and processed
34 Trap PDUs accepted and processed
1.1.6 display snmp-agent sys-info
Syntax
display snmp-agent sys-info [ contact | location | version ]*
View
Any view
Parameter
contact: Displays the contact information of the current device.
location: Displays the physical location of the current device.
version: Displays the version information about the SNMP running in the system.
Description
Use the display snmp-agent sys-info command to view the system contact
(sysContact) string, system location string, and the current SNMP version.
This command displays all information if you choose no parameter.
Example
# Display the sysContact string.
<3Com> display snmp-agent sys-info contact
The contact person for this managed node:
S. Morse, 3Com Corporation.
The above information indicates that the contact for this device is S. Morse, 3Com
Corporation.
1-6
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
# Display the system location string.
<3Com> display snmp-agent sys-info location
The physical location of this node:
Beijing China
The above information indicates that the device location is Beijing China.
# Display the current SNMP version.
<3Com> display snmp-agent sys-info version
SNMP version running in the system:
SNMPv3
The above information indicates that the current SNMP version is SNMPv3.
1.1.7 display snmp-agent usm-user
Syntax
display snmp-agent usm-user [ engineid engineid | username user-name | group
group-name ]*
View
Any view
Parameter
engineid: Displays the SNMPv3 user information of the specified engine ID, which
ranges from 10 to 64 hexadecimal numerals.
username: Displays information about the specified SNMPv3 user, which ranges from
1 to 32 bytes.
groupname: Displays information about users in the specified group name, which
ranges from 1 to 32 bytes.
Description
Use the display snmp-agent usm-user command to view SNMP user information.
If you do not specify a parameter, all the information will be displayed.
Example
# Display all user information.
<3Com> display snmp-agent usm-user engineid 1234567890
User name: userv3aaaa
Group name: managev3group
Engine ID: 1234567890
Storage-type: nonVolatile
UserStatus: active
1-7
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
Table 1-4 describes the output fields.
Table 1-4 Description on the fields of the display snmp-agent usm-user command
Field
Description
User name
SNMP user name
Group name
The group name which the SNMP user name belongs to
Engine ID
The character string identifying the SNMP device
Storage-type
Storage type of SNMP information, including volatile,
nonVolatile, permanent, readOnly and other.
UserStatus
SNMP user status
1.1.8 enable snmp trap updown
Syntax
enable snmp trap updown
undo enable snmp trap updown
View
Ethernet port view/interface view
Parameter
None
Description
Use the enable snmp trap updown command to enable the sending of port/interface
linkUp and linkDown traps.
Use the undo enable snmp trap updown command to disable the sending of linkUp
and linkDown traps.
By default, the sending of port/interface linkUp and linkDown traps is enabled.
The enable snmp trap updown and snmp-agent trap enable, snmp-agent
target-host commands are used at the same time. You can use the snmp-agent
target-host command to specify the hosts that can receive Trap information. To send
Trap information, you must configure at least one snmp-agent target-host command.
Example
# Enable the port Ethernet 6/0/1 to send linkUp and linkDown SNMP traps, using the
community name “public” to the NMS whose IP address is 10.1.1.1.
<3Com>system-view
System View: return to User View with Ctrl+Z.
1-8
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
[3Com] snmp-agent trap enable
[3Com]
snmp-agent
target-host
trap
address
udp-domain
10.1.1.1
params
securityname public
[3Com] interface ethernet6/0/1
[3Com-Ethernet6/0/1] enable snmp trap updown
1.1.9 snmp-agent
Syntax
snmp-agent
undo snmp-agent
View
System view
Parameter
None
Description
Use the snmp-agent command to enable SNMP Agent.
Use the undo snmp-agent command to disable SNMP Agent.
By default, SNMP Agent is disabled.
Example
# Disable running SNMP Agent.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] undo snmp-agent
1.1.10 snmp-agent community
Syntax
snmp-agent community { read | write } community-name [ [ acl acl-number |
mib-view view-name ]*
undo snmp-agent community community-name
View
System view
1-9
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
Parameter
read: Indicates that MIB object can only be read. Only the read-only community can
query device information.
write: Indicates that MIB object can be read and written. The read-write community can
configure the device.
community-name: The community name, a character string of 1 to 32 characters.
view-name: The MIB view name, a character string of 1 to 32 characters.
acl-number: The basic access control list (ACL) number specified by the community,
ranging from 2,000 to 2,999.
Description
Use the snmp-agent community command to configure community access name and
enable the access to SNMP.
Use the undo snmp-agent community command to cancel the settings of community
access name.
Example
# Configure community name as comaccess and permit read-only access by this
community name.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent community read comaccess
# Configure community name as mgr and permit read-write access.
[3Com] snmp-agent community write mgr
# Remove community name comaccess.
[3Com] undo snmp-agent community comaccess
1.1.11 snmp-agent group
Syntax
1)
Versions V1 and V2C
snmp-agent group { v1 | v2c } group-name [ read-view read-view ] [ write-view
write-view ] [ notify-view notify-view ] [ acl acl-number ]
undo snmp-agent group { v1 | v2c } group-name
2)
Version V3
snmp-agent group v3 group-name [ authentication | privacy ] [ read-view
read-view ] [ write-view write-view ] [notify-view notify-view ] [ acl acl-number ]
undo snmp-agent group v3 group-name [ authentication | privacy ]
1-10
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
View
System view
Parameter
v1: Specifies SNMPv1.
v2c: Specifies SNMPv2c.
v3: Specifies SNMPv3.
groupname: Group name, ranging from 1 to 32 bytes.
authentication: Configures to authenticate the packet without encryption.
privacy: Configures to authenticate and encrypt the packet.
read-view: Sets read-only view.
read-view: Read-only view name, ranging from 1 to 32 bytes
write-view: Sets read-write view
write-view: Name of read-write view, ranging from 1 to 32 bytes.
notify-view: Sets notify view.
notify-view: Notification view name, ranging from 1 to 32 bytes.
acl: Sets an ACL.
acl-number: Indicates an ACL, ranging from 2,000 to 2,099.
Description
Use the snmp-agent group command to configure a new SNMP group, that is, to map
SNMP user to SNMP view.
Use the undo snmp-agent group command to cancel a specified SNMP group.
By default, the SNMP group configured with the snmp-agent group v3 command is
not authenticated and encrypted.
Related command: snmp-agent mib-view, snmp-agent usm-user.
Example
# Create SNMPv3 group hello.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent group v3 hello
1.1.12 snmp-agent local-engineid
Syntax
snmp-agent local-engineid engineid
1-11
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
undo snmp-agent local-engineid
View
System view
Parameter
engineid: Specifies the engine ID with a character string, only composed of 10 to 64
hexadecimal numbers. Two hexadecimal characters form an octet.
Description
Use the snmp-agent local-engineid command to set the engine ID of the local SNMP
entity.
Use the undo snmp-agent local-engineid command to restore the default setting.
By default, the device engine ID is "Enterprise number + device information". Device
information is determined according to different products. It can be an IP address, MAC
address or user-defined hexadecimal numeral string.
Related command: snmp-agent usm-user.
Example
# Configure the local device name as 1234512345.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent local-engineid 1234512345
1.1.13 snmp-agent mib-view
Syntax
snmp-agent mib-view { included | excluded } view-name oid-tree
undo snmp-agent mib-view view-name
View
System view
Parameter
included: Includes the MIB subtree.
Excluded: Excludes the MIB subtree.
view-name: View name. It is a character string, ranging from 1 to 32 characters.
oid-tree: The OID MIB subtree of the MIB object subtree. It is a character string, ranging
from 1 to 255 characters. It can be a character string of the variable OID (such as
1-12
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
1.4.5.3.1), or a variable name (such as system). The character string can include
wildcards (such as 1.4.5.*.*.1).
Description
Use snmp-agent mib-view command to create or update the view information, limiting
the MIB objects to be accessed by the NMS.
Use the undo snmp-agent mib-view command to cancel the current setting.
By default, the view name is ViewDefault and OID is 1.
Related command: snmp-agent group.
Example
# Create an SNMP MIB view that consists of all the objects of MIB-II.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent mib-view included mib2 1.3.6.1.2.1
1.1.14 snmp-agent packet max-size
Syntax
snmp-agent packet max-size byte-count
undo snmp-agent packet max-size
View
System view
Parameter
byte-count: Maximum size of the SNMP packet (in bytes) that the Agent can
send/receive, ranging from 484 to 17,940.
Description
Use the snmp-agent packet max-size command to set the maximum size of SNMP
packet that the Agent can send/receive.
Use undo snmp-agent packet max-size command to restore the default size of
SNMP packet.
The sizes of the SNMP packets that the Agent can send/receive are different because
network environments are different.
Example
# Set the maximum size of the SNMP packet that the Agent can send/receive to 1,042
bytes.
1-13
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent packet max-size 1042
1.1.15 snmp-agent sys-info
Syntax
snmp-agent sys-info { contact sys-contact | location sys-location | version { { v1 |
v2c | v3 }* | all } }
undo snmp-agent sys-info { { contact | location }* | version { { v1 | v2c | v3 }* | all } }
View
System view
Parameter
contact: Sets the contact for system maintenance.
sysContact: The character string describing contact information for system
maintenance.
location: Sets the geographical location of the device.
sys-location: The geographical location of the device.
version: Specifies version of running SNMP.
v1: SNMP V1.
v2c: SNMP V2C.
v3: SNMP V3.
all: All SNMP versions, including SNMP V1, SNMP V2C, SNMP V3.
Description
Use the snmp-agent sys-info command to configure system information such as
geographical location of the device, information for system maintenance and version
information of running SNMP.
Use the undo snmp-agent sys-info location command to remove the current
configuration.
If the device fails, the device maintenance person can use contact information to
contact the manufacturer.
By default, the contact information is "Hangzhou, Huawei-3Com Tech. Co.,Ltd.", the
system location is "Beijing China", the SNMP version is SNMP V3.
Related command: display snmp-agent sys-info.
1-14
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
Example
# Set contact information for system maintenance as Dial System Operator # 1234.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent sys-info contact Dial System Operator # 1234
1.1.16 snmp-agent target-host
Syntax
snmp-agent target-host trap address udp-domain { ip-address } [ udp-port
port-number ] params securityname security-string [ v1 | v2c | v3 [authentication |
privacy ] ]
undo snmp-agent target-host ip-address securityname security-string
View
System view
Parameter
trap: Specifies the host to be a Trap host.
address: Specifies the address of the destination host for transmitting SNMP
messages.
udp-domain: Specifies transport domain over UDP for the target host.
ip-address: The IPv4 address of the host receiving Trap packets.
port-number: Number of the port receiving Trap packets, ranging from 0 to 65,535
characters.
params: Specifies SNMP target host information to be used in the generation of SNMP
messages.
security-string: The community name of SNMP V1 and SNMP V2C, or SNMP V3 user
name, ranging from 1 to 32 characters.
v1: Represents SNMPv1.
v2c: Represents SNMPv2C.
v3: RepresentsSNMPv3.
authentication: Configures to authenticate the packet without encryption.
privacy: Configures to authenticate and encrypt the packet.
Description
Use snmp-agent target-host command to configure destination of SNMP Trap
packets.
1-15
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
Use undo snmp-agent target-host command to cancel the current setting.
The snmp-agent target-host command and the snmp-agent trap enable or enable
snmp trap updown command must be used at the same time on the device to send
Trap packets.
1)
Use the snmp-agent trap enable or enable snmp trap updown command to set
Trap packets allowed to send (all Trap packets can be sent by default).
2)
Use the snmp-agent target-host command to set the address of the destination
host receiving SNMP Trap packets.
Related command: snmp-agent trap enable, snmp-agent trap source and
snmp-agent trap life.
Example
# Enable sending SNMP Trap packets to 10.1.1.1 with community name public.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent trap enable standard
[3Com]
snmp-agent
target-host
trap
address
udp-domain
10.1.1.1
params
securityname public
1.1.17 snmp-agent trap enable
Syntax
snmp-agent trap enable [ bgp [ backwardtransition | established ]* | configuration
| flash | ospf [ process-id ] [ ospf-trap-list ] | standard [ authentication | coldstart |
linkdown | linkup | warmstart ]* | system | vrrp [ authfailure | newmaster ] ]
undo snmp-agent trap enable [ bgp [ backwardtransition | established ]* |
configuration | flash | ospf [ process-id ] [ ospf-trap-list ] | standard [ authentication
| coldstart | linkdown | linkup | warmstart ]* | system | vrrp [ authfailure |
newmaster ] ]
View
System view
Parameter
bgp [ backwardtransition | established ]*: Configures to send BGP traps.
configuration: Configures to send traps for configuration.
flash: Configures to send traps of Flash.
ospf [ process-id ] [ ospf-trap-list ]: Configures to send traps of the OSPF protocol.
process-id indicates a process ID. ospf-trap-list indicates a list of trap messages
allowed to be sent.
1-16
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
standard [ authentication ] [ coldstart ] [ linkdown ] [ linkup ] [ warmstart ]:
Configures to send SNMP standard notification or traps.
authentication: Configures to send the authentication trap information of the SNMP
protocol when authentication fails.
coldstart: Configures to send the coldstart trap information when the switch restarts.
linkdown: Configures to send SNMP linkDown Trap information when the port is down.
linkup: Configures to send SNMP linkUp Trap information when the port is up.
warmstart: Configures to send SNMP warm start Trap information when SNMP is
rebooted.
System: Configures to send the trap information of H3C-SYS-MAN-MIB (a private
MIB).
vrrp [ authfailure | newmaster ]: Configures to send VRRP trap information.
Description
Use the snmp-agent trap enable command to enable the device to send Trap
packets.
Use the undo snmp-agent trap enable command to disable the device to send Trap
packets.
By default, the device does not send Trap packets.
The snmp-agent trap enable and snmp-agent target-host commands must be used
at the same time. The snmp-agent target-host command specifies which hosts can
receive Trap message. However, to send Trap message, you must configure
snmp-agent target-host command.
Example
# Enable to send the Trap packet of SNMP authentication failure to 10.1.1.1. The
community name is public.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent trap enable standard authentication
[3Com]
snmp-agent
target-host
trap
securityname public
1.1.18 snmp-agent trap life
Syntax
snmp-agent trap life seconds
undo snmp-agent trap life
1-17
address
udp-domain
10.1.1.1
params
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
View
System view
Parameter
seconds: Aging time, in seconds, ranging from 1 to 2,592,000.
Description
Use the snmp-agent trap life command to set aging time for Trap packets. The Trap
packets exceeding the aging time are discarded.
Use the undo snmp-agent trap life command to restore the default aging time for
Trap packets.
By default, the aging time of SNMP Trap packets is 120 seconds.
After the specified aging time has elapsed, the system drops the trap packet.
Related command: snmp-agent trap enable, snmp-agent target-host.
Example
# Set the aging time for Trap packets as 60 seconds.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent trap life 60
1.1.19 snmp-agent trap queue-size
Syntax
snmp-agent trap queue-size size
undo snmp-agent trap queue-size
View
System view
Parameter
size: Length of a queue, ranging from 1 to 1,000.
Description
Use the snmp-agent trap queue-size command to configure the information queue
length of Trap packet sent to destination host.
Use the undo snmp-agent trap queue-size command to restore the default value.
Related command: snmp-agent trap enable, snmp-agent target-host and
snmp-agent trap life.
1-18
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
By default, the length is 100.
Example
# Configure the queue length to 200.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent trap queue-size 200
1.1.20 snmp-agent trap source
Syntax
snmp-agent trap source { interface-type interface-number }
undo snmp-agent trap source
View
System view
Parameter
nterface-type: Interface type.
interface-number: Interface number.
Description
Use the snmp-agent trap source command to configure the source address for
sending Trap message.
Use the undo snmp-agent trap source command to cancel the source address for
sending Trap message.
The SNMP Trap message sent from a server has a source IP address no matter which
interface the Trap message is sent from.
By default, SNMP chooses an outgoing interface.
You can configure this command to trace a specific event using the source address of a
Trap packet.
Note:
Before setting the IP address of an interface address as the source address of the sent
Trap packet, you must configure an IP address for the interface.
Related command: snmp-agent trap enable, snmp-agent target-host.
1-19
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
Example
# Configure the IP address of the VLAN interface 1 as the source address for
transmitting the Trap packets.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent trap source Vlan-interface 1
1.1.21 snmp-agent usm-user
Syntax
1)
Versions V1 and V2C
snmp-agent usm-user { v1 | v2c } user-name group-name [ acl acl-number ]
undo snmp-agent usm-user { v1 | v2c } user-name group-name
2)
Version V3
snmp-agent usm-user v3 user-name group-name [ authentication-mode { md5 |
sha } auth-password [ privacy-mode des56 priv-password ] ] [ acl acl-number ]
undo snmp-agent usm-user v3 user-name group-name { local | engineid
engineid-string }
View
System view
Parameter
v1: Configures to use V1 security model.
v2c: Configures to use V2c security model.
v3: Configures to use V3 security model.
User-name: User name, ranging from 1 to 32 bytes.
Group-name: Group name corresponding to that user, a character string of 1 to 32
characters.
authentication-mode: Specifies the safety level as authentication required. Absence
of this parameter indicates that neither authentication nor encryption is required.
md5: Specifies the authentication protocol as HMAC MD5 algorithm.
sha: Specifies the authentication protocol as HMAC SHA algorithm.
auth-password: Authentication password, a character string of 1 to 64 characters.
privacy: Specifies the security level as encrypted.
des56: Specifies the authentication protocol as DES.
Priv-password: Encryption password, a character string of 1 to 64 characters.
1-20
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 1 SNMP Configuration Commands
acl-number: The basic ACL number, ranging from 2,000 to 2,999.
local: Represents a local entity user.
engineid-string: Engine ID related to the user, ranging from 10 to 64 hexadecimal
numerals.
Description
Use the snmp-agent usm-user command to add a new user to an SNMP group.
Use the undo snmp-agent usm-user command to cancel a user from the SNMP
group.
While using SNMPv3, SNMP engineID (for authentication) is required when you
configure a remote user for an agent. If you change engineID after configuring a user,
the user corresponding to the original engineID is not effective.
For V1 and V2C, this command will add a new community name. For SNMPv3, it will
add a new user for an SNMP group.
Related command: snmp-agent group, snmp-agent community and snmp-agent
local-engineid.
Example
# Add a user John to SNMPv3 group Johngroup. Configure to authenticate using
HMAC-MD5 algorithm, require authentication and set authentication password as
hello.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] snmp-agent group v3 Johngroup
[3Com] snmp-agent usm-user v3 John Johngroup authentication-mode md5 hello
1-21
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
Chapter 2 RMON Configuration Commands
2.1 RMON Configuration Commands
2.1.1 display rmon alarm
Syntax
display rmon alarm [entry-number ]
View
Any view
Parameter
entry-number: Alarm entry index, in the range of 1 to 65535. If you do not specify this
argument, the configuration of all alarm entries is displayed.
Description
Use the display rmon alarm command to display the configuration of a specified alarm
entry or all the alarm entries.
Related command: rmon alarm.
Example
# Display the configuration of all the alarm entries.
<3Com> display rmon alarm
Alarm table 1 owned by abc is VALID.
Samples type
Variable formula
: delta
: 1.3.6.1.2.1.2.2.1.11.67111554
Sampling interval
: 10(sec)
Rising threshold
: 100(linked with event 7)
Falling threshold
: 10(linked with event 8)
When startup enables
: risingOrFallingAlarm
Latest value
: 0
Table 2-1 Description on the fields of the display rmon alarm command
Field
Description
Alarm table
Alarm entry
abc
Entry creator
VALID
Valid for alarm entries corresponding to the index
2-1
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
Field
Description
Samples type
Sample type: change value or absolute value
Variable formula
Variable formula of the sampled node
Sampling interval
Sampling interval
Rising threshold is 100
Rising threshold is 100
Falling threshold is 10
Falling threshold is 10
Alarm startup type:
risingOrFallingAlarm (an alarm is triggered when the
rising or falling threshold is reached)
When startup enables
risingAlarm (an alarm is triggered when the rising
threshold is reached)
FallingAlarm (an alarm is triggered when the falling
threshold is reached)
Latest value
Latest sampled value
2.1.2 display rmon event
Syntax
display rmon event [event-entry ]
View
Any view
Parameter
event-entry: Event entry index, in the range of 1 to 65535. If you do not specify this
argument, the configuration of all the event entries is displayed.
Description
Use the display rmon event command to display the configuration of a specified event
entry or all the event entries.
The displayed information includes: event entry index, event entry owner, event
description, the action triggered by the event (log or alarm messages), and the time (in
seconds) when the latest event is triggered (in terms of the time elapsed since the
system is started/initialized).
Related command: rmon event.
Example
# Display the configuration of all the event entries.
<3Com> display rmon event
2-2
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
Event table 1 owned by abc is VALID.
Description: null.
Will cause log-trap when triggered, last triggered at 0days 00h:02m:27s.
Table 2-2 Description on the fields of the display rmon event command
Field
Description
Event table
Event entries
abc
Entry creator
VALID
The entry corresponding to the index is valid
Description
Event description
Will cause log-trap when triggered
The event triggers logs and an trap alarm
last triggered at 0days 00h:02m:27s
Time the latest event is triggered
2.1.3 display rmon eventlog
Syntax
display rmon eventlog [event-entry ]
View
Any view
Parameter
event-entry: Event entry index, in the range of 1 to 65535. If you do not specify this
argument, the log of all the event entries is displayed.
Description
Use the display rmon eventlog command to display the log of a specified event entry
or all the event entries.
The displayed information includes: the indexes and status of the event entries in the
event table, the time (in seconds) when an event log is generated (in terms of the time
elapsed since the system is started or initialized), and the event description.
Example
# Display the log generated by the event entry numbered 1.
<3Com> display rmon eventlog 1
Event table 1 owned by abc is VALID.
Generates eventLog 1.1 at 0days 00h:01m:39s.
Description: The 1.3.6.1.2.1.16.1.1.1.4.1 defined in alarm table 1,
less than(or =) 100 with alarm value 0. Alarm sample type is absolute.
2-3
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
Generates eventLog 1.2 at 0days 00h:02m:27s.
Description: The alarm formula defined in private alarm table 1,
less than(or =) 100 with alarm value 0. Alarm sample type is absolute.
Table 2-3 Description on the fields of the display rmon eventlog command
Field
Description
Event table
Event entries
abc
Entry creator
VALID
The status of the line corresponding to the
line is valid
Generates eventLog 1.1 at 0days
00h:01m:39s
Time when the event is triggered. The event
may be triggered several times. 1.1
indicates the time event 1 is first triggered
Description
Description of an event log
2.1.4 display rmon history
Syntax
display rmon history [ interface-type interface-number ]
View
Any view
Parameter
interface-type: Interface type.
interface-number: Interface number.
Description
Use the display rmon history command to display the RMON history information
about a specified port. The information about the latest sample, including utilization, the
number of errors, the total number of packets and so on, is also displayed.
Related command: rmon history.
Example
# Display the RMON history information about the RMON port Ethernet2/0/1.
<3Com> display rmon history ethernet 2/0/1
History control entry 1 owned by abc is VALID
Samples interface
: Ethernet2/0/1
Sampling interval
: 10(sec) with 10 buckets max
Latest sampled values :
2-4
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
Dropevents
:0
, octets
: 0
packets
:0
, broadcast packets
: 0
multicast packets :0
, CRC alignment errors : 0
undersize packets :0
, oversize packets
: 0
fragments
:0
, jabbers
: 0
collisions
:0
, utilization
: 0
Table 2-4 Description on the fields of the display rmon eventlog command
Field
Description
History control entry 1
Index number in the history control table
abc
Entry creator
VALID
The entry corresponding to the index is valid
Samples interface
Sampled interface
Sampling interval
Sampling interval
buckets
Number of records in the history control table
Latest sampled values
Latest sampled information
Dropevents
Event about dropping packets
octets
Number of received or transmitted bytes
during sampling duration
packet
Number of received or transmitted packets
during sampling duration
broadcastpackets
Number of broadcast packets
multicastpackets
Number of multicast packets
CRC alignment errors
Number of checkerror packets
undersize packets
Number of undersize packets
oversize packets
Number of oversize packets
fragments
Number of undersize and checkerror packets
jabbers
Number of oversize and checkerror packets
collisions
Number of collision packets
utilization
Utilization ratio
2.1.5 display rmon prialarm
Syntax
display rmon prialarm [prialarm-entry-number ]
2-5
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
View
Any view
Parameter
prialarm-entry-number: Extended alarm entry Index, in the range of 1 to 65535. If you
do not specify this argument, the configuration of all the extended alarm entries is
displayed.
Description
Use the display rmon prialarm command to display the configuration of a specified
RMON extended alarm entry or all the RMON extended alarm entries.
Related command: rmon prialarm.
Example
# Display the configuration of the extended RMON alarm entries.
<3Com> display rmon prialarm
Prialarm table 1 owned by abc is VALID.
Samples type
: delta
Variable formula
: 1.3.6.1.2.1.2.2.1.10.641
Description
: ifInOctets.Ethernet1/0/1
Sampling interval
: 10(sec)
Rising threshold
: 100(linked with event 2)
Falling threshold
: 10(linked with event 2)
When startup enables
: risingOrFallingAlarm
This entry will exist : forever.
Latest value
: 0
Table 2-5 Description on the fields of the display rmon prialarm command
Field
Description
Prialarm table 1
Index number of a line of the extended alarm table
abc
Creator of this extended alarm entry
VALID
The entry corresponding to the index is valid
Samples type
Sample type: change value or absolute value
Variable formula
Alarm variable of the sampled node
Description
Description of the alarm variable
Sampling interval
Sampling interval
Rising threshold
Rising threshold. An alarm is triggered when the
rising threshold is reached
2-6
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
Field
Description
Falling threshold
Falling threshold. An alarm is triggered when the
falling threshold is reached
linked with event
Event index corresponding to an alarm
Alarm startup type:
risingOrFallingAlarm (an alarm is triggered when
the rising or falling threshold is reached)
When startup enables
risingAlarm (an alarm is triggered when the rising
threshold is reached)
FallingAlarm (an alarm is triggered when the
falling threshold is reached)
This entry will exist: forever
Existing period. This entry can exist forever or
exist in the specified cycle
Latest value
Latest sampled value
2.1.6 display rmon statistics
Syntax
display rmon statistics [ interface-type interface-number ]
View
Any view
Parameter
interface-type: Interface type.
interface-number: Interface number.
Description
Use the display rmon statistics command to display the RMON statistics of a
specified port.
The displayed information include the number of the following items: collisions, packets
with CRC errors, undersize or oversize packets, broadcast packets, multicast packets,
received bytes, and received packets.
Related command: rmon statistics.
Example
# Display the RMON statistics information.
<3Com> display rmon statistics ethernet 3/0/1
Statistics entry 1 owned by abc is VALID.
Interface : Ethernet3/0/1
2-7
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
etherStatsOctets
: 3776
, etherStatsPkts
etherStatsBroadcastPkts
: 0
, etherStatsMulticastPkts : 30
etherStatsUndersizePkts
: 0
, etherStatsOversizePkts
: 0
etherStatsFragments
: 0
, etherStatsJabbers
: 0
, etherStatsCollisions
: 0
etherStatsCRCAlignErrors : 0
: 30
etherStatsDropEvents (insufficient resources): 0
Packets received according to length (etherStatsPktsXXXtoYYYOctets):
64
: 5
,
65-127
: 10
256-511: 0
,
512-1023: 0
,
,
128-255
: 15
1024-max: 0
Table 2-6 Description on the fields of the display rmon statistics command
Field
Description
Statistics entry 3
Index number of the statistics information
table
abc
Entry creator
VALID
The entry corresponding to this index is
valid
Interface
Interface
etherStatsOctets
Number of received or transmitted bytes
etherStatsPkts
Number of received or transmitted packets
etherStatsBroadcastPkts
Number of broadcast packets
etherStatsMulticastPkts
Number of multicast packets
etherStatsUndersizePkts
Number of undersize packets
etherStatsOversizePkts
Number of oversize packets
etherStatsFragments
Number
packets
etherStatsJabbers
Number of oversize and checkerror packets
etherStatsCRCAlignErrors
Number of checkerror packets
etherStatsCollisions
Number of collision packets
etherStatsDropEvents
Event about dropping packets (network
resources are insufficient)
Packets received according to length
Number of received packets, which are
made statistics by byte length
2-8
of
undersize
and
checkerror
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
2.1.7 rmon alarm
Syntax
rmon alarm entry-number alarm-variable sampling-time { delta | absolute } rising
threshold
threshold-value1
event-entry1
falling
threshold
threshold-value2
event-entry2 [ owner text ]
undo rmon alarm entry-number
View
System view
Parameter
entry-number: Alarm entry line number, in the range of 1 to 65535.
alarm-variable: Alarm variable, a string comprising 1 to 256 characters in dotted node
OID format (such as 1.3.6.1.2.1.2.1.10.1, or ifInOctets.1). Only the variables that can
be resolved to ASN.1 INTEGER data type (that is, INTEGER, Counter, Gauge, or
TimeTicks) can be used as alarm variables.
sampling-time: Sampling interval (in seconds), in the range of 5 to 65,535.
delta: Specifies to sample increments (that is, the current increment with regard to the
latest sample)
absolute: Specifies to sample absolute values.
rising_threshold
threshold-value1:
Specifies
the
upper
threshold.
The
threshold-value1 argument ranges from 0 to 2,147,483,647.
event-entry1: Index of the event entry corresponding to the upper threshold, in the
range of 1 to 65,535.
falling_threshold
threshold-value2:
Specifies
the
lower
threshold.
The
threshold-value2 argument ranges from 0 to 2,147,483,647.
event-entry2: Index of the event entry corresponding to the lower threshold, in the
range of 1 to 65,535.
owner text: Specifies the owner of the entry. The text argument is a string comprising 1
to 127 characters.
Description
Use the rmon alarm command to add an alarm entry to the alarm table.
Use the undo rmon alarm command to remove an alarm entry from the alarm table.
You can use the rmon alarm command to define an alarm entry so that a specific alarm
event can be triggered under specific circumstances. The act (such as logging and
sending trap messages to NMS) taken after an alarm event occurs is determined by the
corresponding alarm entry.
2-9
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
With an alarm entry defined in an alarm group, a network device performs the following
operations accordingly:
z
Sample the defined alarm variables (alarm-variable) once in each specified period,
which is specified by the sampling-time argument.
z
Comparing the sampled value with the set threshold and performing the
corresponding operations, as described in Table 2-7.
Table 2-7 Sample value and the corresponding operation
Comparison
Operation
The sample value is larger than or equal to the
set upper threshold (threshold-value1)
Triggering the event identified by
the event-entry1 argument
The sample value is smaller than the set lower
threshold (threshold-value2)
Triggering the event identified by
the event-entry2 argument
Note:
z
Before adding an alarm entry, you need to use the rmon event command to define
the events to be referenced by the alarm entry.
z
Make sure the node to be monitored exists before executing the rmon alarm
command.
Example
# Add the alarm entry numbered 1 as follows:
z
The node to be monitored: 1.3.6.1.2.1.16.1.1.1.4.1
z
Sampling interval: 10 seconds
z
Upper threshold: 50
z
The event-entry1 argument identifies event 1.
z
Lower threshold: 5
z
The event-entry2 argument identifies event 2
z
Owner: user1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rmon event 1 log
[3Com] rmon event 2 none
[3Com]rmon alarm 1 1.3.6.1.2.1.16.1.1.1.4.1 10 absolute rising_threshold 50
1 falling_threshold 5 2 owner user1
# Delete the alarm entry numbered 15 from the alarm table.
[3Com] undo rmon alarm 15
2-10
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
2.1.8 rmon event
Syntax
rmon event event-entry [ description string ] { log | trap trap-community | log-trap
log-trapcommunity | none } [ owner text ]
undo rmon event event-entry
View
System view
Parameter
event-entry: Event entry line number, in the range of 1 to 65535.
description string: Specifies the event description, a string comprising 1 to 127
characters.
log: Logs events.
trap trap-community: Defines the event as a trap event and specifies the community
name of the NMS that receives the trap messages.
log-trap log-trapcommunity: Defines the event as a log and trap event and specifies
the community name of the NMS that receives the log messages.
none: Specifies that the event triggers no action.
owner text: Specifies the creator of the event entry. The text argument is a string
comprising 1 to 127 characters.
Description
Use the rmon event command to add an entry to the event table.
Use the undo rmon event command to delete an entry from the event table.
When adding an event entry to an event table, you need to specify the event index. You
need also to specify the corresponding actions, including logging the event, sending
trap messages to the NMS, and the both, for the network device to perform
corresponding operation when an alarm referencing the event is triggered.
Example
# Add the event entry numbered 10 to the event table and configure it to be a log event.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] rmon event 10 log
2-11
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
2.1.9 rmon history
Syntax
rmon history entry-number buckets number interval sampling-interval [ owner text ]
undo rmon history entry-number
View
Ethernet port view
Parameter
entry-number: History entry index, in the range of 1 to 65535.
buckets number: Specifies the size of the history table that corresponds to the entry, in
the range of 1 to 65535. Currently the device only supports 1 to 10. If you enter an
argument greater than 10, the actual table size is still 10.
interval sampling-interval: Specifies the sampling interval (in seconds). The
sampling-interval argument ranges from 5 to 3,600.
owner text: Specifies the owner of the entry, a string comprising 1 to 127 characters.
Description
Use the rmon history command to add an entry to a history control table.
Use the undo rmon history command to delete an entry from a history control table.
You can use the rmon history command to sample a specific port. You can also set the
sampling interval and the number of the samples that can be saved. After you execute
this command, the RMON system samples the port periodically and stores the samples
for later retrieval. The sampled information includes utilization, the number of errors,
and total number of packets.
You can use the display rmon history command to display the statistics of the history
control table.
Example
# Create the history entry numbered 1 for Ethernet1/0/1 port, with the table size being
10, the sampling interval being 5 seconds, and the owner being user1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Ethernet 1/0/1
[3Com-Ethernet1/0/1]rmon history 1 buckets 10 interval 5 owner user1
# Remove the history entry numbered 15.
[3Com-Ethernet1/0/1] undo rmon history 15
2-12
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
2.1.10 rmon prialarm
Syntax
rmon prialarm entry-number prialarm-formula prialarm-des sampling-timer { delta |
absolute
|
changeratio
}
rising_threshold
threshold-value1
event-entry1
falling_threshold threshold-value2 event-entry2 entrytype { forever | cycle
cycle-period } [ owner text ]
undo rmon prialarm entry-number
View
System view
Parameter
entry-number: Extended alarm entry index, in the range of 1 to 65535.
prialarm-formula: Expression used to perform operations on the alarm variables, a
string comprising 1 to 256 characters. The alarm variables in the expression must be
represented by OIDs, for example, (.1.3.6.1.2.1.2.1.10.1)*8. The operations available
are addition, subtraction, multiplication and division operations. The operation results
are rounded to values that are of long integer type. To prevent invalid operation results,
make sure the operation results of each step are valid long integers.
prialarm-des: Alarm description, a string comprising 1 to 256 characters.
sampling-timer: Sampling interval (in seconds), in the range of 10 to 65,535.
delta | absolute | changeratio: Specifies sample type, which can be deltas, absolute
values or change ratios.
threshold-value1: Upper threshold, in the range of 0 to 4,294,967,295.
event-entry1: Index of the event entry that corresponds to the upper threshold, in the
range of 0 to 65535.
threshold-value2: Lower threshold, in the range of 0 to 4,294,967,295.
event-entry2: Index of the event entry that corresponds to the lower threshold, in the
range of 0 to 65535.
forever: Specifies the alarm entry is valid indefinitely.
cycle: Specifies the alarm entry is valid periodically.
cycle-period: Cycle period, in seconds, ranging from 0 to 4,294,967,295.
owner text: Specifies the owner of the alarm entry, a string comprising 1 to 127
characters.
Description
Use the rmon prialarm command to create an extended entry in an extended RMON
alarm table.
2-13
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
Use the undo rmon prialarm command to remove a specified extended alarm entry.
The maximum number of distances in the table depends on the hardware resources.
Note:
z
Before adding an extended alarm entry, you need to use the rmon event command
to define the events to be referenced by the entry.
z
Make sure the node to be monitored exists before executing the rmon event
command.
z
You can define up to 50 extended alarm entries.
With an extended alarm entry defined in an extended alarm group, the network devices
perform the following operations accordingly:
z
Sampling the alarm variables referenced in the defined extended alarm
expressions
(prialarm-formula)
once
in
each
period
specified
by
the
sampling-timer argument.
z
Performing operations on sampled values according to the defined extended
alarm expressions (prialarm-formula)
z
Comparing the operation result with the set thresholds and perform corresponding
operations, as described in Table 2-8.
Table 2-8 Operation result and corresponding operation
Comparison
Operation
The operation result is larger than or equal to the
set upper threshold (threshold-value1)
Triggering the event identified
by the event-entry1 argument
The operation result is smaller than or equal to
the set lower threshold (threshold-value2)
Triggering the event identified
by the event-entry2 argument
Example
# Add the extended alarm entry numbered 2 as follows:
z
Perform operations on the corresponding alarm variables using the expression
((1.3.6.1.2.1.16.1.1.1.4.1)*100).
z
Sampling interval: 10 seconds
z
Upper threshold: 50
z
Lower threshold: 5
z
Event 1 is triggered when the change ratio is larger than the upper threshold.
z
Event 2 is triggered when the change ratio is less than the lower threshold.
z
The alarm entry is valid forever.
z
Entry owner: user1
2-14
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] rmon statistics 1
[3Com-Ethernet1/0/1] quit
[3Com] rmon prialarm 2 ((.1.3.6.1.2.1.16.1.1.1.4.1)*100) test 10 changeratio
rising_threshold 50 1 falling_threshold 5 2 entrytype forever owner user1
# Remove the extended alarm entry numbered 2 from the extended alarm table.
[3Com] undo rmon prialarm 2
2.1.11 rmon statistics
Syntax
rmon statistics entry-number [ owner text ]
undo rmon statistics entry-number
View
Ethernet port view
Parameter
entry-number: Statistics entry Index, in the range of 1 to 65535.
owner text: Specifies the owner of the entry, a string comprising 1 to 127 characters.
Description
Use the rmon statistics command to add an entry to the statistics table.
Use the undo rmon statistics command to remove an entry from the statistics table.
The RMON statistics management function is used to take statistics of the usage of the
monitored ports and errors occurred to them. The statistics includes the number of the
following items: collisions, packet with CRC errors, undersize (or oversize) packets,
broadcast and multicast packets, received packets and bytes and so on.
Note:
For each port, only one RMON alarm table entry can be created, that is to say, if one
RMON alarm table entry was already created for a given port, creation of another entry
with a different index number for the same port will not succeed.
You can use the display rmon statistics command to display the statistics entries.
2-15
3Com Switch 7750 Series
Command Reference Guide – SNMP & RMON
Chapter 2 RMON Configuration Commands
Example
# Add the statistics entry numbered 20 to take statistics of Ethernet1/0/1 port.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com]interface Ethernet 2/0/1
[3Com-Ethernet2/0/1] rmon statistics 20
2-16
3Com Switch 7750 Series
Command Reference Guide – NTP
Table of Contents
Table of Contents
Chapter 1 NTP Configuration Commands .................................................................................. 1-1
1.1 NTP Configuration Commands.......................................................................................... 1-1
1.1.1 display ntp-service sessions ................................................................................... 1-1
1.1.2 display ntp-service status........................................................................................ 1-2
1.1.3 display ntp-service trace ......................................................................................... 1-3
1.1.4 ntp-service access .................................................................................................. 1-3
1.1.5 ntp-service authentication enable ........................................................................... 1-5
1.1.6 ntp-service authentication-keyid.............................................................................. 1-5
1.1.7 ntp-service broadcast-client .................................................................................... 1-6
1.1.8 ntp-service broadcast-server................................................................................... 1-7
1.1.9 ntp-service disable .................................................................................................. 1-8
1.1.10 ntp-service in-interface disable ............................................................................. 1-8
1.1.11 ntp-service max-dynamic-sessions ....................................................................... 1-9
1.1.12 ntp-service multicast-client.................................................................................. 1-10
1.1.13 ntp-service multicast-server ................................................................................ 1-10
1.1.14 ntp-service refclock-master ................................................................................. 1-11
1.1.15 ntp-service reliable authentication-keyid............................................................. 1-12
1.1.16 ntp-service source-interface................................................................................ 1-13
1.1.17 ntp-service unicast-peer...................................................................................... 1-14
1.1.18 ntp-service unicast-server ................................................................................... 1-15
i
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
Chapter 1 NTP Configuration Commands
1.1 NTP Configuration Commands
1.1.1 display ntp-service sessions
Syntax
display ntp-service sessions [ verbose ]
View
Any view
Parameter
verbose: Displays the detailed information about all the sessions maintained by the
NTP service. When you configure this command without the verbose parameter, the
Ethernet switch displays the brief information about all the sessions.
Description
Use the display ntp-service sessions command to display the status of all the
sessions maintained by NTP service provided by the local device.
Caution:
The sessions can be created in all NTP operating modes except the NTP server
mode.
Example
# Display the status of all the sessions maintained by the NTP service.
<3Com> display ntp-service sessions
source
reference
stra reach poll now offset delay disper
********************************************************************
[12345]1.0.1.11
LOCAL(0)
3
377
64
16
-0.4
0.0
0.9
note: 1 source(master),2 source(peer),3 selected,4 candidate,5 configured
1-1
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
1.1.2 display ntp-service status
Syntax
display ntp-service status
View
Any view
Parameter
None
Description
Use the display ntp-service status command to display the NTP service status.
Example
<3Com> display ntp-service status
Service status:enabled
Clock status: unsynchronized
Clock stratum: 16
Reference clock ID: none
Nominal frequency: 100.0000 Hz
Actual frequency: 100.0000 Hz
Clock precision: 2^18
Clock offset: 0.0000 ms
Root delay: 0.00 ms
Root dispersion: 0.00 ms
Peer dispersion: 0.00 ms
Reference time: 00:00:00.000 UTC Jan 1 1900(00000000.00000000)
The following table describes the displayed fields:
Table 1-1 NTP service status information
Field
Meaning
Service status
NTP service status: enabled or disabled
Clock
Local clock status: is not synchronized to any remote NTP
status:
unsynchronized
server
Clock stratum
Indicates the NTP stratum of the local clock
Reference
ID
clock
Indicates the address of a remote server or the clock source
ID when the local system is synchronized with a remote NTP
server or a clock source
1-2
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
Field
Nominal
frequency
Meaning
Nominal frequency of the local system hardware clock
Actual frequency
Actual frequency of the local system hardware clock
Clock precision
Precision of the local clock
Clock offset
Time difference between Offset of the local clock to the NTP
server clock
Root delay
Total delay from local device to the master reference clock
Root dispersion
Dispersion of the local clock relative to the NTP server clock
Peer dispersion
Dispersion of the remote NTP server
Reference time
Reference timestamp
1.1.3 display ntp-service trace
Syntax
display ntp-service trace
View
Any view
Parameter
None
Description
Use the display ntp-service trace command to display the brief information about
every NTP server on the way from the local device to the reference clock source.
Example
<3Com> display ntp-service trace
server 127.0.0.1,stratum 8, offset 0.000000, synch distance 0.00000
refid 127.127.1.0
1.1.4 ntp-service access
Syntax
ntp-service access { query | synchronization | server | peer } acl-number
1-3
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
undo ntp-service access { query | synchronization | server | peer }
View
System view
Parameter
query: Allows to query the local NTP service only.
synchronization: Only allows the peer device to synchronize its clock to the local
device..
server: Allows the peer device to perform synchronization and control query to the
local device but does not permit the local device to synchronize its clock to the peer
device.
peer: Full access. This level of right permits the peer device to perform
synchronization and control query to the local device and also permits the local device
to synchronize its clock to the peer device.
acl-number: The IP address access control list number, ranging from 2000 to 2999.
Description
Use the ntp-service access command to set the right to access the local device
service.
Use the undo ntp-service access command to cancel the access authority settings.
By default, no right limit is configured.
Compared with authentication, setting the right to access and control the NTP services
is a basic and brief security measure. From the highest NTP service access-control
right to the lowest one are peer, server, synchronization, and query. When a device
receives an NTP request, it will perform an access control right match and will used
first matched right..
Example
# Configure to permit the remote switch defined in ACL 2000 to perform time
synchronization request, query and synchronization to the local device..
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service access peer 2000
# Configure to permit the remote switch defined in ACL 2000 to perform time
synchronization request and query to the local device.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service access synchronization 2000
1-4
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
1.1.5 ntp-service authentication enable
Syntax
ntp-service authentication enable
undo ntp-service authentication enable
View
System view
Parameter
None
Description
Use the ntp-service authentication enable command to enable the NTP-service
authentication function.
Use the undo ntp-service authentication enable command to disable this function.
By default, the authentication is disabled.
Example
# Enable NTP authentication function.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service authentication enable
1.1.6 ntp-service authentication-keyid
Syntax
ntp-service authentication-keyid number authentication-mode md5 value
undo ntp-service authentication-keyid number
View
System view
Parameter
number: Specifies the key number from 1 to 4,294,967,295.
value: Specifies the value of the key with 1 to 32 ASCII characters.
Description
Use the ntp-service authentication-keyid command to set an NTP authentication
key.
1-5
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
Use the undo ntp-service authentication-keyid command to cancel the NTP
authentication key.
By default, no authentication key is configured.
Currently the system supports MD5 authentication only.
Example
# Set MD5 authentication key 10 as hello.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service authentication-keyid 10 authentication-mode md5 hello
1.1.7 ntp-service broadcast-client
Syntax
ntp-service broadcast-client
undo ntp-service broadcast-client
View
VLAN interface view
Parameter
None
Description
Use the ntp-service broadcast-client command to configure NTP broadcast client
mode.
Use the undo ntp-service broadcast-client command to disable NTP broadcast
client mode.
By default, the NTP broadcast client mode is disabled.
Designate an interface on the local device to receive NTP broadcast packets. The
local device operates in broadcast client mode. The local device listens to the
broadcast packets from the server. When it receives the first broadcast packet, it starts
a brief client/server mode to exchange messages with a remote server for estimating
the network delay. Thereafter, the local device enters broadcast client mode and
continues listening to the broadcast packets and synchronizes the local clock based
on the arrived broadcast packets.
Example
# Configure to receive NTP broadcast packets through Vlan-interface 1.
<3Com> system-view
1-6
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] interface vlan-interface1
[3Com-Vlan-Interface1] ntp-service broadcast-client
1.1.8 ntp-service broadcast-server
Syntax
ntp-service broadcast-server [ authentication-keyid keyid version number ]
undo ntp-service broadcast-server
View
VLAN interface view
Parameter
authentication-keyid: Specifies an authentication key.
keyid: Key ID used in broadcast, ranging from 1 to 4,294,967,295.
version: Defines an NTP version number.
number: NTP version number, ranging from 1 to 3.
Description
Use the ntp-service broadcast-server command to configure NTP broadcast server
mode.
Use the undo ntp-service broadcast-server command to disable the NTP broadcast
server mode.
By default, the broadcast service is disabled. When no NTP version number is
specified, the default version number is 3.
Designate an interface on the local device to broadcast NTP packets. The local device
runs in broadcast-server mode and regularly broadcasts packets to its clients.
Example
# Configure to broadcast NTP packets through Vlan-interface 1. Encrypt them with
Key 4 and set the NTP version number to 3.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface vlan-interface1
[3Com-Vlan-Interface1] ntp-service broadcast-server authentication-key 4
version 3
1-7
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
1.1.9 ntp-service disable
Syntax
ntp-service disable
undo ntp-service disable
View
System view
Parameter
None
Description
Use the ntp-service disable command to disable the NTP service function.
Use undo ntp-service disable command to enable this function.
By default, the NTP service is enabled.
Example
# Disable NTP service on the device.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service disable
1.1.10 ntp-service in-interface disable
Syntax
ntp-service in-interface disable
undo ntp-service in-interface disable
View
VLAN interface view
Parameter
None
Description
Use the ntp-service in-interface disable command to disable an interface from
receiving NTP messages.
Use undo ntp-service in-interface disable command to enable an interface to
receive NTP messages.
1-8
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
By default, an interface is enabled to receive NTP messages.
Example
# Disable Vlan-interface 1 from receiving NTP message.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface vlan-interface1
[3Com-Vlan-Interface1] ntp-service in-interface disable
1.1.11 ntp-service max-dynamic-sessions
Syntax
ntp-service max-dynamic-sessions number
undo ntp-service max-dynamic-sessions
View
System view
Parameter
number: The maximum number of sessions that can be created locally, ranging from 0
to 100.
Description
Use the ntp-service max-dynamic-sessions command to set the maximum number
of dynamic sessions that can be created locally.
Use the undo ntp-service max-dynamic-sessions command to restore the default
value.
By default, a local device allows up to 100 dynamic sessions.
Note:
Only the sessions created in NTP peer mode, NTP broadcast client mode and NTP
multicast client mode are dynamic sessions. Other sessions are static sessions.
Example
# Set the local device to allow up to 50 sessions.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service max-dynamic-sessions 50
1-9
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
1.1.12 ntp-service multicast-client
Syntax
ntp-service multicast-client [ ip-address ]
undo ntp-service multicast-client [ ip-address ]
View
VLAN interface view
Parameter
ip-address: Specifies a multicast IP address of Class D.
Description
Use the ntp-service multicast-client command to configure the NTP multicast client
mode.
Use the undo ntp-service multicast-client command to disable the NTP multicast
client mode.
By default, the multicast client service is disabled. ip-address defaults to 224.0.1.1.
Designate an interface on the local device to receive NTP multicast packets. The local
device operates in the multicast client mode. The local device listens to the multicast
packets from the server. When it receives the first multicast packet, it starts a brief
client/server mode to exchange messages with a remote server for estimating the
network delay. Thereafter, the local device enters the multicast client mode and
continues listening to the multicast packets and synchronizes the local clock based on
the arrived multicast message.
Example
# Configure to receive NTP multicast packets to the multicast group address of
224.0.1.1 through Vlan-interface1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface vlan-interface 1
[3Com-Vlan-Interface1] ntp-service multicast-client 224.0.1.1
1.1.13 ntp-service multicast-server
Syntax
ntp-service multicast-server [ ip-address ] [ authentication-keyid keyid ] [ ttl
ttl-number ] [ version number ]*
undo ntp-service multicast-server [ ip-address ]
1-10
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
View
VLAN interface view
Parameter
ip-address: Specifies a multicast IP address of Class D and default to 224.0.1.1.
authentication-keyid: Specifies an authentication key.
keyid: Key ID used in multicast, ranging from 0 to 4,294,967,295.
ttl: Defines the time to live (TTL) of a multicast packet.
ttl-number: Specify the TTL of a multicast packet, ranging from 1 to 255.
version: Defines an NTP version number.
number: Specifies an NTP version number, ranging from 1 to 3.
Description
Use the ntp-service multicast-server command to configure NTP multicast server
mode. If no IP address is specified, the switch automatically chooses 224.0.1.1 as the
multicast IP address.
Use the undo ntp-service multicast-server command to disable NTP multicast
server mode, if no IP address is specified, the switch will disable the configuration of
the multicast IP address 224.0.1.1.
By default, the multicast service is disabled. IP address defaults to 224.0.1.1 and the
version number defaults to 3.
Designate an interface on the local device to transmit NTP multicast packets. The local
device operates in multicast-server mode and multicasts packets regularly to its
clients.
Example
# Configure to transmit NTP multicast packets encrypted with Key 4 through
VLAN-interface 1 at 224.0.1.1 and use NTP version 3.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface vlan-interface 1
[3Com-Vlan-Interface1]
ntp-service
multicast-server
authentication-keyid 4 version 3
1.1.14 ntp-service refclock-master
Syntax
ntp-service refclock-master [ ip-address ] [ stratum ]
undo ntp-service refclock-master [ ip-address ]
1-11
224.0.1.1
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
View
System view
Parameter
ip-address: Specifies the reference clock IP address as 127.127.1.u. Here, u ranges
from 0 to 3.
stratum: Specifies which stratum the local clock is located at. The value ranges from 1
to 15.
Description
Use the ntp-service refclock-master command to configure an external reference
clock or the local clock as an NTP master clock.
Use the undo ntp-service refclock-master command to cancel the NTP master clock
settings.
By default, no NTP master clock is configured. When ip-address is not specified, the
local clock is set to the NTP master clock by default. When stratum is not specified, the
local clock is located at stratum 8 by default.
You can use this command to designate an external reference clock or the local clock
as an NTP master clock to provide synchronized time to other devices. ip-address
specifies the IP address of an external clock as 127.127.1.u. If no IP address is
specified, the local clock is configured as the NTP master clock by default. You can
also specify the stratum at which the NTP master clock is located.
Example
# Specify the local clock as the NTP master clock to provide synchronized time for its
peers and locate the master clock at stratum 3.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service refclock-master 3
1.1.15 ntp-service reliable authentication-keyid
Syntax
ntp-service reliable authentication-keyid number
undo ntp-service reliable authentication-keyid number
View
System view
1-12
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
Parameter
number: Specifies the key number, ranging from 1 to 4,294,967,295.
Description
Use the ntp-service reliable authentication-keyid command to configure the key as
a reliable key.
Use the undo ntp-service reliable authentication-keyid command to cancel the
current setting.
By default, no reliable key is configured.
When you enable the authentication, you can use this command to configure one or
more than one reliable keys. In this case, a client only synchronizes to the server that
provides reliable keys.
Example
# Enable NTP authentication, adopt MD5 encryption, and designate Key 37 BetterKey
and configure it as a reliable key.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service authentication enable
[3Com] ntp-service authentication-keyid 37 authentication-mode md5 BetterKey
[3Com] ntp-service reliable authentication-keyid 37
1.1.16 ntp-service source-interface
Syntax
ntp-service source-interface interface-type interface-number
undo ntp-service source-interface
View
System view
Parameter
interface-type: Specifies an interface. This parameter is used to specify an interface
together with the interface-number parameter.
interface-number: Specifies an interface number. This parameter is used to specify an
interface with the interface-type parameter.
Description
Use the ntp-service source-interface command to designate an interface to transmit
NTP messages.
1-13
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
Use the undo ntp-service source-interface command to cancel the current setting.
By default, the source address depends on the output interface.
You can use this command to designate an interface of which the IP address will be
the source IP address in all the NTP packets sent by the local device so that the
remote device sends the response message to this interface only.
Example
# Configure all the outgoing NTP packets to use the IP address of Vlan-Interface1 as
their source IP address.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service source-interface Vlan-Interface 1
1.1.17 ntp-service unicast-peer
Syntax
ntp-service unicast-peer { ip-address | server-name } [ version number |
authentication-key keyid | source-interface interface-type interface-number |
priority ]*
undo ntp-service unicast-peer { ip-address | server-name }
View
System view
Parameter
ip-address: Specifies the IP address of a remote server.
server-name: Specifies the host name of an NTP server, containing 1 to 20 characters.
version: Defines an NTP version number.
number: NTP version number, ranging from 1 to 3.
authentication-keyid: Defines an authentication key.
keyid: Key ID used for transmitting messages to a remote server, ranging from 1 to
4,294,967,295.
source-interface: Specifies an interface name.
interface-type: Specifies the interface type and determines an interface together with
the interface-number parameter.
interface-number: Specifies the interface number and determines an interface together
with the interface-type parameter.
priority: Designates a server as the first choice.
1-14
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
Description
Use the ntp-service unicast-peer command to configure NTP peer mode.
Use the undo ntp-service unicast-peer command to cancel NTP peer mode.
By default, no NTP peer mode is configured. When you do not specify a version
number,
the
default
version
number
is
3.
When
you
do
not
specify
authentication-keyid, authentication is disabled and the local server is not the first
choice.
This command sets the remote server at ip-address as a peer of the local device,
which operates in symmetric active mode. ip-address specifies a host address other
than a broadcast address, multicast address, or the IP address of a reference clock.
Under this configuration, a local device can synchronize and be synchronized by a
remote server.
Example
# Configure the local device to synchronize or to be synchronized by a peer at
128.108.22.44. Set the NTP version to 3. The IP address of the NTP packets is taken
from that of VLAN-interface 1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service unicast-peer 131.108.22.33 version 3 source-interface
Vlan-Interface 1
1.1.18 ntp-service unicast-server
Syntax
ntp-service unicast-server { ip-address | server-name } [ version number |
authentication-keyid keyid | source-interface interface-type interface-number |
priority ]*
undo ntp-service unicast-server { ip-address | server-name }
View
System view
Parameter
ip-address: Specifies the IP address of a remote server.
server-name: Specifies the host name of an NTP server, containing 1 to 20 characters.
version: Defines an NTP version number.
number: NTP version number, ranging from 1 to 3.
authentication-keyid: Defines an authentication key.
1-15
3Com Switch 7750 Series
Command Reference Guide – NTP
Chapter 1 NTP Configuration Commands
keyid: Key ID used for transmitting messages to a remote server, ranging from 1 to
4,294,967,295.
source-interface: Specifies an interface name.
interface-type: Specifies an interface type and determines an interface together with
the interface-number parameter.
interface-number: Specifies an interface number and determines an interface together
with the interface-type parameter.
priority: Designate a server as the first choice.
Description
Use the ntp-service unicast-server command to configure NTP server mode. Use
the undo ntp-service unicast-server command to disable NTP server mode.
By default, no NTP server mode is configured. When you do not specify a version
number,
the
default
version
number
is
3.
When
you
do
not
specify
authentication-keyid, authentication is disabled.
The command announces to use the remote server at ip-address as the local time
server. ip-address specifies a host address other than a broadcast address, multicast
address, or the IP address of a reference clock. By operating in client mode, a local
device can be synchronized by a remote server, but not synchronize any remote
server.
Example
# Designate the server at 128.108.22.44 to synchronize the local device and use NTP
version 3.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ntp-service unicast-server 128.108.22.44 version 3
1-16
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Table of Contents
Table of Contents
Chapter 1 SSH Terminal Service Configuration Commands .................................................... 1-1
1.1 SSH Server Configuration Commands .............................................................................. 1-1
1.1.1 display rsa local-key-pair public .............................................................................. 1-1
1.1.2 display rsa peer-public-key ..................................................................................... 1-2
1.1.3 display ssh server ................................................................................................... 1-3
1.1.4 display ssh user-information ................................................................................... 1-5
1.1.5 peer-public-key end................................................................................................. 1-5
1.1.6 protocol inbound...................................................................................................... 1-6
1.1.7 public-key-code begin ............................................................................................. 1-7
1.1.8 public-key-code end ................................................................................................ 1-8
1.1.9 rsa local-key-pair create.......................................................................................... 1-9
1.1.10 rsa local-key-pair destroy .................................................................................... 1-10
1.1.11 rsa peer-public-key.............................................................................................. 1-11
1.1.12 ssh authentication-type default ........................................................................... 1-12
1.1.13 ssh server authentication-retries ......................................................................... 1-13
1.1.14 ssh server compatible-ssh1x enable................................................................... 1-13
1.1.15 ssh server rekey-interval ..................................................................................... 1-14
1.1.16 ssh server timeout............................................................................................... 1-15
1.1.17 ssh user assign rsa-key ...................................................................................... 1-16
1.1.18 ssh user authentication-type ............................................................................... 1-16
1.2 SSH Client Configuration Commands ............................................................................. 1-18
1.2.1 display ssh server-info .......................................................................................... 1-18
1.2.2 public-key-code begin ........................................................................................... 1-18
1.2.3 public-key-code end .............................................................................................. 1-19
1.2.4 quit......................................................................................................................... 1-20
1.2.5 rsa peer-public-key................................................................................................ 1-20
1.2.6 ssh client assign rsa-key ....................................................................................... 1-21
1.2.7 ssh client first-time enable..................................................................................... 1-22
1.2.8 ssh2....................................................................................................................... 1-23
1.3 SFTP Server Configuration Commands .......................................................................... 1-24
1.3.1 sftp server enable.................................................................................................. 1-24
1.3.2 ssh user service-type ............................................................................................ 1-25
1.4 SFTP Client Configuration Commands ........................................................................... 1-26
1.4.1 bye......................................................................................................................... 1-26
1.4.2 cd........................................................................................................................... 1-26
1.4.3 cdup....................................................................................................................... 1-27
1.4.4 delete..................................................................................................................... 1-28
1.4.5 dir .......................................................................................................................... 1-28
i
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Table of Contents
1.4.6 exit......................................................................................................................... 1-29
1.4.7 get ......................................................................................................................... 1-29
1.4.8 help........................................................................................................................ 1-30
1.4.9 ls............................................................................................................................ 1-31
1.4.10 mkdir.................................................................................................................... 1-31
1.4.11 put ....................................................................................................................... 1-32
1.4.12 pwd...................................................................................................................... 1-32
1.4.13 quit....................................................................................................................... 1-33
1.4.14 remove ................................................................................................................ 1-33
1.4.15 rename ................................................................................................................ 1-34
1.4.16 rmdir .................................................................................................................... 1-34
1.4.17 sftp....................................................................................................................... 1-35
ii
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Chapter 1 SSH Terminal Service Configuration
Commands
1.1 SSH Server Configuration Commands
1.1.1 display rsa local-key-pair public
Syntax
display rsa local-key-pair public
View
Any view
Parameter
None
Description
Use the display rsa local-key-pair public command to display the public key of the
host key pair (3Com_Host) and the public key of the server key pair (3Com_Server).
Related command: rsa local-key-pair create.
Example
# Display the public keys of the server key pair and host key pair.
<3Com> display rsa local-key-pair public
=====================================================
Time of Key pair created: 16:51:29
2006/04/27
Key name: 3Com_Host
Key type: RSA encryption Key
=====================================================
Key code:
3047
0240
E4B60800 48C19975 3D912FCE 0BBEA711 3E4B94D0
E8E6A080 F4D5D2DA 4BCBAF07 B9F91198 FE9937C6
EE0C7AEE 1B8C06F0 8BF01F36 05CF26DB F789A2D8
23182ECB
0203
1-1
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
010001
Host public key for PEM format code:
---- BEGIN SSH2 PUBLIC KEY ---AAAAB3NzaC1yc2EAAAADAQABAAAAQQDktggASMGZdT2RL84LvqcRPkuU0OjmoID0
1dLaS8uvB7n5EZj+mTfG7gx67huMBvCL8B82Bc8m2/eJotgjGC7L
---- END SSH2 PUBLIC KEY ----
Public key code for pasting into OpenSSH authorized_keys file :
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAAAQQDktggASMGZdT2RL84LvqcRPkuU0OjmoID01dLaS8uv
B7n5EZj+mTfG7gx67huMBvCL8B82Bc8m2/eJotgjGC7L rsa-key
=====================================================
Time of Key pair created: 16:51:55
2006/04/27
Key name: 3Com_Server
Key type: RSA encryption Key
=====================================================
Key code:
3067
0260
E1D3BAFE 5E646CF2 241602A1 2FF9AF7F 4AE5A7DE
02894012 1A733A4B 3ABA2F65 DB8CE292 644BB45C
2613F773 BC67C912 DCDACBF6 11DF66CA B48A9F0F
97886142 DB845B18 9C956B16 76D7C8BC 7E355894
CC2854F0 0D29376C 5F30F7A5 98A64CAD
0203
010001
1.1.2 display rsa peer-public-key
Syntax
display rsa peer-public-key [ brief | name keyname ]
View
Any view
Parameter
brief: Displays brief information about all public keys on the client.
keyname: Name of the client public key, a string of 1 to 64 characters.
1-2
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Description
Use the display rsa peer-public-key command to display the client public key of the
specified RSA key pair. If no key name is specified, the command displays the bits
number and names of all public keys of the client.
Example
# Display all public keys on the client.
<3Com> display rsa peer-public-key brief
Address
Bits
Name
--------------------------1024
192.168.0.39
# Display the public key named abc of the client key pair.
<3Com> display rsa peer-public-key name abc
=====================================
Key name: abc
Key address:
=====================================
Key Code:
308186
028180
739A291A BDA704F5 D93DC8FD F84C4274 631991C1 64B0DF17 8C55FA83 3591C7D4
7D5381D0 9CE82913 D7EDF9C0 8511D83C A4ED2B30 B809808E B0D1F52D 045DE408
61B74A0E 135523CC D74CAC61 F8E58C45 2B2F3F2D A0DCC48E 3306367F E187BDD9
44018B3B 69F3CBB0 A573202C 16BB2FC1 ACF3EC8F 828D55A3 6F1CDDC4 BB45504F
0201
25
1.1.3 display ssh server
Syntax
display ssh server { status | session }
View
Any view
Parameter
status: Displays SSH status information.
session: Displays SSH session information.
1-3
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Description
Use the display ssh server command to display the status or session information
about the SSH server.
Related command: ssh server authentication-retries, ssh server timeout.
Example
# Display the status information about the SSH server.
<3Com> display ssh server status
SSH version : 1.99
SSH connection timeout : 60 seconds
SSH server key generating interval : 0 hours
SSH Authentication retries : 3 times
SFTP Server: Enable
Caution:
z
If you use the ssh server compatible-ssh1x enable command to configure the server
to be compatible with the client of SSHv1.x version, the SSH version will be
displayed as 1.99.
z
If you use the undo ssh server compatible-ssh1x enable command to configure the
server to be not compatible with the client of SSHv1.x version, the SSH version will
be displayed as 2.0.
# Display the session information about the SSH server.
<3Com> display ssh server session
Conn
Ver
Encry
State
Retry
SerType
Username
VTY 0
2.0
AES
started
0
stelnet
kk
VTY 1
2.0
AES
started
0
sFTP
abc
Table 1-1 Description on the fields of the display ssh server session command
Field
Description
Conn
Number of VTY interface used for user login
Ver
SSH version
Encry
Encryption algorithm used by SSH. Encry is short for encryption.
The encryption algorithms in common use are advanced
encryption standard (AES), data encryption standard (DES), and
triple DES (3DES).
State
Current state
1-4
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Field
Description
Retry
Number of retries
SerType
Type of service
Username
User name
1.1.4 display ssh user-information
Syntax
display ssh user-information [ username ]
View
Any view
Parameter
username: SSH user name, a string of 1 to 80 characters.
Description
Use the display ssh user-information command to display information about the
current SSH users, including user name, authentication mode, corresponding public
key name and authorized service types. If the username is specified, the command
displays information about the specified user.
Example
# Display information about the current user.
<3Com> display ssh user-information
Username
kk
Authentication-type
rsa
User-public-key-name
test
1.1.5 peer-public-key end
Syntax
peer-public-key end
View
Public key view
Parameter
None
1-5
Service-type
sftp
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Description
Use the peer-public-key end command to return to system view from public key view.
Related command: rsa peer-public-key, public-key-code begin.
Example
# Exit from public key view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rsa peer-public-key 3Com003
[3Com-rsa-public-key] peer-public-key end
[3Com]
1.1.6 protocol inbound
Syntax
protocol inbound { all | ssh | telnet }
View
VTY user interface view
Parameter
all: Supports all protocols, including Telnet and SSH.
ssh: Supports only SSH.
telnet: Supports only Telnet.
Description
Use the protocol inbound command to configure the protocols supported in the
current user interface.
By default, both SSH and Telnet are supported.
After you use this command with SSH enabled, your configuration cannot take effect
until next login if no RSA key pair is configured.
1-6
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Caution:
z
When SSH protocol is specified, to ensure a successful login, you must configure
the AAA authentication using the authentication-mode scheme command.
z
The
protocol
inbound
ssh
configuration
fails
if
you
configured
authentication-mode password or authentication-mode none. When you
configured SSH protocol successfully for the user interface, then you cannot
configure authentication-mode password or authentication-mode none any
more.
Related command: user-interface vty.
Example
# Configure vty0 through vty4 to support SSH only.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] user-interface vty 0 4
[3Com-ui-vty0-4] authentication-mode scheme
[3Com-ui-vty0-4] protocol inbound ssh
1.1.7 public-key-code begin
Syntax
public-key-code begin
View
Public key view
Parameter
None
Description
Use the public-key-code begin command to enter public key edit view and input the
client public key.
You can key in a blank space between characters (since the system can remove the
blank space automatically), or press to continue your input at the next line. But
the public key, which is generated randomly by the SSHv2.0-supporting client software,
should be composed of hexadecimal characters.
Related command: rsa peer-public-key, public-key-code end.
1-7
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Example
# Enter public key edit view and input client public keys.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rsa peer-public-key 3Com003
[3Com-rsa-public-key] public-key-code begin
[3Com-key-code] 308186028180739A291ABDA704F5D93DC8FDF84C427463
[3Com-key-code] 1991C164B0DF178C55FA833591C7D47D5381D09CE82913
[3Com-key-code] D7EDF9C08511D83CA4ED2B30B809808EB0D1F52D045DE4
[3Com-key-code] 0861B74A0E135523CCD74CAC61F8E58C452B2F3F2DA0DC
[3Com-key-code] C48E3306367FE187BDD944018B3B69F3CBB0A573202C16
[3Com-key-code] BB2FC1ACF3EC8F828D55A36F1CDDC4BB45504F020125
[3Com-key-code] public-key-code end
[3Com-rsa-public-key]
1.1.8 public-key-code end
Syntax
public-key-code end
View
Public key edit view
Parameter
None
Description
Use the public-key-code end command to return from public key edit view to public
key view and save the public keys you set.
After you use this command to terminate the public key editing, public key validity will
be checked before the keys are saved.
z
If there are illegal characters in the keys, the prompt will be given and the keys will
be discarded. Your configuration this time fails.
z
If the keys are valid, they will be saved in the local public key list.
Related command: rsa peer-public-key, public-key-code begin.
Example
# Exit from public key edit view and save the public keys.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]rsa peer-public-key kk
1-8
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
[3Com-rsa-public-key]public-key-code begin
[3Com-rsa-key-code] public-key-code end
[3Com-rsa-public-key]
1.1.9 rsa local-key-pair create
Syntax
rsa local-key-pair create
View
System view
Parameter
None
Description
Use the rsa local-key-pair create command to generate RSA key pairs, including the
host key pair and the server key pair.
z
The name of the host key pair is in the format of switch name plus _Host, for
example, 3Com_Host.
z
The name of the server key pair is in the format of switch name plus _Server, for
example, 3Com_Server.
Note:
z
Server key pair (3Com_Server) is not used in SSHv2.0; therefore, when the rsa
local-key-pair create command is executed, the system only prompts you the host
RSA key pair (3Com_Host) is generated, and does not inform you the information
about the server key pair even if the server key pair is generated in the background
for the purpose of SSHv1.x compatibility. You can use the display rsa
local-key-pair public command to display the generated key pairs.
After you configure the rsa local-key-pair create command, the system prompts you
to define the key length.
z
In SSHv1.x, the key length is in the range of 512 to 2,048 (bits).
z
In SSHv2.0, the key length is in the range of 768 to 2048 (bits).
z
If you use this command to generate an RSA key provided an old one exists, the
system will prompt you to replace the previous one or not.
1-9
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
For a successful SSH login, you must generate the local RSA key pairs first. You just
need to execute the command once, with no further action required even after the
system is rebooted.
Related command: rsa local-key-pair destroy, display rsa local-key-pair public,
ssh server compatible-ssh1x enable.
Example
# Generate a local RSA key pair.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rsa local-key-pair create
The key name will be: 3Com_Host
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:
Generating keys...
....++++++++++++
........++++++++++++
..................++++++++
..........................................................................
.....+
+++++++
..........
1.1.10 rsa local-key-pair destroy
Syntax
rsa local-key-pair destroy
View
System view
Parameter
None
Description
Use the rsa local-key-pair destroy command to destroy all existing RSA key pairs at
the server end.
Related command: rsa local-key-pair create.
1-10
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Example
# Destroy all existing RSA key pairs at the server end.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rsa local-key-pair destroy
% The name for the keys which will be destroyed is 3Com_Host .
% Confirm to destroy these keys? [Y/N]:y
......................
1.1.11 rsa peer-public-key
Syntax
rsa peer-public-key key-name
undo rsa peer-public-key key-name
View
System view
Parameter
key-name: Client public key name, a string of 1 to 64 characters.
Description
Use the undo rsa peer-public-key key-name command to delete the configured client
public key.
After you input the rsa peer-public-key command, you will enter public key view. You
can use the command along with the public-key-code begin command to configure
on the server client public keys, which are generated randomly by the
SSHv2.0-supporting client software.
Related command: public-key-code begin, public-key-code end.
Example
# Enter 3Com002 public key view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rsa peer-public-key 3Com002
[3Com-rsa-public-key]
# Delete the client public key named 192.168.0.39.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] undo rsa peer-public-key 192.168.0.39
1-11
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
% Do you really want to remove the public key named 192.168.0.39 ? [Y/N]:y
[3Com]
1.1.12 ssh authentication-type default
Syntax
ssh authentication-type default { password | rsa | password-publickey | all }
undo ssh authentication-type default
View
System view
Parameter
password: Specifies the authentication type as password.
rsa: Specifies the authentication type as RSA public key.
password-publickey: Specifies the authentication type as both password and RSA
public key, that is, the user can pass the authentication only if both the password and
RSA public key are correct.
all: Specifies the authentication type as password or RSA public key, that is, the user
can pass the authentication if either the password or RSA public key is correct.
Description
Use the ssh authentication-type default command to specify a default authentication
type for SSH users.After the command is configured, when a SSH user is added, if you
do not use the ssh user authentication-type command to specify an authentication
type for the user, the user needs to pass the default authentication type.
Use the undo ssh authentication-type default command to cancel the default
authentication type, that is, no default authentication type is specified.Then when a
SSH user is added, you must specify an authentication type for the user at the same
time.
By default, no default authentication type is specified.
Related command: ssh user authentication-type.
Example
# Specifies the default authentication type as password.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] ssh authentication-type default password
1-12
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
1.1.13 ssh server authentication-retries
Syntax
ssh server authentication-retries times
undo ssh server authentication-retries
View
System view
Parameter
times: Authentication retry times. It is in the range of 1 to 5 and defaults to 3.
Description
Use the ssh server authentication-retries command to set the authentication retry
times for SSH connections.
Use the undo ssh server authentication-retries command to restore the default
authentication retry times, which will take effect at next login.
Related command: display ssh server.
Note:
If you have used the ssh user authentication-type command to configure the
authentication type to password-publickey, you must set the authentication retry
times to a number greater than or equal to 2, for one is counted when a client sends a
public key to the server.
Example
# Set the authentication retry number to 4.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ssh server authentication-retries 4
1.1.14 ssh server compatible-ssh1x enable
Syntax
ssh server compatible-ssh1x enable
undo ssh server compatible-ssh1x
1-13
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
View
System view
Parameter
None
Description
Use the ssh server compatible-ssh1x enable command to make the server
compatible with the SSHv1.x version-supporting client.
Use the undo ssh server compatible-ssh1x enable command to make the server not
compatible with the SSH1v.x version-supporting client.
By default, the server is compatible with the SSHv1.x version-supporting client.
Example
# Specify the server compatible with the SSHv1.x version-supporting client.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ssh server compatible-ssh1x enable
1.1.15 ssh server rekey-interval
Syntax
ssh server rekey-interval hours
undo ssh server rekey-interval
View
System view
Parameter
hours: Update period of the server key, in hours, ranging from 1 to 24.
Description
Use the ssh server rekey-interval command to set the update interval for the server
key.
Use the undo ssh server rekey-interval command to cancel the current configuration.
By default, the system does not update the server key.
1-14
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Caution:
This command is only effective on users whose client version is SSHv1.x.
Example
# Set the update interval of the server key to 3 hours.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ssh server rekey-interval 3
1.1.16 ssh server timeout
Syntax
ssh server timeout seconds
undo ssh server timeout
View
System view
Parameter
seconds: Authentication timeout time. It is in the range of 1 to 120 (seconds) and
defaults to 60 seconds.
Description
Use the ssh server timeout command to set authentication timeout time for SSH
connections.
Use the undo ssh server timeout command to restore the default timeout time. The
default value takes effect at next login.
Related command: display ssh server.
Example
# Set the authentication timeout time to 80 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ssh server timeout 80
1-15
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
1.1.17 ssh user assign rsa-key
Syntax
ssh user username assign rsa-key keyname
undo ssh user username assign rsa-key
View
System view
Parameter
username: SSH user name, a string of 1 to 80 characters.
keyname: Client public key name, a string of 1 to 64 characters.
Description
Use the ssh user assign rsa-key command to allocate public keys to SSH users.
Use the undo ssh user assign rsa-key command to remove the association between
the public keys and SSH users. The configuration takes effect at the next login.
If the user already has a public key, the new public key overrides the old one.
Related command: display ssh user-information.
Example
# Set the client public key for the kk user to key1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ssh user kk assign rsa-key key1
[3Com]
1.1.18 ssh user authentication-type
Syntax
ssh user username authentication-type { password | rsa | password-publickey |
all }
undo ssh user username authentication-type
View
System view
Parameter
username: Valid SSH user name, a string of 1 to 80 characters.
password: Specifies the authentication type as password.
1-16
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
rsa: Specifies the authentication type as RSA public key.
password-publickey: Specifies the authentication type as both password and RSA
public key. That is, the user can pass the authentication only if both the password and
RSA public key are correct.
Note:
For the password-publickey authentication type:
z
SSH1.x client users can access the switch as long as they pass one of the two
authentications.
z
SSH2.0 client users can access the switch only when they pass both the
authentications.
all: Specifies the authentication type as either password or RSA public key. That is, the
user can pass the authentication if either the password or RSA public key is correct.
Description
Use the ssh user authentication-type command to define on the server the available
authentication type for an SSH user.
Use the undo ssh user authentication-type command to restore the default setting.
Note:
This command defines available authentication type on the server. The actual
authentication type, however, is determined by the client.
By default, no authentication type is specified for new users, so they cannot access the
switch.
For new users, the server must specify authentication type for them through the ssh
user authentication-type command. Otherwise, they cannot access the switch. The
new authentication type configured takes effect at the next login.
Related command: display ssh user-information.
Example
# Set the authentication type for the kk user as password.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ssh user kk authentication-type password
1-17
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
1.2 SSH Client Configuration Commands
1.2.1 display ssh server-info
Syntax
display ssh server-info
View
Any view
Parameter
None
Description
Use the display ssh server-info command to display the association between the
server public keys configured on the client and the servers.
Example
# Display the association between the server public keys and the servers.
[3Com] display ssh server-info
Server Name(IP)
Server public key name
______________________________________________________
192.168.0.1
abc_key01
192.168.0.2
abc_key02
1.2.2 public-key-code begin
Syntax
public-key-code begin
View
Public key view
Parameter
None
Description
Use the public-key-code begin command to enter public key edit view and set server
public keys.
You can key in a blank space between characters (since the system can remove the
blank space automatically), or press to continue your input at the next line. But
1-18
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
the public key, which are generated randomly after you use the rsa local-key-pair
create command on the server, should be composed of hexadecimal characters.
Related command: rsa peer-public-key, public-key-code end.
Example
# Enter public key edit view and set server public keys.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rsa peer-public-key 3Com003
[3Com-rsa-public-key] public-key-code begin
[3Com-rsa-key-code] 308186028180739A291ABDA704F5D93DC8FDF84C427463
[3Com-rsa-key-code] 1991C164B0DF178C55FA833591C7D47D5381D09CE82913
[3Com-rsa-key-code] D7EDF9C08511D83CA4ED2B30B809808EB0D1F52D045DE4
[3Com-rsa-key-code] 0861B74A0E135523CCD74CAC61F8E58C452B2F3F2DA0DC
[3Com-rsa-key-code] C48E3306367FE187BDD944018B3B69F3CBB0A573202C16
[3Com-rsa-key-code] BB2FC1ACF3EC8F828D55A36F1CDDC4BB45504F020125
[3Com-rsa-key-code] public-key-code end
[3Com-rsa-public-key]
1.2.3 public-key-code end
Syntax
public-key-code end
View
Public key edit view
Parameter
None
Description
Use the public-key-code end command to return from public key edit view to public
key view and save the public keys you set.
After you use this command to terminate the public key editing, public key validity will
be checked before the keys are saved.
z
If there are illegal characters in the keys, the prompt will be given and the keys will
be discarded. Your configuration this time fails.
z
If the keys are valid, they will be saved in the client list.
Related command: rsa peer-public-key, public-key-code begin.
1-19
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Example
# Exit from public key edit view and save the public keys.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rsa peer-public-key 3Com003
[3Com-rsa-public-key] public-key-code begin
[3Com-rsa-key-code] public-key-code end
[3Com-rsa-public-key]
1.2.4 quit
Syntax
quit
View
User view
Parameter
None
Description
Use the quit command to terminate the connection to the remote SSH server.
Example
# Terminate the connection to the remote SSH server.
<3Com> quit
1.2.5 rsa peer-public-key
Syntax
rsa peer-public-key key-name
undo rsa peer-public-key key-name
View
System view
Parameter
key-name: Server public key name, a string of 1 to 64 characters.
Description
Use the rsa peer-public-key command to enter public key view.
1-20
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Use the undo rsa peer-public-key key-name command to delete the configured
server public key.
You can use the rsa peer-public-key command along with the public-key-code begin
command to configure on the client the server public keys, which are generated
randomly after you use the rsa local-key-pair create command.
Related command: public-key-code begin, public-key-code end, rsa local-key-pair
create.
Example
# Enter 3Com002 public key view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rsa peer-public-key 3Com002
[3Com-rsa-public-key]
1.2.6 ssh client assign rsa-key
Syntax
ssh client { server-ip | server-name } assign rsa-key keyname
undo ssh client server-ip assign rsa-key
View
System view
Parameter
server-ip: Server IP address.
server-name: Server name, a string of 1 to 80 characters.
keyname: Server public key name, a string of 1 to 64 characters.
Description
Use the ssh client assign rsa-key command to specify on the client the public key for
the server to be connected to guarantee the client can be connected to a reliable
server.
Use the undo ssh client assign rsa-key command to remove the association
between the public keys and servers.
Example
# Specify on the client the public key of the server (with IP address 192.168.0.1) as abc.
<3Com> system-view
System View: return to User View with Ctrl+Z.
1-21
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
[3Com] ssh client 192.168.0.1 assign rsa-key abc
1.2.7 ssh client first-time enable
Syntax
ssh client first-time enable
undo ssh client first-time
View
System view
Parameter
None
Description
Use the ssh client first-time enable command to configure the client to run the initial
authentication.
Use the undo ssh client first-time command to remove the configuration.
Note:
In the initial authentication, if the SSH client does not have the public key for the server
which it accesses for the first time, the client continues to access the server and save
locally the public key of the server. Then at the next access, the client can authenticate
the server with the public key saved locally.
When the initial authentication function is not available, the client does not access the
server if it does not have the public key of the server locally. In this case, you need first
to save the public key of the target server to the client in other ways.
By default, the client runs the initial authentication.
Example
# Configure the client to run the initial authentication.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ssh client first-time enable
1-22
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
1.2.8 ssh2
Syntax
ssh2 { host-ip | host-name } [ port-num ] [ prefer_kex { dh_group1 |
dh_exchange_group } ] [ prefer_ctos_cipher { des | aes128 } ] [ prefer_stoc_cipher
{ des | aes128 } ] [ prefer_ctos_hmac { sha1 | sha1_96 | md5 | md5_96 } ]
[ prefer_stoc_hmac { sha1 | sha1_96 | md5 | md5_96 } ]
View
System view
Parameter
host-ip: Server IP address.
host-name: Server name, a string of 1 to 20 characters.
port-num: Server port number. It is in the range of 0 to 65,535 and defaults to 22.
prefer_kex: Key exchange algorithm preference. Choose one of the two algorithms
available.
dh_group1: Diffie-Hellman-group1-sha1 key exchange algorithm. It is the default
algorithm.
dh_exchange_group: Diffie-Hellman-group-exchange-sha1 key exchange algorithm.
prefer_ctos_cipher: Encryption algorithm preference from the client to server. It
defaults to AES128.
prefer_stoc_cipher: Encryption algorithm preference from the server to client. It
defaults to AES128.
des: DES_cbc encryption algorithm.
aes128: AES_128 encryption algorithm.
prefer_ctos_hmac: HMAC algorithm preference from the client to server. It defaults to
SHA1_96.
prefer_stoc_hmac: HMAC algorithm preference from the server to client. It defaults to
SHA1_96.
sha1: HMAC-SHA1 algorithm.
sha1_96: HMAC-SHA1_96 algorithm.
md5: HMAC-MD5 algorithm.
md5_96: HMAC-MD5-96 algorithm.
1-23
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Note:
z
DES (Data Encryption Standard) is the standard algorithm for data encryption.
z
AES (Advanced Encryption Standard) is the advanced encryption standard
algorithm.
Description
Use the ssh2 command to enable the connection between SSH client and server,
define key exchange algorithm preference, encryption algorithm preference and HMAC
algorithm preference on the server and client.
Example
# Log in to the remote SSHv2.0 server with IP address 10.1.1.2 and adopt the default
encryption algorithm.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ssh2 10.1.1.2
Username: 123
Trying 10.1.1.2 ...
Press CTRL+K to abort
Connected to 10.1.1.2 ...
The Server is not authenticated. Do you continue access it?(Y/N):y
Do you want to save the server's public key?(Y/N):n
Enter password:
**************************************************************************
*
Copyright(c) 1998-2006 3Com Corporation.
*
Without the owner's prior written consent,
All rights reserved.*
* no decompiling or reverse-engineering shall be allowed.
*
*
**************************************************************************
<3Com>
1.3 SFTP Server Configuration Commands
1.3.1 sftp server enable
Syntax
sftp server enable
1-24
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
undo sftp server
View
System view
Parameter
None
Description
Use the sftp server enable command to enable the secure FTP (SFTP) server.
Use the undo sftp server enable command to disable the SFTP server.
By default, the SFTP server is disabled.
Example
# Enable the SFTP server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] sftp server enable
1.3.2 ssh user service-type
Syntax
ssh user username service-type { stelnet | sftp | all }
undo ssh user username service-type
View
System view
Parameter
username: Local user name or the user name defined on the remote RADIUS server, a
string of 1 to 80 characters.
stelnet: Sets the service type to Telnet.
sftp: Sets the service type to SFTP.
all: Includes Telnet and SFTP two services types.
Description
Use the ssh user service-type command to specify service type for a user.
Use the undo ssh user service-type command to restore the default service type for
the SSH user in the system.
The default service type for the SSH user is stelnet.
1-25
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Related command: display ssh user-information.
Example
# Specify SFTP service for SSH user kk.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ssh user kk service-type sftp
1.4 SFTP Client Configuration Commands
1.4.1 bye
Syntax
bye
View
SFTP Client view
Parameter
None
Description
Use the bye command to terminate the connection to the remote SFTP server and
return to system view.
This command has the same function as the exit and quit commands.
Example
# Terminate the connection to the remote SFTP server.
sftp-client> bye
Bye
[3Com]
1.4.2 cd
Syntax
cd [ remote-path ]
View
SFTP Client view
Parameter
remote-path: Name of a path on the server.
1-26
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Description
Use the cd command to change the current path on the remote SFTP server. If you did
not specify the remote-path argument, the current path is displayed.
Note:
You can use the cd.. command to return to the upper level directory.
You can use the cd / command to return to the root directory of the system (that is,
flash:/).
Example
# Change current path to new1.
sftp-client> cd new1
Current Directory is:
flash:/new1
1.4.3 cdup
Syntax
cdup
View
SFTP Client view
Parameter
None
Description
Use the cdup command to return the current path on the remote SFTP server to the
upper directory.
Example
# Return to the upper directory.
sftp-client> cdup
Current Directory is:
flash:/
1-27
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
1.4.4 delete
Syntax
delete remote-file
View
SFTP Client view
Parameter
remote-file: Name of a file on the server.
Description
Use the delete command to delete the specified file from the remote SFTP server.
This command has the same function as the remove command.
Example
# Delete file test.txt from the server.
sftp-client> delete test.txt
The followed File will be deleted:
flash:/test.txt
Are you sure to delete it?(Y/N):y
This operation may take a long time.Please wait...
File successfully Removed
1.4.5 dir
Syntax
dir [ remote-path ]
View
SFTP Client view
Parameter
remote-path: Name of the intended directory.
Description
Use the dir command to display the specified directory on the remote SFTP server.
If the remote-path argument is not specified, the files in the current directory are
displayed.
This command has the same function as the ls command.
1-28
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Example
# Display the files in directory flash:/.
sftp-client> dir flash:/
-rwxrwxrwx
1 noone
nogroup
1759 Aug 23 06: 52 vrpcfg.cfg
-rwxrwxrwx
1 noone
nogroup
225 Aug 24 08: 01 pubkey2
-rwxrwxrwx
1 noone
nogroup
283 Aug 24 07: 39 pubkey1
-rwxrwxrwx
1 noone
nogroup
225 Sep 28 08: 28 pub1
drwxrwxrwx
1 noone
nogroup
0 Sep 28 08: 24 new1
drwxrwxrwx
1 noone
nogroup
0 Sep 28 08: 18 new2
-rwxrwxrwx
1 noone
nogroup
225 Sep 28 08: 30 pub2
1.4.6 exit
Syntax
exit
View
SFTP Client view
Parameter
None
Description
Use the exit command to terminate the connection to the remote SFTP server and
return to system view.
This command has the same function as the bye and quit commands.
Example
# Terminate the connection to the remote SFTP server.
sftp-client> exit
Bye
[3Com]
1.4.7 get
Syntax
get remote-file [ local-file ]
View
SFTP Client view
1-29
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Parameter
remote-file: Name of the source file on the remote SFTP server.
local-file: Name assigned to the file to be saved at the local end.
Description
Use the get command to download and save a file from a remote server.
If no local file name is specified, the name of the source file is used by default.
Example
# Download file tt.bak and save it with name tt.txt.
sftp-client>get tt.bak tt.txt....
Remote
file: flash:/tt.bak --->
Local file: tt.txt..
Downloading file successfully ended
1.4.8 help
Syntax
help [ command ]
View
SFTP Client view
Parameter
command: Name of a command.
Description
Use the help command to get the help information about the specified or all SFTP client
commands.
If the command argument is not specified, the help information about all commands is
displayed.
Example
# Display the help information about the get command.
sftp-client> help get
get remote-path [local-path]
Download file.Default local-path is the same
with remote-path
1-30
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
1.4.9 ls
Syntax
ls [ remote-path ]
View
SFTP Client view
Parameter
remote-path: Name of the intended directory.
Description
Use the ls command to display the files in the specified directory on the remote SFTP
server..
If the remote-path argument is not specified, the files in the current directory are
displayed.
This command has the same function as the dir command.
Example
# Display the files in directory flash: /.
sftp-client> ls flash:/
-rwxrwxrwx
1 noone
nogroup
-rwxrwxrwx
1 noone
nogroup
1759 Aug 23 06:52 vrpcfg.cfg
225 Aug 24 08:01 pubkey2
-rwxrwxrwx
1 noone
nogroup
283 Aug 24 07:39 pubkey1
-rwxrwxrwx
1 noone
nogroup
225 Sep 28 08:28 pub1
drwxrwxrwx
1 noone
nogroup
0 Sep 28 08:24 new1
drwxrwxrwx
1 noone
nogroup
0 Sep 28 08:18 new2
-rwxrwxrwx
1 noone
nogroup
225 Sep 28 08:30 pub2
1.4.10 mkdir
Syntax
mkdir remote-path
View
SFTP Client view
Parameter
remote-path: Name of a directory on the remote SFTP server.
1-31
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Description
Use the mkdir command to create a directory on the remote SFTP server.
Example
# Create directory hj test on the remote SFTP server.
sftp-client>mkdir hj
New directory created
1.4.11 put
Syntax
put local-file [ remote-file ]
View
SFTP Client view
Parameter
local-file: Name of the source file at the local end.
remote-file: Name assigned to the file to be saved on the remote SFTP server.
Description
Use the put command to upload a local file to the remote SFTP server.
If no name is specified for the file to be saved on the remote SFTP server, the name of
the source file is used.
Example
# Upload local file vrpcfg.cfg to the remote SFTP server and save it with the name 1.txt.
sftp-client>put temp.c vrpcfg.cfg 1.txt
Local file:vrpcfg.cfg --->
Remote file: flash:/1.txt
Uploading file successfully ended
1.4.12 pwd
Syntax
pwd
View
SFTP Client view
Parameter
None
1-32
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Description
Use the pwd command to display the current directory on the SFTP server.
Example
# Display the current directory on the SFTP server.
sftp-client> pwd
flash:/
1.4.13 quit
Syntax
quit
View
SFTP Client view
Parameter
None
Description
Use the quit command to terminate the connection to the remote SFTP server and exit
to system view.
This command has the same function as the bye and exit commands.
Example
# Terminate the connection to the remote SFTP server.
sftp-client> quit
Bye
[3Com]
1.4.14 remove
Syntax
remove remote-file
View
SFTP Client view
Parameter
remote-file: Name of a file on the server.
1-33
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Description
Use the remove command to delete the specified file from the remote SFTP server.
This command has the same function as the delete command.
Example
# Delete file temp.c from the server.
sftp-client> remove temp.c
The followed File will be deleted:
flash:/test2.txt
Are you sure to delete it?(Y/N):y
This operation may take a long time.Please wait...
File successfully Removed
1.4.15 rename
Syntax
rename old name new name
View
SFTP Client view
Parameter
old name: Original file name.
new name: New file name.
Description
Use the rename command to change the name of the specified file on the SFTP server.
Example
# Change the name of file temp.bat on the SFTP server to temp.txt.
sftp-client> rename temp bat temp.txt
File successfully renamed
1.4.16 rmdir
Syntax
rmdir remote-path
View
SFTP Client view
1-34
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
Parameter
remote-path: Name of a directory on the remote SFTP server.
Description
Use the rmdir command to delete the specified directory from the remote SFTP server.
Example
# Delete directory hello from the remote SFTP server.
sftp-client>rmdir hello
The followed directory will be deleted
flash:/hello
Are you sure to remove it?(Y/N):y
Directory successfully removed
1.4.17 sftp
Syntax
sftp { host-ip | host-name } [ port-num ] [ prefer_kex { dh_group1 |
dh_exchange_group } ] [ prefer_ctos_cipher { des | aes128 } ] [ prefer_stoc_cipher
{ des | aes128 } ] [ prefer_ctos_hmac { sha1 | sha1_96 | md5 | md5_96 } ]
[ prefer_stoc_hmac { sha1 | sha1_96 | md5 | md5_96 } ]
View
System view
Parameter
host-ip: IP address of the server.
host-name: Name of the server, a string of 1 to 20 characters.
port-num: Port number of the server, in the range 0 to 65,535. The default port number
is 22.
prefer_kex: Key exchange algorithm preference. Choose one of the two algorithms
available.
dh_group1: Diffie-Hellman-group1-sha1 key exchange algorithm. It is the default key
exchange algorithm.
dh_exchange_group: Diffie-Hellman-group-exchange-sha1 key exchange algorithm.
prefer_ctos_cipher: Encryption algorithm preference from the client to server. It
defaults to AES128.
prefer_stoc_cipher: Encryption algorithm preference from the server to client. It
defaults to AES128.
1-35
3Com Switch 7750 Series
Command Reference Guide – SSH Terminal Service
Chapter 1 SSH Terminal Service
Configuration Commands
des: DES_cbc encryption algorithm.
aes128: AES_128 encryption algorithm.
prefer_ctos_hmac: HMAC algorithm preference from the client to server. It defaults to
SHA1_96.
prefer_stoc_hmac: HMAC algorithm preference from the server to client. It defaults to
SHA1_96.
sha1: HMAC-SHA1 algorithm.
sha1_96: HMAC-SHA1_96 algorithm.
md5: HMAC-MD5 algorithm.
md5_96: HMAC-MD5-96 algorithm.
Description
Use the sftp command to establish a connection to the SFTP server and enter SFTP
Client view.
Example
# Establish a connection to the SFTP server with IP address 10.1.1.2 and use the
default encryption algorithms.
[3Com]sftp 192.168.0.65
Input Username: kk
Trying 192.168.0.65 ...
Press CTRL+K to abort
Connected to 10.1.1.2 ...
The Server is not authenticated. Do you continue access it?(Y/N):y
Do you want to save the server's public key?(Y/N):y
Enter password:
sftp-client>
1-36
3Com Switch 7750 Series
Command Reference Guide – File System Management
Table of Contents
Table of Contents
Chapter 1 File System Management Commands ....................................................................... 1-1
1.1 File System Management Commands .............................................................................. 1-1
1.1.1 cd............................................................................................................................. 1-1
1.1.2 copy......................................................................................................................... 1-2
1.1.3 delete....................................................................................................................... 1-3
1.1.4 dir ............................................................................................................................ 1-4
1.1.5 execute.................................................................................................................... 1-5
1.1.6 file prompt................................................................................................................ 1-6
1.1.7 fixdisk ...................................................................................................................... 1-6
1.1.8 format ...................................................................................................................... 1-7
1.1.9 mkdir........................................................................................................................ 1-8
1.1.10 more ...................................................................................................................... 1-8
1.1.11 move...................................................................................................................... 1-9
1.1.12 pwd...................................................................................................................... 1-10
1.1.13 rename ................................................................................................................ 1-11
1.1.14 reset recycle-bin .................................................................................................. 1-12
1.1.15 rmdir .................................................................................................................... 1-13
1.1.16 umount ................................................................................................................ 1-13
1.1.17 undelete............................................................................................................... 1-14
i
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
Chapter 1 File System Management Commands
Note:
You can provide the directory argument in the following two ways in this chapter.
z
In the form of [drive] [path]. In this case, the argument can be a string containing 1 to
64 characters.
z
By specifying the name of a storage device, such as flash:/ and cf:/.
You can provide the file-url argument in the following two ways in this chapter.
z
In the form of [drive] [path] [file name]. In this case, the argument can be a string
containing 1 to 64 characters.
z
By specifying the name of a storage device, such as flash:/ and cf:/.
1.1 File System Management Commands
1.1.1 cd
Syntax
cd {directory | device-name }
View
User view
Parameter
directory: Target directory.
device-name: Target device.
Description
Use the cd command to change the current directory or switch to the directory of a
specified storage device.
Note:
Make sure the storage device is correctly installed if you want to switch to the storage
device by using this command.
1-1
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
Example
# Change the current directory to the one named test in the flash.
<3Com> pwd
flash:
<3Com> cd test
<3Com> pwd
flash:/test
# Enter the root directory of the CF card.
<3Com> cd cf:
<3Com> pwd
cf:
1.1.2 copy
Syntax
copy fileurl-source fileurl-dest
View
User view
Parameter
fileurl-source: Path name and file name of the source file in the Flash.
fileurl-dest: Path name and file name of the destination file in the Flash.
Description
Use the copy command to copy a file to a specified path with specified name.
You can use this command to copy a file in the current directory to another directory or
copy a file in a directory to the current directory. Make sure the path and the file
identified by the fileurl-source argument exist when executing this command.
If the fileurl-dest argument identifies an existing file, the system prompts you for the
confirmation to overwrite the existing file.
Example
# Display the information about the files in the current directory.
<3Com> dir
Directory of flash:/
0
-rw-
1
-rw-
2
-rw-
3
-rw-
4
16215134
Mar 09 2006 13:59:19
snmpboots
Apr 04 2006 16:36:20
S6500-VRP310-E3128.app
553
Jan 21 2006 17:05:55
diaginfo.txt
3906
Apr 04 2006 17:23:54
vrpcfg.cfg
1-2
3Com Switch 7750 Series
Command Reference Guide – File System Management
4
-rw-
11779
Chapter 1 File System Management Commands
Apr 05 2006 10:19:48
test.txt
31877 KB total (15973 KB free)
# Copy the file named test.txt, with the destination file name being test2.bak.
<3Com> copy test.txt test2.bak
Copy flash:/test.txt to flash:/test2.bak?[Y/N]:y
.....
%Copy file flash:/test.txt to flash:/test2.bak...Done.
# Display the information about the files in the current directory again.
<3Com> dir
Directory of flash:/
0
-rw-
1
-rw-
2
-rw-
3
4
Mar 09 2006 13:59:19
snmpboots
Apr 04 2006 16:36:20
S6500-VRP310-E3128.app
553
Jan 21 2006 17:05:55
diaginfo.txt
-rw-
3906
Apr 04 2006 17:23:54
vrpcfg.cfg
4
-rw-
11779
Apr 05 2006 10:19:48
test.txt
5
-rw-
11779
Apr 05 2006 10:23:03
test2.bak
16215134
31877 KB total (15961 KB free)
1.1.3 delete
Syntax
delete [ /unreserved ] file-url
View
User view
Parameter
/unreserved: Deletes a file completely.
file-url: Path name and file name of a file to be deleted.
Description
Use the delete command to delete a specified file on a switch.
You can use the * character in this argument as a wildcard.
If you execute the delete command with the /unreserved keyword specified, the
specified file is completely deleted. That is, the file cannot be restored. Otherwise, the
specified file is moved to the recycle bin and can be restored using the undelete
command.
1-3
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
To delete the files in the recycle bin, use the reset recycle-bin command.
Caution:
z
z
The dir command does not display the information about the files in the recycle bin.
To display the information about the files in the recycle bin, use the dir /all
command.
z
For files with the same name, the recycle bin can only hold the latest deleted one.
Example
# Delete the file named test.txt, assuming that it resides in the root directory of the flash.
<3Com> delete flash:/test.txt
Delete flash:/test.txt?[Y/N]:y
...
%Deleted file flash:/test.txt.
1.1.4 dir
Syntax
dir [ /all ] [ file-url ]
View
User view
Parameter
/all: Displays the information about all the files, including those in the recycle bin.
file-ur: Path and the name of a file whose information is to be displayed. You can use
the * character as a wildcard in this argument. For example, the dir *.txt command
displays the information about all the files with the extension of txt in the current
directory.
Description
Use the dir command to display the information about the specified files or directories
in the storage devices on a switch.
You can use the * character as a wildcard.
Example
# Display the information about the file named test2.bak.
1-4
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
<3Com> dir test2.bak
Directory of flash:/
0
-rw-
11779
Apr 05 2006 10:23:03
test2.bak
31877 KB total (15961 KB free)
# Display the information about all the files (including the files in the recycle bin) in
directory flash:/hello/.
<3Com> dir /all flash:/hello/
Directory of flash:/hello/
0
-rw-
11779
Apr 05 2006 10:54:16
tt.txt
1
-rw-
11779
Apr 05 2006 10:55:10
[tt2.txt]
31877 KB total (15935 KB free)
Note:
In the output information of the dir /all command, the names of the files in the recycle
bin are embraced in brackets.
1.1.5 execute
Syntax
execute file-url
View
System view
Parameter
File-url: Path and the name of the batch file to be executed. A batch file has an
extension of .bat.
Description
Use the execute command to execute a specified batch file.
This command executes command lines in the batch file in sequence.
Note that
z
A batch file cannot contain any invisible character. Otherwise, the command quits
the execution and this process is irretrievable.
1-5
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
z
A syntax error in a batch file results in error messages.
z
This command cannot be executed recursively.
Example
# Execute the batch file named test.bat under the directory flash:/.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] execute test.bat
1.1.6 file prompt
Syntax
file prompt { alert | quiet }
View
System view
Parameter
alert: Prompts for confirmation before performing file-related operations that have
potential risks.
quiet: Disables prompts for file-related operations.
Description
Use the file prompt command to set the prompt mode for file-related operations.
By default, a switch prompts for confirmation before performing file-related operations
that have potential risks.
If you set the prompt mode of the file-related operations to quiet, the switch does not
prompt for confirmation before performing file-related operations. In this case, the
system is more likely to operate improperly if irretrievable file-related operations are
performed.
Example
# Set the prompt mode to quiet for file-related operations.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] file prompt quiet
1.1.7 fixdisk
Syntax
fixdisk device
1-6
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
View
User view
Parameter
device: Device name.
Description
Use the fixdisk command to restore space on a storage device.
For unavailable memory spaces, you can use this command to restore them.
Example
# Restore the memory space on the flash.
<3Com> fixdisk flash:
Fixdisk flash: may take some time to complete.
%Fixdisk unit1>flash: completed.
1.1.8 format
Syntax
format device
View
User view
Parameter
device: Device name.
Description
Use the format command to format a storage device.
Note that all the files on a storage device get lost after the storage device is formatted.
The operation is irretrievable. Moreover, the configuration files get lost if you format the
flash.
Example
# Format the flash.
<3Com> format flash:
All data on Flash will be lost , proceed with format ? [Y/N] y
% Now begin to format flash, please wait for a while...
Format winc: completed
1-7
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
1.1.9 mkdir
Syntax
mkdir directory
View
User view
Parameter
directory: Name of the directory to be created.
Description
Use the mkdir command to create a directory in the current directory.
Note that the names of all the directories and files in the same directory must be unique.
Example
# Create a directory in the current directory, with the name being dd.
<3Com> mkdir dd
...
% Created dir flash:/dd
1.1.10 more
Syntax
more file-url
View
User view
Parameter
file-url: Path and file name.
Description
Use the more command to display the content of a specified file.
Currently, the content of a file can only be displayed in text.
Example
# Display the content of the file named test.txt.
<3Com> more test.txt
The file is for test only.
1-8
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
1.1.11 move
Syntax
move fileurl-source fileurl-dest
View
User view
Parameter
fileurl-source: Path and file name of the source file.
fileurl-dest: Path and file name of the target file.
Description
Use the move command to move a file to a specified directory. You can also assign a
new name for the file.
If the target file name is the name of an existing file, the system prompts you for the
confirmation to overwrite the existing file.
Example
# Display the information about the files in flash:/ and flash:/hello.
<3Com> dir
Directory of flash:/
0
-rw-
4
Mar 09 2006 13:59:19
snmpboots
1
-rw-
16215134
Apr 04 2006 16:36:20
S6500-VRP310-E3128.app
2
-rw-
553
Jan 21 2006 17:05:55
diaginfo.txt
3
-rw-
3906
Apr 04 2006 17:23:54
vrpcfg.cfg
4
drw-
-
Apr 05 2006 10:53:23
hello
5
drw-
-
Apr 10 2005 19:07:59
dd
6
-rw-
11779
Apr 05 2006 10:23:03
test2.bak
7
drw-
-
Jan 25 2005 11:08:59
backup
31877 KB total (15935 KB free)
<3Com> dir flash:/hello/
Directory of flash:/hello/
0
-rw-
11779
Apr 05 2006 10:54:16
tt.txt
1
-rw-
11779
Apr 05 2006 11:12:52
tt2.txt
31877 KB total (15935 KB free)
# Move the file named tt.txt from flash:/ to flash:/.
1-9
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
<3Com>move flash:/hello/tt.txt flash:/tt.txt
Move flash:/hello/tt.txt to flash:/tt.txt?[Y/N]:y
...
%Moved file flash:/hello/tt.txt to flash:/tt.txt.
# Display the information about the files in flash:/ and flash:/hello again.
<3Com> dir
Directory of flash:/
0
-rw-
4
Mar 09 2006 13:59:19
snmpboots
1
-rw-
16215134
Apr 04 2006 16:36:20
S6500-VRP310-E3128.app
2
-rw-
553
Jan 21 2006 17:05:55
diaginfo.txt
3
-rw-
3906
Apr 04 2006 17:23:54
vrpcfg.cfg
4
drw-
-
Apr 05 2006 10:53:23
hello
5
drw-
-
Apr 10 2005 19:07:59
dd
6
-rw-
11779
Apr 05 2006 10:23:03
test2.bak
7
-rw-
11779
Apr 05 2006 11:30:13
tt.txt
8
drw-
-
Jan 25 2005 11:08:59
backup
31877 KB total (15935 KB free)
<3Com> dir flash:/hello/
Directory of flash:/hello/
0
-rw-
11779
Apr 05 2006 11:12:52
31877 KB total (15934 KB free)
1.1.12 pwd
Syntax
pwd
View
User view
Parameter
None
Description
Use the pwd command to display the current path.
Example
# Display the current path.
1-10
tt2.txt
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
<3Com> pwd
flash:
1.1.13 rename
Syntax
rename fileurl-source fileurl-dest
View
User view
Parameter
fileurl-source: File name of the file to be renamed.
fileurl-dest: Target file name.
Description
Use the rename command to rename a file.
If the target file name or directory name is the same with any existing file name or
directory name, you will fail to rename the file.
Example
# Display the information about the files in the current directory.
<3Com> dir
Directory of flash:/
0
-rw-
1
-rw-
2
-rw-
3
4
Mar 09 2006 13:59:19
snmpboots
Apr 04 2006 16:36:20
S6500-VRP310-E3128.app
553
Jan 21 2006 17:05:55
diaginfo.txt
-rw-
3906
Apr 04 2006 17:23:54
vrpcfg.cfg
4
drw-
-
Apr 05 2006 10:53:23
hello
5
drw-
-
Apr 10 2005 19:07:59
dd
6
-rw-
11779
Apr 05 2006 10:23:03
test2.bak
7
-rw-
11779
8
drw-
16215134
-
Apr 05 2006 11:30:13
Jan 25 2005 11:08:59
31877 KB total (15935 KB free)
# Rename the file named tt.txt as tt.bak.
<3Com> rename tt.txt tt.bak
Rename flash:/tt.txt to flash:/tt.bak?[Y/N]:y
...
%Renamed file flash:/tt.txt to flash:/tt.bak.
1-11
tt.txt
backup
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
# Display the information about the files in the current directory again.
<3Com>dir
Directory of flash:/
0
-rw-
1
-rw-
2
-rw-
3
-rw-
4
drw-
5
4
Mar 09 2006 13:59:19
snmpboots
Apr 04 2006 16:36:20
S6500-VRP310-E3128.app
553
Jan 21 2006 17:05:55
diaginfo.txt
3906
Apr 04 2006 17:23:54
vrpcfg.cfg
-
Apr 05 2006 10:53:23
hello
drw-
-
Apr 10 2005 19:07:59
dd
6
-rw-
11779
Apr 05 2006 10:23:03
test2.bak
7
-rw-
11779
Apr 05 2006 11:36:06
tt.bak
8
drw-
16215134
-
Jan 25 2005 11:08:59
backup
31877 KB total (15934 KB free)
1.1.14 reset recycle-bin
Syntax
reset recycle-bin [ file-url ] [ /force ]
View
User view
Parameter
file-url: Path and the file name of the file to be deleted.
/force: Does not prompt for the confirmation before deleting all the files in the recycle
bin.
Description
Use the reset recycle-bin command to clear a specified file or all the files in the recycle
bin.
You can use the * as a wild card in the file-url argument.
The files deleted using the delete command are actually moved to the recycle bin. To
delete them completely, you can use the reset recycle-bin command.
Example
# Delete the file named test.txt in the recycle bin.
<3Com> reset recycle-bin flash:/test.txt
Clear flash:/test.txt ?[Y/N]:y
Clear file from flash will take long time if needed...
1-12
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
...
%Cleared file flash:/test.txt.
1.1.15 rmdir
Syntax
rmdir directory
View
User view
Parameter
directory: Name of a directory.
Description
Use the rmdir command to delete a directory.
As only empty directories can be deleted, you need to clear a directory before deleting
it.
Example
# Delete the directory named hello.
<3Com> rmdir hello
The files in the recycle-bin under this directory will be deleted permanently,
Remove flash:/hello?[Y/N]:y
...
%Removed directory flash:/hello.
1.1.16 umount
Syntax
umount cf:
View
User view
Parameter
None
1-13
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
Description
Use the umount cf: command to disable the CF card. After you execute this command,
you need to re-install the CF card to use it again.
Note:
This command can be executed successfully only when the CF card is correctly
installed.
Example
# Disable the CF card.
<3Com>umount cf:
%Umount cf: succeed.Current directory is changed to flash:.
# Verify the above operation by displaying the information about the CF card.
<3Com> dir cf:
% Wrong device
"cf:"
1.1.17 undelete
Syntax
undelete file-url
View
User view
Parameter
file-url: Path and the file name of a file in the recycle bin.
Description
Use the undelete command to restore a deleted file in the recycle bin.
If the name of the file to be restored is the same as that of an existing file, the system
prompts you for the confirmation to overwrite the latter.
1-14
3Com Switch 7750 Series
Command Reference Guide – File System Management
Chapter 1 File System Management Commands
Example
# Restore the deleted file with its path and file name being flash:/hello/tt2.txt.
<3Com> undelete flash:/hello/tt2.txt
Undelete flash:/hello/tt2.txt?[Y/N]:y
...
%Undeleted file flash:/hello/tt2.txt.
1-15
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Table of Contents
Table of Contents
Chapter 1 FTP and TFTP Configuration Commands ................................................................. 1-1
1.1 FTP Server Configuration Commands............................................................................... 1-1
1.1.1 display ftp-server ..................................................................................................... 1-1
1.1.2 display ftp-user ........................................................................................................ 1-2
1.1.3 ftp server enable...................................................................................................... 1-2
1.1.4 ftp timeout................................................................................................................ 1-3
1.2 FTP Client Configuration Commands ................................................................................ 1-4
1.2.1 ascii ......................................................................................................................... 1-4
1.2.2 binary....................................................................................................................... 1-4
1.2.3 bye........................................................................................................................... 1-5
1.2.4 cd............................................................................................................................. 1-6
1.2.5 cdup......................................................................................................................... 1-7
1.2.6 close ........................................................................................................................ 1-8
1.2.7 debugging................................................................................................................ 1-8
1.2.8 delete....................................................................................................................... 1-9
1.2.9 dir .......................................................................................................................... 1-10
1.2.10 disconnect ........................................................................................................... 1-11
1.2.11 ftp ........................................................................................................................ 1-12
1.2.12 get ....................................................................................................................... 1-13
1.2.13 lcd........................................................................................................................ 1-14
1.2.14 ls.......................................................................................................................... 1-15
1.2.15 mkdir.................................................................................................................... 1-16
1.2.16 open .................................................................................................................... 1-17
1.2.17 passive ................................................................................................................ 1-18
1.2.18 put ....................................................................................................................... 1-18
1.2.19 pwd...................................................................................................................... 1-19
1.2.20 quit....................................................................................................................... 1-20
1.2.21 remotehelp .......................................................................................................... 1-21
1.2.22 rmdir .................................................................................................................... 1-22
1.2.23 user ..................................................................................................................... 1-23
1.2.24 verbose................................................................................................................ 1-23
1.3 TFTP Configuration Commands ...................................................................................... 1-24
1.3.1 tftp get ................................................................................................................... 1-24
1.3.2 tftp put ................................................................................................................... 1-25
1.3.3 tftp-server acl......................................................................................................... 1-26
i
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Chapter 1 FTP and TFTP Configuration
Commands
1.1 FTP Server Configuration Commands
1.1.1 display ftp-server
Syntax
display ftp-server
View
Any view
Parameter
None
Description
Use the display ftp-server command to display the FTP server-related settings of a
switch when it operates as an FTP server.
You can use this command to verify FTP server-related configurations.
Example
# Display the FTP server-related settings of the switch (assuming that the switch is
operating as an FTP server).
<3Com> display ftp-server
FTP server is running
Max user number
User count
1
0
Timeout value(in minute)
30
Table 1-1 Description on the fields of the display ftp-server command
Field
Description
FTP server is running
Max user number
The FTP server is started
1
The FTP server can accommodate up to one user.
User count
The current login user number
Timeout value (in minute)
The connection idle time
1-1
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
1.1.2 display ftp-user
Syntax
display ftp-user
View
Any view
Parameter
None
Description
Use the display ftp-user command to display the settings of the current FTP user,
including the user name, host IP address, port number, connection idle time, and work
directory.
Example
# Display FTP user settings.
<3Com> display ftp-user
Username
3Com
Host IP
10.110.3.5
Port
1074
Idle
2
Homedir
flash:/3Com
# If the user name exceeds ten characters, characters behind the tenth will be
displayed in a new line in the left-aligning mode. Take username username@test for
example, the result is:
<3Com> display ftp-user
Username
Host IP
Port
Idle
Homedir
username@t
10.110.3.5
1074
2
flash:/3Com
est
1.1.3 ftp server enable
Syntax
ftp sever enable
undo ftp sever
View
System view
Parameter
None
1-2
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Description
Use the ftp server enable command to enable the FTP server for users to log in.
Use the undo ftp server command to disable the FTP server.
By default, the FTP server is disabled to avoid potential security risks.
Example
# Enable the FTP server.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ftp server enable
% Start FTP server
1.1.4 ftp timeout
Syntax
ftp timeout minutes
undo ftp timeout
View
System view
Parameter
minutes: Connection idle time (in minutes) ranging from 1 to 35,791.
Description
Use the ftp timeout command to set the connection idle time.
Use the undo ftp timeout command to restore the default connection idle time.
The default connection idle time is 30 minutes.
If a FTP connection between an FTP server and an FTP client breaks down abnormally
and the FTP server is not acknowledged with this, the FTP server keeps the connection
as usual.
You can set a connection idle time, so that the FTP server considers a FTP connection
to be invalid and terminate it if no data exchange occurs on it in a specific period known
as connection idle time.
Example
# Set the connection idle time to 36 minutes.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ftp timeout 36
1-3
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
1.2 FTP Client Configuration Commands
1.2.1 ascii
Syntax
ascii
View
FTP client view
Parameter
None
Description
Use the ascii command to specify that files be transferred in the ASCII mode.
By default, files are transferred in the ASCII mode.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Specify to transfer files in the ASCII mode.
[ftp] ascii
200 Type set to A.
1.2.2 binary
Syntax
binary
View
FTP client view
1-4
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Parameter
None
Description
Use the binary command to specify that files be transferred in the binary mode.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Specify to transfer files in the binary mode.
[ftp] binary
200 Type set to I.
1.2.3 bye
Syntax
bye
View
FTP client view
Parameter
None
Description
Use the bye command to terminate the control connection and data connection with
the remote FTP server and quit to user view.
This command has the same effect as that of the quit command.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
1-5
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Terminate the connections with the remote FTP server and quit to user view.
[ftp] bye
221 Server closing.
<3Com>
1.2.4 cd
Syntax
cd pathname
View
FTP client view
Parameter
pathname: Path name
Description
Use the cd command to change the work directory on the remote FTP server.
Note that you can use this command to enter the authorized directories only.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
1-6
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
# Change the work directory to flash:/temp.
[ftp] cd flash:/temp
250 CWD command successful.
# Display the current work directory.
[ftp] pwd
257 "flash:/temp" is current directory.
1.2.5 cdup
Syntax
cdup
View
FTP client view
Parameter
None
Description
Use the cdup command to go to the parent directory of the current directory.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Change the work directory to flash:/temp.
[ftp] cd flash:/temp
# Change the work directory to the parent directory.
[ftp] cdup
200 CDUP command successful.
# Display the current directory.
[ftp] pwd
1-7
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
257 "flash:" is current directory.
1.2.6 close
Syntax
close
View
FTP client view
Parameter
None
Description
Use the close command to terminate an FTP connection without quitting FTP client
view.
This command has the same effect as that of the disconnect command.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Terminate the FTP connection without quitting FTP client view.
[ftp] close
221 Server closing.
[ftp]
1.2.7 debugging
Syntax
debugging
undo debugging
1-8
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
View
FTP client view
Parameter
None
Description
Use the debugging command to enable system debugging.
Use the undo debugging command to disable system debugging.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Enable system debugging.
[ftp] debugging
Debug is on.
1.2.8 delete
Syntax
delete remotefile
View
FTP client view
Parameter
remotefile: Name of the file to be deleted.
Description
Use the delete command to delete a specified remote file.
1-9
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Delete the file named temp.c.
[ftp] delete temp.c
250 DELE command successful.
1.2.9 dir
Syntax
dir [ filename [ localfile ] ]
View
FTP client view
Parameter
filename: Name of the file to be queried.
localfile: Name of the local file where the query result is to be saved.
Description
Use the dir command to query specified files on a remote FTP server, or to display file
information in the current directory. The output information, which includes the name,
size and creation time of files, will be saved in a local file.
If you do not specify the filename argument, the information about all the files in the
current directory is displayed.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
1-10
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Display the information about all the files in the current directory on the remote FTP
server.
[ftp] dir
200 PORT command okay
150 File Listing Follows in ASCII mode
-rwxrwxrwx
1 noone
nogroup
430585 Dec 21
2005 4.app
-rwxrwxrwx
1 noone
nogroup
430585 Dec 21
2005 5.app
-rwxrwxrwx
1 noone
nogroup
430585 Dec 23
2005 6. app
-rwxrwxrwx
1 noone
nogroup
430585 Dec 21
2005 6. app.bak
-rwxrwxrwx
1 noone
nogroup
638912 Nov 15
2005 abc.BTM
drwxrwxrwx
1 noone
nogroup
0 Dec 15
-rwxrwxrwx
1 noone
nogroup
3212176 Jul 14
2005 TEST
2005 21.bin
226 Transfer finished successfully.
FTP: 5346 byte(s) received in 6.782 second(s) 788.00 byte(s)/sec.
# Display the information about the file named 4.app and save the output information in
the file named temp1.
[ftp] dir 4.app temp1
200 PORT command okay
150 File Listing Follows in ASCII mode
-rwxrwxrwx
1 noone
nogroup
430585 Dec 21
2004 4. app
226 Transfer finished successfully.
FTP: 70 byte(s) received in 0.122 second(s) 573.00 byte(s)/sec.
1.2.10 disconnect
Syntax
disconnect
View
FTP client view
Parameter
None
1-11
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Description
Use the disconnect command to terminate a FTP connection without quitting FTP
client view.
This command has the same effect as that of the close command.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Terminate the FTP connection without quitting FTP client view.
[ftp] disconnect
221 Server closing.
[ftp]
1.2.11 ftp
Syntax
ftp [ cluster | remote-server [ port-number ] ]
View
User view
Parameter
ip-address: Host name or the IP address of an FTP server. Note that the host name can
be a string comprising 1 to 20 characters.
port-number: Port number of the FTP server, ranging from 0 to 65535. The default is 21.
Description
Use the ftp command to establish a control connection with an FTP server and enter
FTP client view.
1-12
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Example
# Connect to the FTP server whose IP address is 2.2.2.2.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
1.2.12 get
Syntax
get remotefile [ localfile ]
View
FTP client view
Parameter
remotefile: Name of a file on an FTP server.
localfile: Name of a local file.
Description
Use the get command to download a remote file and save it as a local file.
If you do not specify the localfile argument, the downloaded file is saved using its
original name.
Caution:
z
When using the get command to download files from a remote FTP server, make
sure the number of the characters containing in the path and file name is within the
system-acceptable range
Example
# Enter FTP client view.
1-13
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Download the file named temp.c.
[ftp] get temp.c
200 Port command okay.
150 Opening ASCII mode data connection for temp.c.
...226 Transfer complete.
FTP: 2162 byte(s) received in 4.163 second(s) 519.33 byte(s)/sec.
1.2.13 lcd
Syntax
lcd
View
FTP client view
Parameter
None
Description
Use the lcd command to display the local work directory on the FTP client.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
1-14
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
[ftp]
# Display the local work directory.
[ftp] lcd
% Local directory now flash:/temp
1.2.14 ls
Syntax
ls [ remotefile [ localfile ] ]
View
FTP client view
Parameter
remotefile: Name of the remote file to be queried.
Localfile: Name of the local file where the querying result is to be saved.
Description
Use the ls command to display the name of a specified file on a remote FTP server.
If you do not specify the remotefile argument, the names of all the files in the current
remote directory are displayed.
Caution:
The ls command only displays file names, while the dir command displays file
information in more detail, including file size, creation date and so on.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
1-15
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
[ftp]
# Display the names of all the files in the current directory on the remote FTP server.
[ftp] ls
200 Port command okay.
150 Opening ASCII mode data connection for *.
S7750.app
test.cfg
s7750-1.app
another.bat
test
default.diag
226 Transfer complete.
FTP: 189 byte(s) received in 0.011 second(s) 17.18Kbyte(s)/sec.
1.2.15 mkdir
Syntax
mkdir pathname
View
FTP client view
Parameter
Pathname: Name of the directory to be created.
Description
Use the mkdir command to create a directory on an FTP server.
This command is available only to the FTP clients that are assigned the permission to
create directories on FTP servers.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
1-16
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
[ftp]
# Create the directory flash:/lanswitch on the FTP server.
[ftp] mkdir flash:/lanswitch
257 "flash:/ lanswitch" new directory created.
1.2.16 open
Syntax
open { ip-address | server-name } [ port ]
View
FTP client view
Parameter
ip-address: IP address of an FTP server.
server-name: Host name of the FTP server, a string comprising 1 to 20 characters.
port: Port number on the remote FTP server, ranging from 0 to 65535. The default value
is 21.
Description
Use the open command to establish a control connection with an FTP server.
Related command: close.
Example
# Enter FTP client view.
<3Com> ftp
[ftp]
# Establish a control connection with the FTP server whose IP address is 1.1.1.1.
[ftp]open 1.1.1.1
Trying ...
Press CTRL+K to abort
Connected.
220220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):abc
331 Give me your password, please
Password:
230 Logged in successfully
1-17
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
1.2.17 passive
Syntax
passive
undo passive
View
FTP client view
Parameter
None
Description
Use the passive command to set the data transfer mode to the passive mode.
Use the undo passive command to set the data transfer mode to the active mode.
By default, the passive mode is adopted.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Set the data transfer mode to the passive mode.
[ftp] passive
% Passive is on
1.2.18 put
Syntax
put localfile [ remotefile ]
View
FTP client view
1-18
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Parameter
localfile: Name of a local file to be uploaded.
remotefile: File name which the local file is to be saved as.
Description
Use the put command to upload a local file to an FTP server.
If you do not specify the remotefile argument, the local file is saved on the FTP server
using the original name.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Upload the local file named temp.c to the FTP server.
[ftp] put temp.c
200 Port command okay.
150 Opening ASCII mode data connection for config.cfg.
Operation may take a long time, please wait...
226 Transfer complete.
FTP: 2162 byte(s) sent in 12.115 second(s) 178.45byte(s)/sec.
1.2.19 pwd
Syntax
pwd
View
FTP client view
Parameter
None
1-19
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Description
Use the pwd command to display the work directory on an FTP server.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Display the work directory on the FTP server.
[ftp] pwd
257 "flash:/temp" is current directory.
1.2.20 quit
Syntax
quit
View
FTP client view
Parameter
None
Description
Use the quit command to terminate an FTP connection and quit to user view.
This command has the same effect as that of the bye command.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
1-20
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Terminate the FTP connection and quit to user view.
[ftp] quit
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye
<3Com>
1.2.21 remotehelp
Syntax
remotehelp [ protocol-command ]
View
FTP client view
Parameter
protocol-command: FTP protocol command.
Description
Use the remotehelp command to display the on-line help of an FTP protocol
command.
This command works only when the FTP server provides the on-line help information
about FTP protocol commands.
Caution:
z
This command is always valid when a 3Com series switch operates as an FTP
server.
z
If you use other FTP server software, refer to related instructions to make sure
whether it provides on-line help information about FTP protocol commands.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
1-21
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Display the syntax of the user command.
[ftp] remotehelp user
214 Syntax: USER
1.2.22 rmdir
Syntax
rmdir pathname
View
FTP client view
Parameter
pathname: Name of a directory on an FTP server.
Description
Use the rmdir command to remove a directory on an FTP server.
Note that you can only use this command to remove directories that are empty.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Remove the directory flash:/temp1 on the FTP server. (Assume that the directory is
empty.)
1-22
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
[ftp] rmdir flash:/temp1
200 RMD command successful.
1.2.23 user
Syntax
user username [ password ]
View
FTP client view
Parameter
username: Name of the user to switch to.
password: Password corresponding to the user.
Description
Use the user command to switch to a specified user.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Switch to the user named tom, assuming that the corresponding password is 111.
[ftp] user tom 111
331 Give me your password, please
230 Logged in successfully
1.2.24 verbose
Syntax
verbose
undo verbose
1-23
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
View
FTP client view
Parameter
None
Description
Use the verbose command to enable the verbose function, which displays the
execution and response information of when a command is executed.
Use the undo verbose command to disable the verbose function.
The verbose function is enabled by default.
Example
# Enter FTP client view.
<3Com> ftp 2.2.2.2
Trying ...
Press CTRL+K to abort
Connected.
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User(none):switch
331 Give me your password, please
Password:
230 Logged in successfully
[ftp]
# Enable the verbose function.
[ftp] verbose
% Verbose is on
1.3 TFTP Configuration Commands
1.3.1 tftp get
Syntax
tftp tftp-server get source-file [ dest-file ]
View
User view
Parameter
tftp-server: IP address or the host name of a TFTP server.
1-24
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
source-file: Name of the file to be downloaded from the TFTP server.
dest-file: File name which the downloaded file is to be saved as.
Description
Use the tftp get command to download a file from a TFTP server to the local switch.
Related command: tftp put.
Example
# Download the file named abc.txt from the TFTP server whose IP address is 1.1.1.1
and save it as efg.txt.
<3Com> tftp 1.1.1.1 get abc.txt efg.txt
File will be transferred in binary mode.
Downloading file from remote tftp server, please wait......
TFTP:
35 bytes received in 0 second(s).
File downloaded successfully.
1.3.2 tftp put
Syntax
tftp tftp-server put source-file [ dest-file ]
View
User view
Parameter
tftp-server: IP address or the host name of a TFTP server.
source-file: Name of the file to be uploaded to the TFTP server.
dest-file: File name which the uploaded file is to be saved as.
Description
Use the tftp put command to upload a file to a specified directory on a TFTP server.
Related command: tftp get.
Example
# Upload the file named vrpcfg.cfg to the TFTP server whose IP address is 1.1.1.1 and
save it as temp.cfg.
<3Com> tftp 1.1.1.1 put vrpcfg.cfg temp.cfg
File will be transferred in binary mode.
Copying file to remote tftp server. Please wait... /
TFTP:
962 bytes sent in 0 second(s).
File uploaded successfully.
1-25
3Com Switch 7750 Series
Command Reference Guide – FTP and TFTP
Chapter 1 FTP and TFTP Configuration Commands
1.3.3 tftp-server acl
Syntax
tftp-server acl acl-number
undo tftp-server acl
View
System view
Parameter
acl-number: Basic ACL number ranging from 2000 to 2999.
Description
Use the tftp-server acl command to specify the ACL adopted for the connection
between a TFTP client and a TFTP server.
Use the undo tftp-server acl command to cancel all the ACLs adopted.
Example
# Specify to adopt ACL 2000 on the TFTP client.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] tftp-server acl 2000
1-26
3Com Swich 7750 Series
Command Reference Guide – Information Center
Table of Contents
Table of Contents
Chapter 1 Information Center Commands .................................................................................. 1-1
1.1 Information Center Commands.......................................................................................... 1-1
1.1.1 display channel........................................................................................................ 1-1
1.1.2 display info-center ................................................................................................... 1-1
1.1.3 display logbuffer ...................................................................................................... 1-3
1.1.4 display logbuffer summary ...................................................................................... 1-6
1.1.5 display trapbuffer..................................................................................................... 1-6
1.1.6 info-center channel.................................................................................................. 1-7
1.1.7 info-center console channel .................................................................................... 1-8
1.1.8 info-center enable ................................................................................................... 1-9
1.1.9 info-center logbuffer ................................................................................................ 1-9
1.1.10 info-center loghost............................................................................................... 1-10
1.1.11 info-center loghost source................................................................................... 1-12
1.1.12 info-center monitor channel................................................................................. 1-12
1.1.13 info-center snmp channel.................................................................................... 1-13
1.1.14 info-center source ............................................................................................... 1-14
1.1.15 info-center timestamp.......................................................................................... 1-20
1.1.16 info-center trapbuffer........................................................................................... 1-21
1.1.17 reset logbuffer ..................................................................................................... 1-22
1.1.18 reset trapbuffer .................................................................................................... 1-22
1.1.19 terminal debugging.............................................................................................. 1-22
1.1.20 terminal logging................................................................................................... 1-23
1.1.21 terminal monitor .................................................................................................. 1-24
1.1.22 terminal trapping ................................................................................................. 1-24
i
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
Chapter 1 Information Center Commands
1.1 Information Center Commands
1.1.1 display channel
Syntax
display channel [ channel-number | channel-name ]
View
Any view
Parameter
channel-number: Channel number, ranging from 0 to 9, that is, the system has ten
channels.
channel-name: Channel name. By default, the name of channel 0 to channel 9 is (in
turn) console, monitor, loghost, trapbuffer, logbuffer, snmpagent, channel6,
channel7, channel8, channel9.
Description
Use the display channel command to display the settings of an information channel.
If no argument is provided, the settings of all channels are displayed.
Example
# Show details about the information channel 0.
<3Com> display channel 0
channel number:0, channel name:console
MODU_ID
NAME
ENABLE
LOG_LEVEL
ENABLE
TRAP_LEVEL
ENABLE
DEBUG_LEVEL
ffff0000 default Y
warning
1.1.2 display info-center
Syntax
display info-center
View
Any view
1-1
Y
debugging
Y
debugging
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
Parameter
None
Description
Use the display info-center command to display the operation status of information
center, the configuration of information channels, and the format of time stamp.
If the information records in the current log/trap buffer are less than the buffer size
specified by a user, this command displays the actual log/trap information.
Related command: info-center enable, info-center loghost, info-center logbuffer,
info-center console channel, info-center monitor channel, info-center trapbuffer,
info-center snmp channel, and info-center timestamp.
Example
# Display information about information center.
<3Com> display info-center
Information Center:enabled
Log host:
Console:
channel number:0, channel name:console
Monitor:
channel number:1, channel name:monitor
SNMP Agent:
channel number:5, channel name:snmpagent
Log buffer:
enabled, max buffer size:1024, current buffer size:256
current messages:2, channel number:4, channel name:logbuffer
dropped messages:0, overwritten messages:0
Trap buffer:
enabled, max buffer size:1024, current buffer size:256
current messages:0, channel number:3, channel name:trapbuffer
dropped messages:0, overwritten messages:0
Information timestamp setting:
log - date, trap - date, debug – boot
Table 1-1 Description on the fields of the display info-center command
Field
Information Center:
Description
Information center is enabled.
Information about the log host, including its IP
Log host:
address, name and number of information channel,
language and level of the log host
1-2
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
Field
Description
Information about the console port, including name
Console:
and channel of its information channel
Information about the monitor port, including name
Monitor:
and channel of its information channel
Information about SNMP Agent, including name and
SNMP Agent:
number of its information channel
Information about the log buffer, including its state
(enabled or disabled), its maximum size, current size,
current messages, information channel name and
Log buffer:
number,
dropped
messages,
and
overwritten
messages
Information about the trap buffer, including its state
(enabled or disabled), maximum size, current size,
Trap buffer:
current messages, channel number and name,
dropped messages, and overwritten messages
Information
timestamp
setting
Information about time stamp setting, describing log
information, trap information, and the time stamp
format of the debugging information
1.1.3 display logbuffer
Syntax
display logbuffer [ level severity | size buffersize ]* [ | { begin | exclude | include }
regular-expression ]
View
Any view
Parameter
level severity: Specifies an information severity level. The severity argument ranges
from 1 to 8.
Table 1-2 Severity definitions made on the information center
Severity
emergencies
Value
1
Description
Emergent errors
1-3
3Com Swich 7750 Series
Command Reference Guide – Information Center
Severity
Chapter 1 Information Center Commands
Value
Description
Errors that need to be corrected
alerts
2
critical
3
errors
4
warnings
5
Warnings that prompt possible errors
notifications
6
Information that needs to be noticed
informational
7
Normal prompting information
debugging
8
Debugging information
immediately
Critical errors
Errors that need to be considered but
are not critical
size buffersize: Specifies the size of the log buffer (number of messages the log buffer
holds) you want to display. The buffersize argument ranges from 1 to 1024 and
defaults to 256.
|: Filters output log information with a regular expression.
begin: Displays the log information beginning with the specified characters.
exclude: Displays the log information excluding the specified characters.
include: Displays the log information including the specified characters.
regular-expression: Regular expression.
1-4
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
Table 1-3 Special characters in regular expression.
Special
Description
characters
Usage restrictions
The underscore, functions
similar to a wildcard, can
represent
the
following
characters:
_
If the first character of a regular
expression is not ‘_’, the number of
‘_’ used in the expression is not
^ –– Caret
restricted, but is restricted by the
$ –– Dollar sign
length of command line.
| –– Alternation sign
If the first character is ‘_’, the
[ –– Left bracket
number of consecutive “_” should
less than 5;
, –– Comma
( ) –– Left/right parenthesis
If
the
‘_’
characters
are
not
consecutive, the output information
{ } –– Left/right brace
will be filtered by the first group of
] –– Right bracket
‘_’, and the remain ‘_’ characters
Space
will not be processed.
Start/stop character
(
The left parenthesis, the
You are recommended not to use
push-onto-the-stack flag in
this character to establish a regular
programming
expression.
Description
Use the isplay logbuffer command to display the state of logbuffer and the
information recorded in logbuffer.
Example
# Display the state of logbuffer and the log information recorded in the logbuffer.
<3Com> display logbuffer
Logging buffer configuration and contents:enabled
Allowed max buffer size : 1024
Actual buffer size : 512
Channel number : 4 , Channel name : logbuffer
Dropped messages : 0
Overwritten messages : 0
Current messages : 91
...... (Omitted)
1-5
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
1.1.4 display logbuffer summary
Syntax
display logbuffer summary [ level severity ]
View
Any view
Parameter
Level severity: Specifies an information severity level. The severity argument ranges
from 1 to 8.
Description
Use the display logbuffer summary command to display the statistics of the log
buffer.
Example
# Display summary information recorded in logbuffer.
<3Com> display logbuffer summary
SLOT EMERG ALERT CRIT ERROR WARN NOTIF INFO DEBUG
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
1.1.5 display trapbuffer
Syntax
display trapbuffer [ size buffersize ]
View
Any view
Parameter
size buffersize: Specifies the size of the trap buffer (number of messages the buffer
holds) you want to display. The buffersize argument ranges from 1 to 1024 and
defaults to 256.
Description
Use the display trapbuffer command to display the status of the trap buffer and the
trap information recorded in the trap buffer.
Executing the command with the size buffersize parameters will display the latest trap
records.
1-6
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
Example
# Display the trapbuffer status and the trap information in trapbuffer.
<3Com> display trapbuffer
Trapping Buffer Configuration and contents:enabled
allowed max buffer size : 1024
actual buffer size : 256
channel number : 3 , channel name : trapbuffer
dropped messages : 0
overwritten messages : 0
current messages : 6
#Dec 31 14:01:25 2004 3Com DEV/2/LOAD FINISHED:
Trap 1.3.6.1.4.1.2011.2.23.1.12.1.20: frameIndex is 0, slotIndex 0.4
#Dec 31 14:01:33 2004 3Com DEV/2/BOARD STATE CHANGE TO NORMAL:
Trap 1.3.6.1.4.1.2011.2.23.1.12.1.11: frameIndex is 0, slotIndex 0.2
#Dec 31 14:01:40 2004 3Com DEV/2/BOARD STATE CHANGE TO NORMAL:
Trap 1.3.6.1.4.1.2011.2.23.1.12.1.11: frameIndex is 0, slotIndex 0.
…(Omitted)
1.1.6 info-center channel
Syntax
info-center channel channel-number name channel-name
undo info-center channel channel-number
View
System view
Parameter
channel-number: Channel number, ranging from 0 to 9, that is, system has ten
channels.
channel-name: Channel name, a string up to 30 characters, excluding "-", "/" or "\".
And the first character must not be a number.
Description
Use info-center channel name command to name a channel specified by the
channel-number as channel-name.
Use undo info-center channel command to restore the default channel name.
1-7
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
By default, the name of channel 0 to channel 9 is (in turn) console, monitor, loghost,
trapbuffer, logbuffer, snmpagent, channel6, channel7, channel8, channel9.
Note that the channel names must not be the same with each other.
Example
# Name the channel 0 as execconsole.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] info-center channel 0 name execconsole
1.1.7 info-center console channel
Syntax
info-center console channel { channel-number | channel-name }
undo info-center console channel
View
System view
Parameter
channel-number: Channel number, ranging from 0 to 9, that is, system has ten
channels.
channel-name: Channel name, by default, the name of channel 0 to channel 9 is (in
turn) console, monitor, loghost, trapbuffer, logbuffer, snmpagent, channel6,
channel7, channel8, channel9.
Description
Use the info-center console channel command to configure the channel through
which the log information is output to the console.
Use the undo info-center console channel command to restore the default channel
through which the log information is output to the console.
By default, Ethernet switches output log information to the console.
This command takes effect only after the information center function is enabled.
Related command: info-center enable, display info-center.
Example
# Configure to output log information to the console through channel 7.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] info-center console channel 7
1-8
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
1.1.8 info-center enable
Syntax
info-center enable
undo info-center enable
View
System view
Parameter
none
Description
Use the info-center enable command to enable the information center function.
Use the info-center enable command to disable the information center function.
The switch can output system information to the log host, the console, and other
destinations only when the information center function is enabled.
By default, the information center function is enabled.
Related command: display info-center, info-center loghost, info-center logbuffer,
info-center console channel, info-center monitor channel, info-center trapbuffer,
info-center snmp channel.
Example
# Enable the information center function.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] info-center enable
% information center is enabled
1.1.9 info-center logbuffer
Syntax
info-center logbuffer [ channel { channel-number | channel-name } | size
buffersize ]* [ | exclude regular-expression ]
undo info-center logbuffer [ channel | size | | exclude regular-expression ]
View
System view
1-9
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
Parameter
channel: Configure the channel to output information to buffer.
channel-number: Channel number, ranging from 0 to 9, that is, system has ten
channels.
channel-name: Channel name, by default, the name of channel 0 to channel 9 is (in
turn) console, monitor, loghost, trapbuffer, logbuffer, snmpagent, channel6,
channel7, channel8, channel9.
size buffersize: Specifies the size of the log buffer (number of messages the buffer
holds). The buffersize argument ranges from 0 to 1024 and defaults to 512.
|: Filters output log information with a regular expression.
exclude: Displays the log information excluding the specified characters.
regular-expression: Regular expression.
For special characters used in the regular expression, refer to Table 1-3.
Description
Use the info-center logbuffer command to configure information output to the log
buffer.
Use the undo info-center logbuffer command to cancel the configuration.
By default, the system outputs information to the log buffer, which can hold 512
records.
This command takes effect only when the information center function is enabled for
the system.
Related command: info-center enable and display info-center.
Example
# Send log information to log buffer and sets the size of log buffer to 50.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] info-center logbuffer size 50
1.1.10 info-center loghost
Syntax
info-center loghost host-ip-addr [ channel { channel-number | channel-name } ]
[ facility local-number ] [ language { chinese | english } ] *
undo info-center loghost host-ip-addr
1-10
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
View
System view
Parameter
host-ip-addr: IP address of info-center loghost.
channel: Configures information channel of the info-center loghost.
channel-number: Channel number, ranging from 0 to 9, that is, system has ten
channels.
channel-name: Channel name, by default, the name of channel 0 to channel 9 is (in
turn) console, monitor, loghost, trapbuffer, logbuffer, snmpagent, channel6,
channel7, channel8, channel9.
facility: Configure the recording tool of info-center loghost.
local-number: Record tool of info-center loghost, ranging from local0 to local7.
language: Sets the logging language.
chinese,english: Switches language used in log file between Chinese and English.
Description
Use the info-center loghost command to enable information output to loghost by
setting the IP address of the loghost.
Use the undo info-center loghost command to cancel the configuration.
By default, the system does not output information to loghost.
This command works only when the information center function is enabled for the
system.
Note:
Be sure to set the correct IP address in the info-center loghost command. A
loopback IP address will cause an error message prompting invalid address.
Related command: info-center enable and display info-center.
Example
# Configure the Ethernet switch to send information to the workstation Unix whose IP
address is 202.38.160.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] info-center loghost 202.38.160.1
1-11
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
1.1.11 info-center loghost source
Syntax
info-center loghost source interface-type interface-number
undo info-center loghost source
View
System view
Parameter
interface-type: Interface type.
interface-number: Interface number.
Description
Use the info-center loghost source command to configure the source interface
through which information is sent to the loghost.
Use the undo info-center loghost source command to cancel the source interface
configuration.
Related command: info-center enable and display info-center.
Example
# Specify source address of the packets sent to loghost as the address of the VLAN 1
interface.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] info-center loghost source Vlan-interface 1
1.1.12 info-center monitor channel
Syntax
info-center monitor channel { channel-number | channel-name }
undo info-center monitor channel
View
System view
Parameter
channel-number: Channel number, ranging from 0 to 9, that is, the system has ten
channels.
1-12
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
channel-name: Channel name, by default, the name of channel 0 to channel 9 is (in
turn) console, monitor, loghost, trapbuffer, logbuffer, snmpagent, channel6,
channel7, channel8, channel9.
Description
Use the info-center monitor channel command to set the channel through which
information is output to user terminals.
Use the undo info-center monitor channel command to restore the default channel
through which the information is output to user terminals.
By default, the system outputs information to user terminal.
This command takes effect only when the information center function is enabled.
Related command: info-center enable and display info-center.
Example
# Configure channel 0 to output log information to user terminal.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] info-center monitor channel 0
1.1.13 info-center snmp channel
Syntax
info-center snmp channel { channel-number | channel-name }
undo info-center snmp channel
View
System view
Parameter
channel-number: Channel number, ranging from 0 to 9, that is, the system has ten
channels.
channel-name: Channel name, by default, the name of channel 0 to channel 9 is (in
turn) console, monitor, loghost, trapbuffer, logbuffer, snmpagent, channel6,
channel7, channel8, channel9.
Description
Use the info-center snmp channel command to set the channel through which
information is output to the SNMP.
Use the undo info-center snmp channel command to restore the default channel
through which information is output to the SNMP.
1-13
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
By default, the system outputs information to SNMP Agent through channel 5.
Related command: snmp-agent and display info-center.
Example
# Configure the system to output information to the SNMP agent through channel 6.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] info-center snmp channel 6
1.1.14 info-center source
Syntax
info-center source { module-name | default } channel { channel-number |
channel-name } [ debug { level severity | state state }* | log { level severity | state
state }* | trap { level severity | state state }* ]*
undo info-center source { module-name | default } channel { channel-number |
channel-name }
View
System view
Parameter
modu-name: Module name. Refer to Table 1-4 for the detail.
Table 1-4 Modules generating the information
Module name
Description
8021X
802.1x module
ACCOUNT
L3+ real time accounting module
ACL
Access control list module
ADBM
Address base module
AM_USERB
Access management module
ARP
Address resolution protocol module
BGP
Border gateway protocol module
CFAX
Configuration agent module
CFM
Configuration file management module
CLNP
Connectionless network protocol module
1-14
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
Module name
Description
CLNSECHO
Connectionless network protocol echo module
CLST
Cluster management module
CMD
Command line module
DEV
Device management module
DHCP
Dynamic host configuration protocol module
DHCPS
DHCP server module
DHCPSNP
DHCP snooping module
DIAG
Diagnosis module
DLDP
Device link detection protocol module
DNS
Domain name system module
ENTEXMIB
Entity extended MIB module
ENTITY
ENTITY module
ESIS
End system to intermediate system routing protocol module
ETH
Ethernet module
FIB
Forwarding information base module
FTPS
FTP server module
HA
High availability module
HTTPD
HTTP server module
IFNET
Interface management module
IGSP
IGMP snooping module
IP
Internet protocol module
IPX
IPX protocol module
ISIS
Intermediate system-to-intermediate system intra-domain
routing information exchange protocol module
L2INF
Layer 2 interface management module
LACL
Lanswitch access control list module
LARP
Address resolution protocol module
1-15
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
Module name
Description
LETH
Ethernet debugging module
LQOS
Lanswitch quality of service module
LS
Local server module
MIX
Dual main control network management module
MODEM
MODEM module
MPM
Multicast port management module
MSDP
Multicast source discovery protocol module
MSTP
Multiple spanning tree protocol module
NAT
Network address translation module
NDP
Neighbor discovery protocol module
NETSTREA
Traffic statistic module
NTDP
Network topology discovery protocol module
NTP
Network time protocol module
OSPF
Open shortest path first module
RDS
Radius module
RM
Routing management module
RMON
Remote monitor module
RMX
IPX routing module
RSA
Revest, Shamir and Adleman encryption module
RTA
L3+ plug-in card traffic accounting module
RTPRO
Routing protocol module
SC
Server control module
SHELL
User interface module
SNMP
Simple network management protocol module
SOCKET
Socket module
SSH
Secure shell module
1-16
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
Module name
Description
SYSM
System management module
SYSMIB
System MIB module
TAC
Terminal access controller module
TELNET
Telnet module
TFTPC
TFTP client module
TUNNEL
Packets transparent transmission module
UDPH
UDP helper module
USERLOG
User log module
VFS
Virtual file system module
VLAN
Virtual local area network module
VRRP
VRRP (virtual router redundancy protocol) module
VTY
VTY (virtual type terminal) module
default
Default settings of all modules
default: Defaults the settings of all modules.
channel-number: Number of information channel to be used.
channel-name: Channel name, by default, the name of channel 0 to channel 9 is (in
turn) console, monitor, loghost, trapbuffer, logbuffer, snmpagent, channel6,
channel7, channel8, channel9.
log: Specifies to output log information.
trap: Specifies to output trap information.
debug: Specifies to output debugging information.
level: Specifies an information severity level.
severity: Information severity level. The information below this level will not be output.
Information at different levels is as follows:
emergencies: Level 1 information, which cannot be used by the system.
alerts: Level 2 information, to be reacted immediately.
critical: Level 3 information, critical information.
errors: Level 4 information, error information.
warnings: level 5 information, warning information.
1-17
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
notifications: Level 6 information, showed normally and important.
informational: Level 7 information, notice to be recorded.
debugging: Level 8 information, generated during the debugging progress.
The default information level of each channel is shown in the following table.
Table 1-5 Default information level of each channel
channel
Log information
Trap information
Debugging
level
level
information level
Console
warning
debugging
debugging
Terminal
warning
debugging
debugging
Log host
informational
debugging
debugging
Trapbuffer
informational
warning
debugging
Logbuffer
warning
debugging
debugging
SNMPagent
debugging
warning
debugging
Channel6
debugging
debugging
debugging
Channel7
debugging
debugging
debugging
Channel8
debugging
debugging
debugging
Channel9
debugging
debugging
debugging
The default information state of each channel is shown in the following table.
Table 1-6 Default information switch state of each channel
Channel
Log information
Trap information
Debug information
switch
switch
switch
Console
Enable
Enable
Enable
Terminal
Enable
Enable
Enable
Log host
Enable
Enable
Disable
Trapbuffer
Disable
Enable
Disable
Logbuffer
Enable
Disable
Disable
SNMPagent
Disable
Enable
Disable
Channel6
Enable
Enable
Disable
1-18
3Com Swich 7750 Series
Command Reference Guide – Information Center
Channel
Chapter 1 Information Center Commands
Log information
Trap information
Debug information
switch
switch
switch
Channel7
Enable
Enable
Disable
Channel8
Enable
Enable
Disable
Channel9
Enable
Enable
Disable
state: Sets the information state.
state: Can be on or off.
Description
Use the info-center source command to specify the information source in the
information center and the output direction.
Use the undo info-center source command to cancel the configuration of information
source and output direction.
This command can be used for filtering of log, trap or debugging information. For
example, it can control information output from the IP module to any direction. You can
configure to output information with severity higher than “warning” to the log host, and
information with severity higher than “informational” to the log buffer. You can also
configure to output trap information to the log host at the same time.
The info-center source command determines the output direction according to
channel name or channel number. Each output direction is assigned with a default
information channel at present, as shown in the following table.
Table 1-7 Information channel in each output direction by default
Output direction
Information channel name
Console
console
Monitor
monitor
Info-center loghost
loghost
Log buffer
logbuffer
Trap buffer
trapbuffer
Snmpagent
snmpagent
In addition, each information channel has a default record with the module name
“default” and module number as 0xffff0000. However, for different information channel,
the default log, trap and debugging settings in the records may be different with one
1-19
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
another. Use default configuration record if a module does not have any specific
configuration record in the channel.
Example
# Enable the log information of VLAN module in SNMP channel and allow the output of
the information with a level higher than emergencies.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] info-center source vlan channel snmp log level emergencies
1.1.15 info-center timestamp
Syntax
info-center timestamp { log | trap | debugging } { boot | date | none }
undo info-center timestamp { log | trap | debugging }
View
System view
Parameter
log: Specifies log information.
trap: Specifies trap information.
debugging: Specifies debugging information.
boot: Specifies to adopt the time elapsed since system boot, which is in the format of
“xxxxxx.yyyyyy”, where xxxxxx is the high 32 bits and yyyyyy the low 32 bits of the
elapsed milliseconds.
date: Specifies to adopt the current system date and time, which is in format
“yyyy/mm/dd-hh:mm:ss:ms” for Chinese environment and “Mmm dd hh:mm:ss:ms
yyyy” for English environment.
none: Specifies not to include time stamp in specified output information.
Description
Use the info-center timestamp command to configure the timestamp output format in
debugging/trap information.
Use the undo info-center timestamp command to restore the default settings.
By default, the date time stamp is adopted for all types of information.
Example
# Configure the debugging information timestamp format as boot.
<3Com> system-view
1-20
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
System View: return to User View with Ctrl+Z.
[3Com] info-center timestamp debugging boot
1.1.16 info-center trapbuffer
Syntax
info-center trapbuffer [ channel { channel-number | channel-name } | size
buffersize ]*
undo info-center trapbuffer [ channel | size ]
View
System view
Parameter
size: Configures the size of the trap buffer.
buffersize: Size of trap buffer (numbers of messages). This argument ranges from 0 to
1,024 and defaults to 256.
channel: Sets the channel through which information is sent to the trap buffer.
channel-number: Channel number, ranging from 0 to 9, that is, the system has ten
channels.
channel-name: Channel name. By default, the name of channel 0 to channel 9 is (in
turn) console, monitor, loghost, trapbuffer, logbuffer, snmpagent, channel6,
channel7, channel8, channel9.
Description
Use the info-center trapbuffer command to enable information output to the trap
buffer.
Use the undo info-center trapbuffer command to disable information output to the
trap buffer.
This command takes effect only after the information center function is enabled.
Related command: info-center enable and display info-center.
Example
# Send information to the trap buffer and sets the size of buffer to 30.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] info-center trapbuffer size 30
1-21
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
1.1.17 reset logbuffer
Syntax
reset logbuffer
View
User view
Parameter
none
Description
Use the reset logbuffer command to reset information in log buffer.
Example
# Clear information in log buffer.
<3Com> reset logbuffer
1.1.18 reset trapbuffer
Syntax
reset trapbuffer
View
User view
Parameter
none
Description
Use the reset trapbuffer command to reset information in trap buffer.
Example
# Clear information in trap buffer.
<3Com> reset trapbuffer
1.1.19 terminal debugging
Syntax
terminal debugging
undo terminal debugging
1-22
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
View
User view
Parameter
none
Description
Use the terminal debugging command to configure to display the debugging
information on the terminal.
Use the undo terminal debugging command to configure not to display the
debugging information on the terminal.
By default, the displaying function is disabled.
Related command: debugging commands in the System Maintaining and Debugging
part of the manual.
Example
# Enable the terminal display debugging.
<3Com> terminal debugging
% Current terminal debugging is on
1.1.20 terminal logging
Syntax
terminal logging
undo terminal logging
View
User view
Parameter
none
Description
Use the terminal logging command to enable terminal log information display.
Use the undo terminal logging command to disable terminal log information display.
By default, this function is enabled for console users and terminal users.
Example
# Disable the terminal log display.
<3Com> undo terminal logging
1-23
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
% Current terminal logging is off
1.1.21 terminal monitor
Syntax
terminal monitor
undo terminal monitor
View
User view
Parameter
none
Description
Use the terminal monitor command to enable the debugging/log/trap information
terminal display function.
Use the undo terminal monitor command to disable these functions.
By default, these functions are enabled for console users and terminal users.
This command only takes effect on the current terminal where the commands are input.
The debugging/log/trap information can be output to the current terminal, beginning in
user view. When the terminal monitor is shut down, no debugging/log/trap information
will be displayed in local terminal, which is equals to having performed undo terminal
debugging, undo terminal logging, undo terminal trapping commands. When the
terminal monitor is enabled, you can use terminal debugging / undo terminal
debugging, terminal logging / undo terminal logging and terminal trapping /
undo terminal trapping respectively to enable or disable the corresponding
functions.
Example
# Disable the terminal monitor.
<3Com> undo terminal monitor
% Current terminal monitor is off
1.1.22 terminal trapping
Syntax
terminal trapping
undo terminal trapping
1-24
3Com Swich 7750 Series
Command Reference Guide – Information Center
Chapter 1 Information Center Commands
View
User view
Parameter
None
Description
Use the terminal trapping command to enable terminal trap information display.
Use the undo terminal trapping command to disable this function.
By default, this function is enabled.
Example
# Enable trap information display.
<3Com> terminal trapping
% Current terminal trapping is on
1-25
3Com Swich 7750 Series
Command Reference Guide – DNS
Table of Contents
Table of Contents
Chapter 1 DNS Configuration Commands .................................................................................. 1-1
1.1 DNS Configuration Commands ......................................................................................... 1-1
1.1.1 display dns domain ................................................................................................. 1-1
1.1.2 display dns dynamic-host........................................................................................ 1-1
1.1.3 display dns server ................................................................................................... 1-2
1.1.4 display ip host.......................................................................................................... 1-3
1.1.5 dns domain.............................................................................................................. 1-4
1.1.6 dns resolve .............................................................................................................. 1-5
1.1.7 dns server................................................................................................................ 1-6
1.1.8 ip host...................................................................................................................... 1-6
1.1.9 reset dns dynamic-host ........................................................................................... 1-7
i
3Com Swich 7750 Series
Command Reference Guide – DNS
Chapter 1 DNS Configuration Commands
Chapter 1 DNS Configuration Commands
1.1 DNS Configuration Commands
1.1.1 display dns domain
Syntax
display dns domain
View
Any view
Parameter
None
Description
Use the display dns domain command to display the information in the DNS suffix
list.
Related command: dns domain.
Example
# Display the information in the DNS suffix list.
<3Com> display dns domain
No
Domain-name
0
aaa.com
Table 1-1 Description on the fields of the display dns domain command
Field
Description
No
Sequence number
Domain-name
Domain name suffix
1.1.2 display dns dynamic-host
Syntax
display dns dynamic-host
1-1
3Com Swich 7750 Series
Command Reference Guide – DNS
Chapter 1 DNS Configuration Commands
View
Any view
Parameter
None
Description
Use the display dns dynamic-host command to display information about the
dynamic DNS cache.
The DNS Client saves successful DNS resolution results to the DNS cache. When
receiving a name query, the DNS Client first looks up the DNS cache for a match. If a
match is found, it returns the corresponding IP address to the user program. If not, it
sends a query to the DNS Server.
Example
# Display the information in the dynamic DNS cache.
<3Com> display dns dynamic-host
No
Domain-name
IpAddress
TTL
0
www.baidu.com
202.108.249.134
63000
1
www.yahoo.akadns.net
66.94.230.39
24
2
www.hotmail.com
207.68.172.239
3585
3
www.eyou.com
61.136.62.70
3591
Alias
Table 1-2 Description on the field of the display dns dynamic-host command
Field
Description
No
Sequence number
Domain-name
Domain name
IpAddress
IP address corresponding to the domain name
TTL
Time for the entry to be stored in the cache (in seconds)
Alias
Alias name for the domain name, up to 4
1.1.3 display dns server
Syntax
display dns server [ dynamic ]
View
Any view
1-2
3Com Swich 7750 Series
Command Reference Guide – DNS
Chapter 1 DNS Configuration Commands
Parameter
Dynamic: Displays the DNS server information dynamically obtained by DHCP or
other protocols.
Description
Use the display dns server command to display the DNS server information.
Related command: dns server.
Example
# Display the DNS server information.
<3Com> dis dns server
Domain-server
IpAddress
0
169.254.65.125
1
169.254.66.15
Table 1-3 Description on the fields of the display dns server command
Field
Description
Domain-server
Sequence number of the DNS server. The system
automatically numbers the configured DNS servers
starting from 0.
IpAddress
IP address of the DNS server
1.1.4 display ip host
Syntax
display ip host
View
Any view
Parameter
None
Description
Use the display ip host command to display the hostnames and corresponding IP
addresses in the static DNS list.
Example
# Display the hostnames and corresponding IP addresses in the static DNS list.
<3Com> display ip host
1-3
3Com Swich 7750 Series
Command Reference Guide – DNS
Chapter 1 DNS Configuration Commands
Host
Age
Flags
Address
My
0
static
1.1.1.1
Aa
0
static
2.2.2.4
Table 1-4 Description on the fields of the display ip host command
Field
Host
Age
Description
Hostname
Time to live. It is always 0, meaning the static entries will
never age out.
A static name-to-address mapping entry can only be
manually removed.
Flags
Type flag for the name-to-address mapping entry. It is
"static" for static entries.
Address
IP address of the host
1.1.5 dns domain
Syntax
dns domain domain-name
undo dns domain [ domain-name ]
View
System view
Parameter
domain-name: DNS suffix, a string of 1 to 60 characters, including alphanumeric
characters, hyphens (-), underscores (_), and dots (.).
Description
Use the dns domain command to configure a DNS suffix.
Use the undo dns domain command to delete one or all DNS suffixes.
No DNS suffix is configured by default.
You can configure up to 10 DNS suffixes. When using the undo dns domain
command, if you specify a DNS suffix, only the specified DNS suffix is removed,
otherwise, all statically configured suffixes are removed.
Related command: display dns domain.
1-4
3Com Swich 7750 Series
Command Reference Guide – DNS
Chapter 1 DNS Configuration Commands
Note:
The DNS resolution function supported by the Switch 7750 should be used together
with a DNS Server. Different DNS Servers may have differences in DNS
implementation. For example, the Switch 7750 supports a domain name which
includes “_”, while Windows 2000 Server may be unable to resolve the “_”.
Example
# Configure com as a DNS suffix.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dns domain com
1.1.6 dns resolve
Syntax
dns resolve
undo dns resolve
View
System view
Parameter
None
Description
Use the dns resolve command to enable dynamic DNS resolution.
Use the undo dns resolve command to disable dynamic DNS resolution.
Dynamic DNS resolution is disabled by default.
Example
# Enable dynamic DNS resolution.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dns resolve
1-5
3Com Swich 7750 Series
Command Reference Guide – DNS
Chapter 1 DNS Configuration Commands
1.1.7 dns server
Syntax
dns server ip-address
undo dns server [ ip-address ]
View
System view
Parameter
ip-address: IP address of a DNS server.
Description
Use the dns server command to configure a DNS server IP address.
Use the undo dns server to remove a configured DNS server IP address.
No DNS server IP address is configured by default.
You can configure up to 6 DNS servers.
Related command: display dns server.
Example
# Configure a DNS server with the IP address 172.16.1.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] dns server 172.16.1.1
1.1.8 ip host
Syntax
ip host hostname ip-address
undo ip host hostname [ ip-address ]
View
System view
Parameter
Hostname: Hostname, a string of 1 to 30 characters, including alphanumeric
characters, hyphens (-), or dots (.).
ip-address: IP address of the specified host, in dotted decimal notation.
1-6
3Com Swich 7750 Series
Command Reference Guide – DNS
Chapter 1 DNS Configuration Commands
Description
Use the ip host command to add a hostname-to-IP address mapping entry in the
static DNS list.
Use the undo ip host command to remove a mapping entry from the static DNS list.
By default, there is no entry in the static DNS list.
As one hostname can mapped to only one IP address, when you add multiple
hostname-to-address mapping entries with the same hostname, only the last one will
be valid.
Related command: display ip host.
Example
# Configure a mapping entry from the host named aaa to the IP address 10.110.0.1
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] ip host aaa 10.110.0.1
1.1.9 reset dns dynamic-host
Syntax
reset dns dynamic-host
View
User view
Parameter
None
Description
Use the reset dns dynamic-host command to clear the dynamic DNS cache.
Related command: display dns dynamic-host.
Example
# Clear the dynamic DNS cache.
<3Com> reset dns dynamic-host
1-7
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Table of Contents
Table of Contents
Chapter 1 Basic System Configuration & Debugging Commands .......................................... 1-1
1.1 Basic System Configuration Commands ........................................................................... 1-1
1.1.1 clock datetime ......................................................................................................... 1-1
1.1.2 clock summer-time .................................................................................................. 1-1
1.1.3 clock timezone......................................................................................................... 1-3
1.1.4 language-mode ....................................................................................................... 1-4
1.1.5 quit........................................................................................................................... 1-4
1.1.6 return ....................................................................................................................... 1-5
1.1.7 sysname .................................................................................................................. 1-5
1.1.8 system-view............................................................................................................. 1-6
1.2 System Status/Information Display Commands ................................................................ 1-7
1.2.1 display clock ............................................................................................................ 1-7
1.2.2 display debugging ................................................................................................... 1-7
1.2.3 display users ........................................................................................................... 1-8
1.2.4 display version......................................................................................................... 1-9
1.3 System Debugging Commands ....................................................................................... 1-11
1.3.1 debugging.............................................................................................................. 1-11
1.3.2 display diagnostic-information............................................................................... 1-12
1.3.3 terminal debugging................................................................................................ 1-13
Chapter 2 Network Connectivity Test Commands..................................................................... 2-1
2.1 Network Connectivity Test Commands ............................................................................. 2-1
2.1.1 ping.......................................................................................................................... 2-1
2.1.2 tracert ...................................................................................................................... 2-3
Chapter 3 Device Management Commands ............................................................................... 3-1
3.1 Device Management Commands ...................................................................................... 3-1
3.1.1 boot boot-loader ...................................................................................................... 3-1
3.1.2 boot bootrom ........................................................................................................... 3-2
3.1.3 boot bootrom default ............................................................................................... 3-2
3.1.4 bootrom-update security-check enable................................................................... 3-3
3.1.5 display boot-loader.................................................................................................. 3-3
3.1.6 display cpu .............................................................................................................. 3-4
3.1.7 display device.......................................................................................................... 3-5
3.1.8 display environment ................................................................................................ 3-6
3.1.9 display fan ............................................................................................................... 3-7
3.1.10 display memory ..................................................................................................... 3-7
3.1.11 display power ........................................................................................................ 3-8
3.1.12 display schedule reboot ........................................................................................ 3-9
i
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Table of Contents
3.1.13 display uplink monitor............................................................................................ 3-9
3.1.14 loadsharing enable.............................................................................................. 3-10
3.1.15 pause-protection ................................................................................................. 3-11
3.1.16 qe monitor ........................................................................................................... 3-11
3.1.17 qe monitor errpkt ................................................................................................. 3-12
3.1.18 qe monitor errpkt check-time............................................................................... 3-13
3.1.19 qe monitor overflow-threshold............................................................................. 3-14
3.1.20 rdram ................................................................................................................... 3-14
3.1.21 reboot .................................................................................................................. 3-15
3.1.22 schedule reboot at............................................................................................... 3-15
3.1.23 schedule reboot delay ......................................................................................... 3-17
3.1.24 set backboard enhance....................................................................................... 3-18
3.1.25 temperature-limit ................................................................................................. 3-19
3.1.26 uplink monitor ...................................................................................................... 3-19
ii
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
Chapter 1 Basic System Configuration &
Debugging Commands
1.1 Basic System Configuration Commands
1.1.1 clock datetime
Syntax
clock datetime HH:MM:SS YYYY/MM/DD
View
User view
Parameter
HH:MM:SS: Current time, where HH ranges from 0 to 23, MM and SS range from 0 to
59.
YYYY/MM/DD: Current date, where YYYY is the year ranging from 2000 to 2099, MM is
the month ranging from 1 to 12, and DD is the day the range of which is related with the
month.
Description
Use the clock datetime command to set the current date and time of the Ethernet
switch.
In an environment that needs to obtain exact absolute time, it is required to use this
command to set the current date and time of the Ethernet switch.
Related command: display clock.
Example
# Set the current date and time of the Ethernet switch to 0:0:0 2001/01/01.
<3Com> clock datetime 0:0:0 2001/01/01
1.1.2 clock summer-time
Syntax
clock summer-time zone-name one-off start-time start-date end-time end-date
offset-time
1-1
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
clock summer-time zone-name repeating { start-time start-date end-time end-date |
start-time start-year start-month start-week start-day end-time end-year end-month
end-week end-day } offset-time
undo clock summer-time
View
User view
Parameter
zone-name: Name of the summer time, 1 to 32 characters long.
one-off: Sets the summer time for only one year (the specified year).
repeating: Sets the summer time for every year starting from the specified year.
start-time start-date: Start time and start date of the summer time, in the form of
HH:MM:SS YYYY/MM/DD.
end-time end-date: End time and end date of the summer time, in the form of
HH:MM:SS YYYY/MM/DD.
start-year: Start year, in the range of 2000 to 2099.
start-month: Start month, the value of which is January, February, March, April, May,
June, July, August, September, October, November, and December.
start-week: Start week, the value of which is first, second, third, fourth, fifth, and last.
start-day: Start day, the value of which is Sunday, Monday, Tuesday, Wednesday,
Thursday, Friday, Sunday.
end-year: End year, which should be the same year as the start year, ranges from 2000
to 2099.
end-month: End month, the value of which is January, February, March, April, May,
June, July, August, September, October, November, and December.
end-week: End week, the value of which is first, second, third, fourth, fifth, and last.
end-day: End day, the value of which is Sunday, Monday, Tuesday, Wednesday,
Thursday, Friday, Sunday.
offset-time: Offset of the summer time relative to the standard time.
Description
Use the clock summer-time command to set the name and time range of the summer
time.
Use the undo clock summer-time to cancel the settings.
After the setting, you can use the display clock command to check the results. The
time of the log and debugging information adopts the local time that has been adjusted
by the time zone and summer time.
1-2
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
Related command: clock timezone.
Example
# Set the summer time named z2, which starts from 06:00:00 2002/06/08, ends until
06:00:00 2002/09/01, and is one hour ahead of the standard time.
<3Com> clock summer-time z2 one-off 06:00:00 2005/06/08 06:00:00 2002/09/01
01:00:00
# Set the summer time named z2, which starts from 06:00:00 06/08, ends until 06:00:00
09/01, and is one hour ahead of the standard time every year from 2002 on.
<3Com> clock summer-time z2 repeating 06:00:00 2002/06/08 06:00:00 2002/09/01
01:00:00
1.1.3 clock timezone
Syntax
clock timezone zone-name { add | minus } HH:MM:SS
undo clock timezone
View
User view
Parameter
zone-name: Name of the time zone, in length of 1 to 32 characters.
add: Sets the time zone to a time before the UTC time.
minus: Sets the time zone to a time behind the UTC time.
HH:MM:SS: Time to be subtracted from the UTC time, in the form of HH:MM:SS.
Description
Use the clock timezone command to set the local time zone.
Use the undo clock timezone command to restore the local time zone to the default
UTC (universal time coordinated) time zone.
After the setting, you can use the display clock command to check the results. The log
information time and the debugging information time adopt the local time that has been
adjusted by the time zone and the summer time.
Related command: clock summer-time.
Example
# Set the local time zone named z5, which is five hours ahead of the UTC time.
<3Com> clock timezone z5 add 05:00:00
1-3
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
1.1.4 language-mode
Syntax
language-mode { chinese | english }
View
User view
Parameter
chinese: Sets the CLI language environment to Chinese.
English: Sets the CLI language environment to English.
Description
Use the language-mode command to toggle between the language modes (that is,
language environments) of the command line interface (CLI) to meet your requirement.
By default, the CLI language mode is english.
Example
# Toggle from the english mode to the chinese mode.
<3Com> language-mode chinese
1.1.5 quit
Syntax
quit
View
Any view
Parameter
None
Description
Use the quit command to return from current view to lower level view, or exit the system
if current view is user view.
The following lists the three levels of views available (from lower level to higher level):
z
User view
z
System view
z
VLAN view, Ethernet port view, and so on
Related command: return and system-view.
1-4
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
Example
# Return from system view to user view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] quit
<3Com>
1.1.6 return
Syntax
return
View
System view and higher level views
Parameter
None
Description
Use the return command to return from current view to user view. The composite key
has the same effect with the return command.
Related command: quit.
Example
# Return from interface view to user view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] return
<3Com>
1.1.7 sysname
Syntax
sysname sysname
undo sysname
View
System view
1-5
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
Parameter
sysname: System name of the Ethernet switch. It is a character string in length of 1 to
30 characters. By default, it is 3Com.
Description
Use the sysname command to set the system name of the Ethernet switch. Changing
the system name will affect the CLI prompt. For example, if the system name of the
switch is 3Com, the prompt for user view is <3Com>.
Use the undo sysname command to restore the default system view of the Ethernet
switch.
Example
# Set the system name of the Ethernet switch to 3ComLANSwitch.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] sysname 3ComLANSwitch
[3ComLANSwitch]
1.1.8 system-view
Syntax
system-view
View
User view
Parameter
None
Description
Use the system-view command to enter system view from user view.
Related command: quit and return.
Example
# Enter system view from user view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com]
1-6
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
1.2 System Status/Information Display Commands
1.2.1 display clock
Syntax
display clock
View
Any view
Parameter
None
Description
Use the display clock command to display the current date and time of the system, so
that you can adjust them if they are wrong.
The maximum date and time that can be displayed by this command is 23:59:59
9999/12/31.
Related command: clock datetime.
Example
# Display the current date and time of the system.
<3Com> display clock
18:36:31 beijing Sat 2002/02/02
Time Zone : beijing add 01:00:00
Summer-Time : bj one-off 01:00:00 2003/01/01 01:00:00 2003/08/08 01:00:00
Table 1-1 Description on the fields of the display clock command
Field
Description
18:36:31 beijing Sat 2002/02/02
Current date and time of the system
Time Zone
Configured time zone information
Summer-Time
Configured summer time information
1.2.2 display debugging
Syntax
display debugging [ interface interface-type interface-number ] [ module-name ]
1-7
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
View
Any view
Parameter
interface-type: Interface type, supported by the switch, which can be Ethernet,
GigabitEthernet, AUX, VLAN-interface and so on.
interface-numbe: Interface number.
module-name: Module name.
Description
Use the display debugging command to display enabled debugging.
If you want to view the current enabled debugging, you can execute the display
debugging command. Executing this command without any parameter will display all
enabled debugging.
Related command: debugging.
Example
# Display all enabled debugging.
<3Com> display debugging
IP packet debugging is on.
The above information indicates that the IP packets debugging is enabled.
1.2.3 display users
Syntax
display users [ all ]
View
Any view
Parameter
all: Displays the information about all user terminal interfaces.
Description
Use the display users command to display the status and configuration information
about user terminal interfaces.
1-8
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
Example
# Display the status and configuration information about user terminal interfaces.
<3Com> display users
UI
Delay
Type
Ipaddress
0
AUX 0
00:00:17
8
VTY 0
01:37:55
TEL
192.168.0.200
+ 9
VTY 1
00:00:00
TEL
192.168.0.3
VTY 4
00:00:00
TEL
192.168.0.115
12
Username
Table 1-2 Description on the output user terminal interface information
Item
Description
UI
User interface
Delay
Delay time when no interaction occurs
between user and device
Type
User login type
Ipaddress
IP address used when login using telnet
program
Username
User name
1.2.4 display version
Syntax
display version
View
Any view
Parameter
None
Description
Use the display version command to display the information (such as the version
information) about the switch system.
Specifically, you can use this command to check the software version and issue time,
the basic hardware configuration, and some other information about the switch.
1-9
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
Example
# Display the version of the system.
<3Com> display version
3Com Corporation
Switch 7750 Software Version 3.02.00s168re
Copyright (c) 2004-2006 3Com Corporation and its licensors. All rights
reserved.
Switch 7750
FAB96 0:
uptime is 0 week, 6 days, 22 hours, 45 minutes
uptime is 0 weeks,6 days,22 hours,45 minutes
Switch 7750 with 1 MPC8245 Processor
256M
bytes SDRAM
32768K
bytes Flash Memory
512K
bytes NVRAM Memory
PCB Version
:
VER.B
BootROM Version
:
525
CPLD Version
:
003
Second CPLD Ver
:
005
MOD 1:
uptime is 0 weeks,6 days,22 hours,41 minutes
Switch 7750 MOD with 1 MPC8241 Processor
128M
bytes SDRAM
0K
bytes Flash Memory
0K
bytes NVRAM Memory
PCB Version
:
VER.B
BootROM Version
:
525
CPLD Version
:
001
1-10
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
1.3 System Debugging Commands
1.3.1 debugging
Syntax
debugging { all [ timeout interval ] | module-name debugging-option }
undo debugging { all | module-name debugging-option }
View
User view
Parameter
all: Enables or disables all debugging.
timeout interval: Sets the timeout time for all debugging, in the range of 1 to 1,440 (in
minutes). After the setting, all debugging is valid in the specified period which starts
from the time when the debugging is enabled. After the period, all debugging will be
disabled.
module-name: Module name.
debugging-option: Debugging option.
Description
Use the debugging command to enable system debugging.
Use the undo debugging command to disable system debugging.
By default, all debugging is disabled for the system.
Ethernet switches provide various debugging functions for technical support specialists
and senior maintenance personnel to do network fault diagnostics.
Enabling debugging will generate a great deal of debugging information and thus will
affect the efficiency of the system, especially after enabling all debugging through the
debugging all command, the system may collapse. Therefore, it is recommended not
to use the debugging all command. The undo debugging all command brings great
convenience for you to disable all debugging at a time instead of disabling them one by
one.
Related command: display debugging.
Example
# Enable IP packet debugging.
<3Com> debugging ip packet
1-11
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 1 Basic System Configuration &
Debugging Commands
1.3.2 display diagnostic-information
Syntax
display diagnostic-information [ module-name ]
View
Any view
Parameter
module-name: Module name. See the following table for details:
Table 1-3 Module name list
Module name
Description
ARP
ARP module information
DHCP
DHCP module information
DRV
Driver information
ETHERNET
Ethernet module information
FTTH
FTTH information
IGMP
Multicast information
IP
IP module information
L2INF
Interface management information
LACP
Link aggregation information
MEMORY
Memory information
QUEUE
Queue management information
RXTX
Packet transmission information
STP
STP information
SYSTEM
System status information
Description
Use the display diagnostic-information command to display operation information
about all or specified functional modules.
When the system goes wrong, you need to collect much information to locate the fault.
However, each module has its corresponding display command, which make it difficult
for you to collect all the information needed at a time. In this case, you can use display
diagnostic-information command to collect the operation information about all or
specified module. For displaying all information at a time costs a long time and is not
convenient to view, this command provides two modes for you to collect the information
1-12
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
z
Output information to the Console.
z
Output information to a file.
Chapter 1 Basic System Configuration &
Debugging Commands
You can choose one according to the prompt of the system.
Example
# Display operation information about ARP module, output the information to the file
diaginfo.txt and save the file to the Flash memory.
<3Com > display diagnostic-information ARP
Redirect it to file?[Y/N]y
Please input the file name(*.txt)[flash:/diaginfo.txt]:
This operation may take a few minutes, continue?[Y/N]y
Writing diagnostic information to flash:/diaginfo.txt now.
.......
<3Com>
1.3.3 terminal debugging
Syntax
terminal debugging
undo terminal debugging
View
User view
Parameter
None
Description
Use the terminal debugging command to enable terminal display for debugging
information.
Use the undo terminal debugging command to disable terminal display for debugging
information.
By default, terminal display for debugging information is disabled.
Related command: debugging.
Example
# Enable terminal display for debugging information.
<3Com> terminal debugging
1-13
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 2 Network Connectivity Test
Commands
Chapter 2 Network Connectivity Test Commands
2.1 Network Connectivity Test Commands
2.1.1 ping
Syntax
ping [ -a ip-address | -c count | -d | -f | -h ttl | -i interface-type interface-number | -n | - p
pattern | -q | -r | -s packetsize | -t timeout | -tos tos | -v | ip ]* host-ip
ping ipx ipx-address [ -c count | -s packetsize | -t timeout ]*
ping clns nsap-address
View
Any view
Parameter
-a ip-address: Sets the source IP address to send the ICMP ECHO-REQUEST packets.
-c count: Specifies how many times the ICMP ECHO-REQUEST packet will be sent.
The count argument is the times, which ranges from 1 to 4,294,967,295 and defaults to
5.
-d: Sets the socket to DEBUGGING mode. By default, it is non-DEBUGGING mode.
-f: Specifies to discard a packet directly instead of fragmenting it if its length is greater
than the MTU (maximum transmission unit) of the interface.
-h ttl: Sets the TTL (time to live) value of the echo request packets in the range of 1 to
255. By default, the TTL value is 255.
-i: Selects the specified interface to send the ICMP packets.
interface-type: Interface type.
interface-number: Inferface number.
-n: Specifies to regard the host argument as an IP address without performing domain
name resolution. By default, the host argument is first regarded as an IP address; if it is
not an IP address, domain name resolution is performed.
-p pattern: Specifies the padding byte pattern of the ICMP ECHO-REQUEST packets.
The pattern argument is a byte in hexadecimal. For example, -p ff fills a packet with only
ff. By default, the system fills a packet with 0x01, 0x02, and so on, until 0x09; then it
repeats this procedure from 0x01 again.
-q: Specifies to display only the statistics and not to display the details. By default, all
the information including the details and statistics will be displayed.
2-1
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 2 Network Connectivity Test
Commands
-r: Specifies to record the routes. By default, the system does not record any route.
-s packetize: Specifies the size (in bytes) of each ECHO-REQUEST packet (excluding
the IP and ICMP headers). The packetize argument ranges from 20 to 32,000 and
defaults to 56 bytes.
-t timeout: Sets the timeout time (in ms) waiting for an ECHO-RESPONSE packet after
an ECHO-REQUEST packet is sent. The timeout argument ranges defaults to 2,000
ms.
-tos tos: Sets the ToS value of the echo request packets in the range of 0 to 255. By
default, this value is 0.
-v: Specifies to display other ICMP packets received (that is, non-ECHO-RESPONSE
packets). By default, except for the ECHO-RESPONSE packets, other ICMP packets
are not displayed.
ip: Chooses IP ICMP packet.
host-ip: Domain name or IP address of the destination host, 1 to 30 characters long.
ipx: Chooses IPX packet.
ipx-address: IPX address of the destination host.
clns: Chooses CLNS ECHO packets.
nsap-address: NSAP address of the destination host.
Description
Use the ping command to check the connectivity of IP network or IPX network, and the
reachability of a host.
The process of executing of the ping command in the IP network: First, the source host
sends an ICMP ECHO-REQUEST packet to the destination host. If the connection to
the destination network is normal, the destination host receives this packet and
responds with an ICMP ECHO-REPLY packet.
You can use the ping command to check the network connectivity and the quality of a
network line. This command can output the following information:
z
Response status of the destination to each ICMP ECHO-REQUEST packet. If no
response packet is received within the timeout time, including the number of bytes,
packet sequence number, TTL and response time of the response packet. If no
response packet is received within the timeout time, the message "Request time
out" is displayed instead.
z
Final statistics, including the numbers of sent packets and received response
packets, the irresponsive packet percentage, and the minimum, average and
maximum values of response time.
You can set a relatively long timeout time waiting for response packet if the network
transmission is slow.
Related command: tracert.
2-2
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 2 Network Connectivity Test
Commands
Example
# Check the reachability of the host with IP address 202.38.160.244.
<3Com> ping 202.38.160.244
ping 202.38.160.244 : 56 data bytes
Reply from 202.38.160.244 : bytes=56 sequence=1 ttl=255 time = 1ms
Reply from 202.38.160.244 : bytes=56 sequence=2 ttl=255 time = 2ms
Reply from 202.38.160.244 : bytes=56 sequence=3 ttl=255 time = 1ms
Reply from 202.38.160.244 : bytes=56 sequence=4 ttl=255 time = 3ms
Reply from 202.38.160.244 : bytes=56 sequence=5 ttl=255 time = 2ms
--202.38.160.244 ping statistics-5 packet transmitted
5 packet received
0.00% packet loss
round-trip min/avg/max = 1/2/3 ms
2.1.2 tracert
Syntax
tracert [ -a source-ip | -f first-TTL | -m max-TTL | -p port | -q num-packet | -w timeout ]
* host
tracert clns [ -m max-TTL | -n num-packet | -t timeout | -v ]* nsap-address
View
Any view
Parameter
-a source-ip: Sets the source IP address used by this command.
-f first-TTL: Sets the initial TTL of the packets to be sent, so that this command displays
the addresses of only those gateways on the path whose hop counts are not smaller
than the hop count specified by the first-TTL argument. For example, if the first-TTL
argument is three, the command displays the addresses of the gateways from the third
hop. The first-TTL argument ranges from 1 to 255 and defaults to 1.
-m max-TTL: Sets the maximum TTL value of the packets to be sent. After the
command sends a packet with the maximum TTL, it will not send any more packets.
With this argument, this command displays the addresses of only those gateways from
the source destination to the hop count specified by the argument. For example, if the
max-TTL argument is 5, the command displays the addresses of the gateways from the
source to the fifth count. The max-TTL argument ranges from 1 to 255 and defaults to
30.
-p port: Sets the destination port of the packets to be sent. The port argument ranges
from 0 to 65535 and defaults to 33434. Generally, you need not change the argument.
2-3
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 2 Network Connectivity Test
Commands
-q num-packet: Sets the number of packets to be sent every time. The nqueries
argument ranges from 0 to 65,535 and defaults to 3.
-w timeout: Sets the timeout time to wait for ICMP error packets. The timeout argument
ranges from 0 to 65,535 and defaults to 5,000 (in milliseconds).
host: IP address of the destination host or the host name of the remote system, 1 to 30
characters long.
clns: Connectionless network service, a suit of protocols in OSI system, including CLNP,
ISIS and ESIS.
-m max-TTL: Sets a maximum TTL value. The max-TTL argument ranges from 1 to 255
and defaults to 30.
-n num-packet: Indicates the integral number of the sent test packets. The num-packet
argument ranges from 0 to 65535 and defaults to 3.
-t timeout: Sets the timeout time of the tracert command. The timeout argument, in
seconds, ranges from 0 to 65535 and defaults to 5.
-v: Explains the error if the response packet error occurs. If no error occurs, after you
execute the command, the result is the same as the command is executed without -v.
nsap-address: NSAP address of the destination host.
Description
Use the tracert command to trace the gateways the test packets passes through during
its journey from the source to the destination. This command is mainly used to check
the network connectivity. It can help you locate the trouble spot of the network.
The executing procedure of the tracert command is as follows: First, the source sends
a packet with the TTL of 1, and the first hop device returns an ICMP error message
indicating that it cannot forward this packet because of TTL timeout. Then, the source
resends a packet with the TTL of 2, and the second hop device also returns an ICMP
TTL timeout message. This procedure goes on and on until a packet gets to the
destination or the maximum TTL is reached. During the procedure, the system records
the source address of each ICMP TTL timeout message in order to offer the path that
the packets pass through to the destination.
If you find that the network is in trouble by using the ping command, you can use the
tracert command to find where the trouble is in the network.
The tracert command can output the IP addresses of all the gateways the packets pass
through to the destination. It output the string "***" if a gateway times out.
Example
# Trace the gateways the packets pass through during its journey to the destination with
IP address 18.26.0.115.
<3Com> tracert 18.26.0.115
2-4
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 2 Network Connectivity Test
Commands
tracert to allspice.lcs.mit.edu (18.26.0.115), 30 hops max, 40 bytes packet
1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
2 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 19 ms 19 ms
3 lilac-dmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 19 ms
4 ccngw-ner-cc.Berkeley.EDU (128.32.136.23) 19 ms 39 ms 39 ms
5 ccn-nerif22.Berkeley.EDU (128.32.168.22) 20 ms 39 ms 39 ms
6 128.32.197.4 (128.32.197.4) 59 ms 119 ms 39 ms
7 131.119.2.5 (131.119.2.5) 59 ms 59 ms 39 ms
8 129.140.70.13 (129.140.70.13) 80 ms 79 ms 99 ms
9 129.140.71.6 (129.140.71.6) 139 ms 139 ms 159 ms
10 129.140.81.7 (129.140.81.7) 199 ms 180 ms 300 ms
11 129.140.72.17 (129.140.72.17) 300 ms 239 ms 239 ms
12 * * *
13 128.121.54.72 (128.121.54.72) 259 ms 499 ms 279 ms
14 * * *
15 * * *
16 * * *
17 * * *
18 ALLSPICE.LCS.MIT.EDU (18.26.0.115) 339 ms 279 ms 279 ms
2-5
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Chapter 3 Device Management Commands
3.1 Device Management Commands
3.1.1 boot boot-loader
Syntax
boot boot-loader { primary | backup } file-url
View
User view
Parameter
primary: Specifies an application as primary boot application.
backup: Specifies an application as backup boot application.
file-url: Path + name of an APP file in the Flash memory.
Description
Use the boot boot-loader command to specify the APP file that will be adopted when
the switch reboots next time.
You can use this command to specify a primary and backup boot application for a
switch. The boot process is as following:
z
Normally, primary boot application is adopted for boot.
z
When the primary boot application goes wrong, the switch automatically uses the
backup boot application to startup.
z
If the switch can not boot through primary and backup boot applications, it
chooses an application in the Flash randomly for boot. If the switch still can not
boot, then the switch fails to boot.
The BootROM with the version not below 400 supports double applications boot.
Example
# Specify the S7750.APP as the primary application adopted when the switch reboots
next time.
<3Com> boot boot-loader primary S7750.APP
3-1
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
3.1.2 boot bootrom
Syntax
boot bootrom file-url slot slot-list
View
User view
Parameter
file-url: Path + name of a BootROM file (that is, a .btm file) in the Flash memory.
slot slot-list: Specifies the slot number list, which is provided in the format of slot-list=
{ slot-number [ to slot-number ] } & <1-N>, where &<1-N> means that you can specify
up to N slot numbers or slot number ranges.
Description
Use the boot bootrom command to update the BootROM.
Example
# Update the BootROM of the card in slot 1 of the switch using the file named
S7750.btm.
<3Com> boot bootrom S7750.btm slot 1
3.1.3 boot bootrom default
Syntax
boot bootrom default [ slot slot-list ]
View
User view
Parameter
slot-list: Slot number list, provided in the format of slot-list = [ slot-number [ to
slot-number ] ]&<1-N>, where &<1-N> means that you can specify up to N slot numbers
or slot number ranges.
Description
Use the boot bootrom default command to upgrade the BootROM by using the
current boot file.
3-2
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Example
# Use the current boot file to upgrade the BootROM of all service cards that working
normally.
<3Com> boot bootrom default
3.1.4 bootrom-update security-check enable
Syntax
bootrom-update security-check enable
undo bootrom-update security-check enable
View
System view
Parameter
None
Description
Use the bootrom-update security-check enable command to enable the validity
check function when upgrading BootROM.
Use the undo bootrom-update security-check enable command to disable the
validity check function when upgrading BootROM.
By default, validity check function is enabled during BootROM upgrade.
The Switch 7750 series features manydifferent available cards. Each card has its own
BootROM application. Upgrading to the wrong BootROM can seriously affect the
operation of the card. Enable validity checking to avoid loading the wrong BootROM.
Example
# Enable the validity check function.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] bootrom-update security-check enable
3.1.5 display boot-loader
Syntax
display boot-loader
View
Any view
3-3
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Parameter
None
Description
Use the display boot-loader command to display the APP file that is adopted when the
switch boots this time and next time.
Example
# Display the APP that will be adopted when the switch reboots.
<3Com> display boot-loader
The primary app to boot of board 0 at the next time is: flash:/ccc.app
The backup app to boot of board 0 at the next time is: flash:/ddd.app
The app to boot of board 0 at this time is: flash:/ccc.app
Table 3-1 Description on the fields of the display boot-loader command
Field
Description
The primary app to boot of board 0 at the
next time
Primary boot file used by the device for
reboot next time
The backup app to boot of board 0 at the
next time
Backup boot file used by the device for
reboot next time
The app to boot of board 0 at this time
Boot file used by the device for boot this
time
3.1.6 display cpu
Syntax
display cpu [ slot slot-number ]
View
Any view
Parameter
slot slot-number: Specifies a slot. The CPU status of the card on the slot is to
displayed.
Description
Use the display cpu command to display the CPU usage of a specified switch.
3-4
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Example
# Display the CPU usage of the card on slot 0 of the switch.
<3Com> display cpu slot 0
Board 0 CPU busy status:
18% in last 5 seconds
19% in last 1 minute
19% in last 5 minutes
Table 3-2 Description on the fields of the display cpu command
Field
Description
CPU busy status
Indicates that the following lines describe the CPU
occupancies in different time periods.
18% in last 5 seconds
The CPU usage in the last five seconds is 18%.
19% in last 1 minute
The CPU usage in the last one minute is 19%.
19% in last 5 minutes
The CPU usage in the last five minutes is 19%.
3.1.7 display device
Syntax
display device [ detail | [ shelf shelf-no ] [ frame frame-no ] [ slot slot-number ] ]
View
Any view
Parameter
detail: Detail information about the specified switch.
shelf-no: Shelf number of a switch.
frame-no: Frame number of a switch.
slot-number: Slot number of a switch.
Description
Use the display device command to display the information, such as the module type
and operating status, about each board (main board and sub board) of a specified
switch.
You can use this command to display the following information about each board: slot
number, sub slot number, number of ports, versions of PCB, FPGA, hardware and
BootROM software, address learning mode, interface board type, and so on.
3-5
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Example
# Display board information of this switch.
<3Com> display device
S7750
Slot No.
Brd Type
Brd Status
Subslot Num
Sft Ver
0
NONE
Absent
Absent
None
1
3C16857R
Master
0
S7750R-3128
2
NONE
Absent
Absent
None
3
3C16860
4
NONE
5
3C16863A
6
NONE
Absent
Absent
None
7
NONE
Absent
Absent
None
Normal
0
Absent
S7750R-3128
Absent
Normal
None
0
S7750R-3128
3.1.8 display environment
Syntax
display environment
View
Any view
Parameter
none
Description
Use the display environment command to display the environment information.
Example
# Display the environment information.
<3Com> display environment
System temperature information (degree centigrade):
---------------------------------------------------Board
Temperature
Lower limit
Upper limit
1
30
10
70
3
43
10
80
5
33
10
70
3-6
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
3.1.9 display fan
Syntax
display fan [ fan-id ]
View
Any view
Parameter
fan-id: ID number of a fan.
Description
Use the display fan command to view the working state of the built-in fans.
You can check whether the fans are working normally through the command.
Example
# Display the working state of the fans.
<3Com> display fan
Fan
1 State: Normal
The above information indicates that fan works normally.
3.1.10 display memory
Syntax
display memory [ slot slot-number | limit ]
View
Any view
Parameter
slot slot-number Specifies a slot number, the usage state of the memory on the slot will
be displayed.
limit: Displays the memory configuration information of the device.
Description
Use the display memory command to display the memory usage of a specified switch.
Example
# Display the memory usage on slot 0 of the switch.
<3Com> display memory slot 0
System Total Memory(bytes): 197932416
3-7
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Total Used Memory(bytes): 65234704
Used Rate: 32%
Table 3-3 Description on the fields of the display memory command
Field
Description
System Total Memory(bytes)
Total memory size of the system, in unit of bytes
Total Used Memory(bytes)
Used memory size of the system, in unit of bytes
Used Rate
Percentage of the used memory
# Display the current configuration information of the switch.
<3Com> display memory limit
Current memory limit configuration information:
system memory safety: 40 (MBytes)
system memory limit: 30 (MBytes)
auto-establish enabled
Free Memory: 108120672 (Bytes)
The state information about connection:
The times of disconnect: 0
The times of reconnect: 0
The current state: Normal
3.1.11 display power
Syntax
display power [ power-id ]
View
Any view
Parameter
power-id: Power ID.
Description
Use the display power command to view the state of the power supply of the switch.
3-8
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Example
# Display the state of the power supply.
<3Com> display power
Power
1 State: Absent
Power
2 State: Normal
Power
3 State: Absent
3.1.12 display schedule reboot
Syntax
display schedule reboot
View
Any view
Parameter
None
Description
Use the display schedule reboot command to display information about scheduled
reboot.
Related command: reboot, schedule reboot at.
Example
# Display the information about scheduled reboot.
<3Com> display schedule reboot
System will reboot at 16:00:00 2004/11/1 (in 2 hours and 5 minutes).
3.1.13 display uplink monitor
Syntax
display uplink monitor
View
Any view
Parameter
None
3-9
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Description
Use the display uplink monitor command to view information about Layer 3
connectivity between the local device and the remote device.
Related command: uplink monitor.
Example
# View information about Layer 3 connectivity between the local device and the remote
device.
<3Com> display uplink monitor
UpLink monitor information
No.
1
Dest_IP_Addr
192.168.0.35
Dest_MAC_Addr
Vlan
----.----.----
1
Port
-
ErrCnt
135
Last_Err_Time
04/29 16:15:04
The above information shows there are 135 Layer 3 connectivity errors between the
local device and the remote device whose IP address is 192.168.0.35.
3.1.14 loadsharing enable
Syntax
loadsharing enable
undo loadsharing enable
View
System view
Parameter
None
Description
Use the loadsharing enable command to enable system load sharing.
Use the undo loadsharing enable command to disable system load sharing.
By default, system load sharing function is disabled.
With system load sharing enabled, when an LPU receives traffic to be cross-card
forwarded, load sharing is performed between the active SRPU and the standby SRPU.
Note:
z
Only unicast traffic supports load sharing.
z
Only LPUs of XGbus type support load sharing.
3-10
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Example
# Enable system load sharing.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] loadsharing enable
3.1.15 pause-protection
Syntax
pause-protection { enable | disable } slot slot-number
View
System view
Parameter
enable: Enables pause frame protection mechanism.
disable: Disables pause frame protection mechanism.
slot slot-number: Specifies a slot where board is to seat in.
Description
Use the pause-protection command to enable/disable pause frame protection
mechanism. Pause frame protection mechanism is disabled by default.
Pause frames, which can be utilized as packets to attack a network, are used in traffic
controlling. A switch that has pause frame protection mechanism enabled discards the
detected pause frames that are utilized to attack the network it resides and logs these
attacks in the logbuffer. If the switch experiences successive pause frame attacks, it
sends messages to the console to warn users.
Example
# Enable pause frame protection mechanism on the board in slot 7.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] pause-protection enable slot 7
3.1.16 qe monitor
Syntax
qe monitor { enable | disable }
3-11
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
View
System view
Parameter
enable: Enables queue traffic monitoring.
disable: Disables queue traffic monitoring.
Description
Use the qe monitor command to enable/disable queue traffic monitoring.
Queue traffic monitoring is disabled by default.
With queue traffic monitoring enabled on a switch, the switch monitors the queue traffic
and relieves blocks in the output queue of its interfaces.
The criterion used to distinguish a block is that the queue is full and the traffic of the
corresponding interface is less than the specified threshold.
Refer to the qe monitor overflow-threshold command for information about how to
set a threshold.
Example
# Enable queue traffic monitoring.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] qe monitor enable
3.1.17 qe monitor errpkt
Syntax
qe monitor errpkt { all | none | runt }
View
Ethernet port view
Parameter
all: Specifies to detect all error packets on current interface.
none: Specifies not to detect error packets on current interface.
runt: Specifies to detect error packets that are of runt type on current interface. Error
packets that are of runt type refer to frames whose data segment is less than 64 bytes
without CRC errors.
3-12
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Description
Use the qe monitor errpkt command to configure error packets detection function on
current interface.
A switch does not detect error packets on current interface by default.
If the switch receives a great number of error packets, it will not be able to send/receive
packets properly. With error packets monitoring enabled, the switch collects information
about received error packets regularly. If error packets are detected, it takes protection
measures to ensure that its interfaces send/receive packets properly.
Example
# Specify to detect error packets that are of runt type on Ethernet4/0/1 interface.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 4/0/1
[3Com-Ethernet4/0/1] qe monitor errpkt runt
3.1.18 qe monitor errpkt check-time
Syntax
qe monitor errpkt check-time interval
View
System view
Parameter
interval: Specifies the interval for detecting error packets. The interval argument ranges
from 1 to 3600 (in seconds) and defaults to 5.
Description
Use the qe monitor errpkt check-time command to set the interval for detecting error
packets.
If the switch receives a great number of error packets, it will not be able to send/receive
packets properly. With error packets monitoring enabled, the switch collects information
about received error packets at intervals. If error packets are detected, it takes
protection measures to ensure that its interfaces send/receive packets properly.
Example
# Set the interval for detecting error packets to 50 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] qe monitor errpkt check-time 50
3-13
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
3.1.19 qe monitor overflow-threshold
Syntax
qe monitor overflow-threshold threshold
View
System view
Parameter
threshold: Integer that sets the overall traffic threshold, ranging from 0 to 4294967295
(in bps).
Description
Use the qe monitor overflow-threshold command to specify the overall traffic
threshold used in queue traffic monitoring.
The overall traffic threshold defaults to 300,000,000 bps (300 Mbps).
With queue traffic monitoring enabled, the switch monitors the queue traffic and
relieves blocks in the output queue of its interfaces.
The criterion used to distinguish a block is that the queue is full and the traffic of the
corresponding interface is less than the specified threshold.
Example
# Set the overall traffic threshold used in queue traffic monitoring to 90 Mbps.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] qe monitor overflow-threshold 90000000
3.1.20 rdram
Syntax
rdram { enable | disable }
View
System view
Parameter
enable: Enables rambus dynamic random access memory (RDRAM) of the device.
disable: Disables RDRAM of the device.
Description
Use the rdram enable command to enable RDRAM of the device.
3-14
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Use the rdram disable command to disable RDRAM of the device.
By default, RDRAM of the device is disabled.
Example
# Disable RDRAM of the device.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] rdram disable
3.1.21 reboot
Syntax
reboot [ slot slot-number ]
View
User view
Parameter
slot slot-number: Specifies the slot number.
Description
Use the reboot command to restart the whole system or the specified card.
Example
# Restart the switch.
<3Com> reboot
System is checking configuration now. Please wait ...
This command will reboot the system. The current configuration has not been
saved and will be lost if you continue. Continue? [Y/N]
3.1.22 schedule reboot at
Syntax
schedule reboot at hh:mm [ yyyy/mm/dd ]
undo schedule reboot
View
User view
3-15
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Parameter
hh:mm: Reboot time, where hh (hour) ranges from 0 to 23, and mm (minute) ranges
from 0 to 59.
yyyy/mm/dd: Reboot date, where yyyy (year) ranges from 2,000 to 2,099, mm (month)
ranges from 1 to 12, and the range of dd (day) depends on the specific month.
Description
Use the schedule reboot at command to schedule a reboot on the current switch and
set the reboot date and time.
Use the undo schedule reboot command to cancel the scheduled reboot.
By default, no scheduled reboot is set on the switch.
Note:
There is at most one minute defer for scheduled reboot, that is, the switch will reboot
within one minute after reaching the specified reboot date and time.
After you execute the schedule reboot at command with a future date specified, the
switch will reboot at the specified time with at most one minute delay.
After you execute the schedule reboot at command without specifying a date, the
switch will:
z
Reboot at the specified time on the current day if the specified time is later than the
current time.
z
Reboot at the specified time on the next day if the specified time is earlier than the
current time.
Note that the specified date can not be 30 days later than the current date. And after
you execute the command, the system will prompt you to confirm. Enter "Y" or "y" for
your setting to take effect, and your setting will overwrite the old one (if available).
If you adjust the system time by the clock command after executing the schedule
reboot at command, the schedule reboot at command will be invalid and the
scheduled reboot will not happen.
Related command: reboot, display schedule reboot.
Example
# Suppose the current time is16:21, schedule a reboot so that the switch reboots at
22:00 on the current day.
<3Com> schedule reboot at 22:00
Reboot system at 22:00 2005/04/06(in 5 hours and 39 minutes)
3-16
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
confirm?[Y/N]:y
<3Com>
%Apr
6 16:21:03 2005 S7750R CMD/5/REBOOT:
aux0: schedule reboot parameters at 16:21:00 2005/04/06. And system will reboot
at 22:00:2005 04/06/2005.
3.1.23 schedule reboot delay
Syntax
schedule reboot delay { hhh:mm | mmm }
undo schedule reboot
View
User view
Parameter
hhh:mm: Reboot waiting delay, in the format of “hour:minute”. hh ranges from 0 to 720,
and mm ranges from 0 to 59.
mmm: Reboot waiting delay, ranging from 0 to 43,200 minutes.
Description
Use the schedule reboot delay command to schedule a reboot on the switch, and set
the reboot waiting delay.
Use the undo schedule reboot command to cancel the scheduled reboot.
By default, no scheduled reboot is set on the switch.
Note:
There is at most one minute defer for scheduled reboot, that is, the switch will reboot
within one minute after waiting for the specified delay.
You can set the reboot waiting delay in two formats: the hours:minutes format and the
absolute minutes format, and both must be less than or equal to 30 × 24 × 60 (that is, 30
days).
After you execute the command, the system will prompt you to confirm. Enter "Y" or "y"
for your setting to take effect. Your setting will overwrite the old one (if available).
If you adjust the system time by the clock command after executing the schedule
reboot delay command, the schedule reboot delay command will be invalid and the
scheduled reboot will not happen.
3-17
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Related command: reboot, schedule reboot at, undo schedule reboot, and display
schedule reboot.
Example
# Suppose the current time is 16:26, schedule a reboot so that the switch reboots after
88 minutes.
<3Com> schedule reboot delay 88
Reboot system at 17:54 2005/04/06(in 1 hours and 28 minutes)
confirm?[Y/N]:y
<3Com>
%Apr
6 16:26:38 2005 S7750R CMD/5/REBOOT:
aux0: schedule reboot parameters at 16:26:34 2005/04/06. And system will reboot
at 17:54:2005 04/06/2005.
3.1.24 set backboard enhance
Syntax
set backboard enhance
undo set backboard enhance
View
System view
Parameter
None
Description
Use the set backboard enhance command to specify the clock of inter-card HG
tunnels to work in the enhanced mode (at the frequency of 187 MHz).
Use the undo set backboard enhance command to specify the clock of inter-card HG
tunnels to work in the standard mode (at the frequency of 127 MHz).
By default, the clock of inter-card HG tunnels works in the standard mode.
Caution:
This function can be enabled normally and takes effect only on Switch 7750 switches
equipped with 3C16860 cards.
3-18
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Example
# Specify the clock of the HG tunnel between cards to work in the enhanced mode.
<3Com> system-view
Enter system view, return to user view with Ctrl+Z.
[3Com] set backboard enhance
3.1.25 temperature-limit
Syntax
temperature-limit slot-number down-value up-value
undo temperature-limit slot-number
View
User view
Parameter
slot-number: Physical card slot number.
down-value: Lower temperature limit, ranging from 0 to 70, in centigrade.
up-value: Upper temperature limit, in centigrade, ranging from 20 to 90, and must be
greater than the down-value.
Description
Use the temperature-limit command to configure temperature alarm threshold.
Use the undo temperature-limit command to restore temperature alarm threshold to
the default.
Example
# Set the lower temperature limit of card 0 to 10, and upper temperature limit to 75.
<3Com> temperature-limit 0 10 75
Success temperature limit set successfully
3.1.26 uplink monitor
Syntax
uplink monitor ip ip-address
undo uplink monitor ip
View
Ethernet port view
3-19
3Com Switch 7750 Series
Command Reference Guide – System Maintenance & Debugging
Chapter 3 Device Management
Commands
Parameter
ip-address: IP address of a interface on the Layer 3 device in the remote peer. The
interface connects with the local device.
Description
Use the uplink monitor ip command to enable the Layer 3 connectivity detection
function on the current port, and specify the IP address to be detected, that is the IP
address of the interface on the remote device that connects with the local device.
Use the undo uplink monitor ip to disable the Layer 3 connectivity detection function.
By default, Layer 3 connectivity detection function is disabled on all ports.
Note:
This function requires no Layer 3 device existing between the local peer and the remote
peer.
Example
# Enable Layer 3 connectivity detection function on Ethernet4/0/1, and specify the IP
address to be detected as 1.1.1.1.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] interface Ethernet 4/0/1
[3Com-Ethernet4/0/1] uplink monitor ip 1.1.1.1
3-20
3Com Switch 7750 Series
Command Reference Guide – Remote Ping
Table of Contents
Table of Contents
Chapter 1 Remote Ping Commands ............................................................................................ 1-1
1.1 Remote Ping Commands................................................................................................... 1-1
1.1.1 count........................................................................................................................ 1-1
1.1.2 destination-ip ........................................................................................................... 1-1
1.1.3 display remote ping ................................................................................................. 1-2
1.1.4 frequency................................................................................................................. 1-5
1.1.5 remote ping ............................................................................................................. 1-6
1.1.6 remote ping-agent enable ....................................................................................... 1-7
1.1.7 test-enable............................................................................................................... 1-7
1.1.8 test-type................................................................................................................... 1-8
1.1.9 timeout..................................................................................................................... 1-9
i
3Com Switch 7750 Series
Command Reference Guide – Remote Ping
Chapter 1 Remote Ping Commands
Chapter 1 Remote Ping Commands
1.1 Remote Ping Commands
1.1.1 count
Syntax
count times
undo count
View
Remote Ping test group view
Parameter
times: Number of the test packets to be transmitted. It is in the range 1 to 15 and
defaults to 1.
Description
Use the count command to configure the number of packets to be sent for each test.
Use the undo count command to restore the default.
A test timer is started when the system sends the first test packet. In the event that the
times argument is set greater than one, the system continues to send the second one
upon receipt of the reply to the first one. If receiving no reply upon expiry of the timer,
the system sends the second and all the remaining packets likewise.
Related command: frequency.
Example
# Set that the “administrator-icmp” test group sends ten packets for each test.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] remote ping administrator icmp
[3Com-remote ping-administrator-icmp] count 10
1.1.2 destination-ip
Syntax
destination-ip ip-address
undo destination-ip
1-1
3Com Switch 7750 Series
Command Reference Guide – Remote Ping
Chapter 1 Remote Ping Commands
View
Remote Ping test group view
Parameter
ip-address: Destination IP address in a test.
Description
Use the destination-ip command to configure the destination IP address in the test.
Use the undo destination-ip command to delete the configured destination IP
address.
By default, no destination IP address is configured for any test.
Example
# Set the destination IP address in the test of the “administrator-icmp” test group to
1.1.1.99.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] remote ping administrator icmp
[3Com-remote ping-administrator-icmp] destination-ip 1.1.1.99
1.1.3 display remote ping
Syntax
display remote ping { result | history } [ administrator-name operation-tag ]
View
Any view
Parameter
result: Displays the test result.
history: Displays the test history.
administrator-name: Name of the administrator creating the test.
operation-tag: Test operation tag.
Description
Use the display remote ping command to view test result(s).
If a test group is specified using the arguments of administrator-name and
test-operation-tag, the system displays only the test result of the group; if not, it
displays the test results of all the test groups.
Related command: test-enable.
1-2
3Com Switch 7750 Series
Command Reference Guide – Remote Ping
Chapter 1 Remote Ping Commands
Example
# Use the display remote ping result command to display the test result of the test
group whose administrator name is “administrator” and operation tag is “icmp”.
<3Com> display remote ping result administrator icmp
Remote Ping entry(admin administrator, tag icmp) test result:
Destination ip address:1.1.1.99
Send operation times: 10
Receive response times: 10
Min/Max/Average Round Trip Time: 2/5/2
Square-Sum of Round Trip Time: 66
Last complete test time: 2000-4-2 7:59:54.7
Extend result:
SD Maximal delay: 0
DS Maximal delay: 0
Packet lost in test: 0%
Disconnect operation number: 0
Operation timeout number: 0
System busy operation number: 0
Connection fail number: 0
Operation sequence errors: 0
Drop operation number: 0
Other operation errors: 0
Table 1-1 Description on the fields of the display remote ping result command
Field
Description
Destination ip address
Destination IP address
Send operation times
Number of times the operation is sent
Number of times of the successful test
Receive response times
operations
Min/Max/Average Round Trip Time
Smallest/biggest/average round-trip time
Square-Sum of Round Trip Time
The square sum of the round trip time
Last complete test time
Time of the last successful test
Maximal delay from the source to the
SD Maximal delay
destination
Maximal delay from the destination to the
DS Maximal delay
source
Packet lost in test
Packet lost ratio in the test.
Number of times of disconnections by the
Disconnect operation number
opposite side
1-3
3Com Switch 7750 Series
Command Reference Guide – Remote Ping
Chapter 1 Remote Ping Commands
Field
Description
Number of times of timeouts in the test
Operation timeout number
operation
Number of times the test fails because
System busy operation number
the system is busy
Connection fail number
Number of connection failures
Number of received sequence error
Operation sequence errors
packets
Number of system resource allocation
Drop operation number
errors
Other operation errors
Number of other errors
# Use the display remote ping history command to display test results.
<3Com> display remote ping history administrator icmp
Remote Ping entry(admin administrator, tag icmp) history record:
Index
Response
Status
LastRC
Time
1
1
1
0
2004-11-25 16:28:55.0
2
1
1
0
2004-11-25 16:28:55.0
3
1
1
0
2004-11-25 16:28:55.0
4
1
1
0
2004-11-25 16:28:55.0
5
1
1
0
2004-11-25 16:28:55.0
6
2
1
0
2004-11-25 16:28:55.0
7
1
1
0
2004-11-25 16:28:55.0
8
1
1
0
2004-11-25 16:28:55.0
9
1
1
0
2004-11-25 16:28:55.9
10
1
1
0
2004-11-25 16:28:55.9
Table 1-2 Description on the fields of the display remote ping history command
Field
Index
Response
Description
Index of the displayed information
Round trip test time, in milliseconds, or the timeout time.
0 means the test fails.
1-4
3Com Switch 7750 Series
Command Reference Guide – Remote Ping
Chapter 1 Remote Ping Commands
Field
Description
Value of the test result. See the following detailed
description:
1: responceReceived. It means response is received.
2: unknown. It means unknown error.
3: internalError. It means system internal error.
4: requestTimeOut. It means timeout waiting for
response.
5: unknownDestinationAddress. It means the destination
address is unknown.
Status
6: noRouteToTarget. It means there is no route to the
destination address.
7: interfaceInactiveToTarget. It means the interface of
destination address is not activated.
8: arpFailure. It means ARP operation fails.
9: maxConcurrentLimitReached. It means the maximum
limit of concurrent accesses is reached.
10: unableToResolveDnsName. It means it is unable to
resolve the DNS field.
11: invalidHostAddress. It means the invalid host
address.
Receive the last response code based on the
implementation ways. With ICMP echo enabled, if the
LastRC
system
receives
ICMP
response
which
includes
ICMP_ECHOREPLY(0), the probe has succeeds. ICMP
response often defined in the file including ip_icmp.
Time
Test time
1.1.4 frequency
Syntax
frequency interval
undo frequency
View
Remote Ping test group view
1-5
3Com Switch 7750 Series
Command Reference Guide – Remote Ping
Chapter 1 Remote Ping Commands
Parameter
interval: Automatic test interval. It ranges from 0 to 65535 seconds and defaults to 0
meaning no automatic test.
Description
Use the frequency command to configure an automatic test interval.
Use the undo frequency command to disable automatic test.
The system automatically tests at intervals specified by this command, where the
argument interval is greater than 0.
Related command: count.
Example
# Set the automatic test interval of the “administrator-icmp” test group to 10 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] remote ping administrator icmp
[3Com-remote ping-administrator-icmp] frequency 10
1.1.5 remote ping
Syntax
remote ping administrator-name operation-tag
undo remote ping administrator-name operation-tag
View
System view
Parameter
administrator-name: Name of the administrator creating an Remote Ping test group, a
string of 1 to 32 characters.
operation-tag: Test operation tag, a string of 1 to 32 characters.
Description
Using the remote ping command, you can create an Remote Ping test group.
Executing this command allows the system to access Remote Ping test group view.
Example
# Create an Remote Ping test group, where the administrator name is “administrator”
and the test operation tag is “icmp”.
<3Com> system-view
1-6
3Com Switch 7750 Series
Command Reference Guide – Remote Ping
Chapter 1 Remote Ping Commands
System View: return to User View with Ctrl+Z.
[3Com] remote ping administrator icmp
[3Com-remote ping-administrator-icmp]
1.1.6 remote ping-agent enable
Syntax
remote ping-agent enable
undo remote ping-agent enable
View
System view
Parameter
None
Description
Use the remote ping-agent enable command to enable the Remote Ping client
function.
Use the undo remote ping-agent enable command to disable the Remote Ping client
function.
Before you can perform a test, you must enable the Remote Ping client function. By
default, Remote Ping client function is enabled.
Example
# Enable Remote Ping Client.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] remote ping-agent enable
1.1.7 test-enable
Syntax
test-enable
undo test-enable
View
Remote Ping test group view
Parameter
None
1-7
3Com Switch 7750 Series
Command Reference Guide – Remote Ping
Chapter 1 Remote Ping Commands
Description
Use the test-enable command to execute an Remote Ping test.
Use the undo test-enable command to disable an Remote Ping test.
Note:
After you execute the test-enable command, the system does not display the test
result. You may view the test result information by executing the display remote ping
command.
Related command: display remote ping.
Example
# Execute the Remote Ping test defined by the test group “administrator-icmp”.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] remote ping administrator icmp
[3Com-remote ping-administrator-icmp] test-enable
1.1.8 test-type
Syntax
test-type type
View
Remote Ping test group view
Parameter
type: Test type.
Description
Use the test-type command to configure the type of the test.
Currently the system only supports ICMP test.
Example
# Set test type of the “administrator-icmp” test group to ICMP.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] remote ping administrator icmp
1-8
3Com Switch 7750 Series
Command Reference Guide – Remote Ping
Chapter 1 Remote Ping Commands
[3Com-remote ping-administrator-icmp] test-type icmp
1.1.9 timeout
Syntax
timeout time
undo timeout
View
Remote Ping test group view
Parameter
time: Timeout time. It is in the range of 1 to 60 seconds and defaults to 3 seconds.
Description
Use the timeout command to configure a timeout time for a test.
Use the undo timeout command to restore the default.
Example
# Set the timeout time of the “administrator-icmp” test group to 10 seconds.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] remote ping administrator icmp
[3Com-remote ping-administrator-icmp] timeout 10
1-9
3Com Switch 7750 Series
Command Reference Guide – Hardware Commands
Table of Contents
Table of Contents
Chapter 1 Hardware-Dependent Software Configuration Commands..................................... 1-1
1.1 Commands for Boot ROM Upgrade with App File............................................................. 1-1
1.1.1 boot bootrom default ............................................................................................... 1-1
1.1.2 boot bootrom file-url ................................................................................................ 1-1
1.1.3 boot boot-loader primary ......................................................................................... 1-2
1.2 Inter-Card Link State Adjustment Configuration Commands ............................................ 1-2
1.2.1 set inlink .................................................................................................................. 1-2
1.3 Internal Channel Monitor Commands ................................................................................ 1-3
1.3.1 monitor inner-channel ............................................................................................. 1-3
1.3.2 monitor inner-channel ............................................................................................. 1-4
1.4 Switch Chip Auto-reset Configuration Commands ............................................................ 1-5
1.4.1 monitor slot.............................................................................................................. 1-5
i
3Com Switch 7750 Series
Command Reference Guide – Hardware Commands
Chapter 1 Hardware Configuration Comm
ands
Chapter 1 Hardware Configuration Commands
1.1 Commands for Boot ROM Upgrade with App File
1.1.1 boot bootrom default
Syntax
boot bootrom default [ slot slot-number-list ]
View
User view
Parameter
slot-number-list: Specifies a slot number list of the switch. slot-number-list =
{ slot-number [ to slot-number ] }&<1-N>. &<1-N> means you can enter the previous
parameters up to N times (N is the number of slots).
Description
Use the boot bootrom default command to use the current startup file to upgrade the
Boot ROMs.
Example
# Use the current startup file to upgrade the Boot ROMs of all normal LPU boards in
position.
<3Com> boot bootrom default
1.1.2 boot bootrom file-url
Syntax
boot bootrom file-url [ slot slot-number-list ]
View
User view
Parameter
file-url: Specifies the Boot ROM file path and file name in the Flash memory.
slot-number-list: Specifies a slot number list of the switch. slot-number-list =
{ slot-number [ to slot-number ] }&<1-N>. &<1-N> means you can enter the previous
parameters up to N times (N is the number of slots).
1-1
3Com Switch 7750 Series
Command Reference Guide – Hardware Commands
Chapter 1 Hardware Configuration Comm
ands
Description
Use the boot bootrom file-url command to use the specified App file to upgrade the
Boot ROMs.
Example
# Use the specified App file (abcd.app) to upgrade the Boot ROMs of all normal LPU
boards in position.
<3Com> boot bootrom abcd.app
1.1.3 boot boot-loader primary
Syntax
boot boot-loader primary file-url
View
User view
Parameter
file-url: Specifies the Boot ROM file path and file name in the Flash memory.
Description
Use the boot boot-loader primary command to specify the primary startup file at next
booting and use it to upgrade the Boot ROMs.
Example
# Specify the App file abcd.app as the primary startup file for next booting and use it to
upgrade the Boot ROMs.
<3Com> boot boot-loader primary abcd.app
1.2 Inter-Card Link State Adjustment Configuration
Commands
1.2.1 set inlink
Syntax
set inlink { auto | fix }
View
System view
1-2
3Com Switch 7750 Series
Command Reference Guide – Hardware Commands
Chapter 1 Hardware Configuration Comm
ands
Parameter
auto: Sets the inter-card links are established in the auto negotiation mode.
fix: Sets the inter-card links are established the fix mode.
Description
Use the set inlink command to set the mode in which inter-card links are established.
By default, inter-card links are established in the auto negotiation mode.
Example
# Configure the inter-card links to be established in the fix mode.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] set inlink fix
1.3 Internal Channel Monitor Commands
1.3.1 monitor inner-channel
Syntax
monitor inner-channel [ reboot-lpu | reboot-switch ]
undo monitor inner-channel [ reboot-lpu | reboot-switch ]
View
System view
Parameter
reboot-lpu: Restarts a service card.
reboot-switch: Restarts a switch.
Description
Use the monitor inner-channel command to enable the function of monitoring internal
channels.
Use the undo monitor inner-channel command to disable the function of monitoring
internal channels.
By default, the function of monitoring internal channels is enabled.
An internal channel refers to the interface channel between the SRPU and the service
cards. The SRPU sends handshake packets to each service card every second. After
receiving the handshake packets, the service cards reports the result to the SRPU. In
this case, the SRPU knows that the service cards are operating normally. Through this
1-3
3Com Switch 7750 Series
Command Reference Guide – Hardware Commands
Chapter 1 Hardware Configuration Comm
ands
process, the SRPU can judge whether each service card in the device operates
normally.
You can also set the maximum number of times the SRPU fails to receive handshake
packets. If the number of times the SRPU fails to receive handshake packets exceeds
the upper limit, the switch resets the processing chip automatically. When the SRPU
receives handshake packets, it resets the counter automatically.
You can also set whether to restart the service card or the switch when the number of
times the SRPU fails to receive handshake packets exceeds the upper limit.
Example
# Enable the function of monitoring internal channels
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] monitor inner-channel
1.3.2 monitor inner-channel
Syntax
monitor inner-channel upper-limit upper-timers
undo monitor inner-channel
View
System view
Parameter
upper-times: Specifies the upper limit.
Description
Use the monitor inner-channel upper-limit command to set the maximum number of
times of monitoring internal channels.
Use the undo monitor inner-channel command to disable the function of setting the
maximum number of times of monitoring internal channels.
The default value is 10.
An internal channel refers to the interface channel between the SRPU and the service
cards. The SRPU sends handshake packets to each service card every second. After
receiving the handshake packets, the service cards reports the result to the SRPU. In
this case, the SRPU knows that the service cards are operating normally. Through this
process, the SRPU can judge whether each service card in the device operates
normally.
1-4
3Com Switch 7750 Series
Command Reference Guide – Hardware Commands
Chapter 1 Hardware Configuration Comm
ands
You can also set the maximum number of times the SRPU fails to receive handshake
packets. If the number of times the SRPU fails to receive handshake packets exceeds
the upper limit, the switch resets the processing chip automatically. When the SRPU
receives handshake packets, it resets the counter automatically.
Example
# Set the upper limit to 50.
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] monitor inner-channel upper-limit 50
1.4 Switch Chip Auto-reset Configuration Commands
1.4.1 monitor slot
Syntax
monitor slot slot-id enable
monitor slot slot-id disable
View
System view
Parameter
slot-id: Slot ID. The value range depends on the products.
Description
Use the monitor slot enable command to enable switch chip auto-reset.
Use the monitor slot disable command to disable switch chip auto-reset.
By default, switch chips cannot be reset automatically when the internal channel
handshake fails.
In actual application, a switch may fail to process services normally due to internal
channel block or because the switch chip is busy.
The Switch 7750 supports the function of resetting switch chips automatically. In case
that the function of monitoring internal channels is enabled, when the internal channel
handshake between a card and the backplane fails, the switch resets the switch chip
automatically to resume the corresponding card.
When the function of resetting switch chips is disabled, even if the switch finds that the
internal channel handshake fails, it cannot reset the switch chip automatically.
Example
# Enable switch chip auto-reset for the card in slot 2.
1-5
3Com Switch 7750 Series
Command Reference Guide – Hardware Commands
Chapter 1 Hardware Configuration Comm
ands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] monitor inner-channel
[3Com] monitor slot 2 enable
1-6
3Com Switch 7750 Series
Command Reference Guide – Password Control
Table of Contents
Table of Contents
Chapter 1 Password Control Configuration Commands.............................................................. 1
1.1 Password Control Configuration Commands ....................................................................... 1
1.1.1 display password-control............................................................................................ 1
1.1.2 display password-control blacklist.............................................................................. 2
1.1.3 display password-control super.................................................................................. 3
1.1.4 password .................................................................................................................... 3
1.1.5 password-control ........................................................................................................ 4
1.1.6 password-control enable ............................................................................................ 6
1.1.7 password-control super.............................................................................................. 8
1.1.8 reset password-control history-record........................................................................ 9
1.1.9 reset password-control history-record super.............................................................. 9
1.1.10 reset password-control blacklist ............................................................................. 10
i
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
Chapter 1 Password Control Configuration
Commands
1.1 Password Control Configuration Commands
1.1.1 display password-control
Syntax
display password-control
View
Any view
Parameter
None
Description
Use the display password-control command to display the information about the
global password control for all users.
Example
# Display the information about the current password control for all users.
<3Com]> display password-control
Global password settings for all users:
Password Aging:
Password Length:
Password History:
Enabled (90 days)
Enabled (10 Characters)
Enabled
(Max history-record
Password alert-before-expire :
Password
7
num : 6)
days
Authentication-timeout : 60 seconds
Password Attemp-failed action
:
Disable
Password History was last reset 38 days ago.
The following table describes the output fields of the display password-control
command.
1
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
Table 1-1 Description on the fields of the display password-control command
Field
Description
Password Aging
Password aging time
Password Length
Minimum password length
Password history
History password recording
Password alert-before-expire
Alert time before password expiration
Password Authentication-timeout
Timeout
time
authentication
Password Attemp-failed action
Number of password attempts
History password was last reset 38 days
ago
Time when the history password record
was last cleared
for
password
1.1.2 display password-control blacklist
Syntax
display password-control blacklist [ username username | ipaddress ip-address ]
View
Any view
Parameter
username: Name of the user who has been added to the blacklist.
ip-address: IP address of the user who has been added to the blacklist.
Description
Use the display password-control blacklist command to display the information
about one or all users who have been added to the blacklist because of password
attempt failure.
Example
# Display the information about all the users who have been added to the blacklist
because of password attempt failure.
<3Com]> display password-control blacklist
USERNAME
IP
Jack
10.1.1.2
The number of users in blacklist is :1
2
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
1.1.3 display password-control super
Syntax
display password-control super
View
Any view
Parameter
None
Description
Use the display password-control super command to display the information about
the password control for super passwords, including the password aging time and the
minimum password length.
Example
# Display the information about the password control for super passwords.
<3Com> display password-control super
Super's password settings:
Password Aging:
Enabled(90 days)
Password min-Length:
Enabled(10 Characters)
1.1.4 password
Syntax
password
View
Local user view
Parameter
None
Description
Use the password command to configure or change the system login password for a
user.
Example
# Configure the system login password for the user test to 9876543210.
<3Com> system-view
3
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
System View: return to User View with Ctrl+Z.
[3Com] local-user test
New local user added.
[3Com-luser-test] password
Password:**********
confirm:**********
# Change the system login password for the user test to 0123456789.
[3Com-luser-test]password
Password:**********
Confirm :**********
Updating the password file ,please wait ...
1.1.5 password-control
Syntax
password-control aging aging-time
password-control length length
password-control login-attempt login-times [ exceed { lock | unlock | locktime
time } ]
password-control history max-record-num
password-control alert-before-expire alert-time
password-control authentication-timeout authentication-timeout
undo password-control { aging | length | login-attempt | exceed
| history |
alert-before-expire | authentication-timeout }
View
System view
Parameter
aging-time: Password aging time. It ranges from 1 day to 365 days and defaults to 90
days.
length: Minimum password length. It is a character string containing 4 to 32 characters.
By default, it is a character string containing 10 characters.
login-times: Number of login attempts allowed for each user. It ranges from 2 to 10 and
defaults to 3.
max-record-num: Maximum number of history records allowed for each user. It ranges
from 2 to 15 and defaults to 4.
4
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
alert-time: Alert time period. When the remaining usable time of a password is no more
than this time, the user is alerted to the forthcoming password expiration. It ranges from
1 day to 30 days and defaults to 7 days.
authentication-timeout: Timeout time for user authentication. It ranges from 30 seconds
to 120 seconds and defaults to 60 seconds.
exceed: Used to configure the processing mode used after login fails.
lock: A processing mode. In this mode, a login-failure user is added to the blacklist and
will be able to re-login only after the administrator manually removes this user from the
blacklist.
locktime time: A processing mode. In this mode, a login-failure user is inhibited from
logging in in a certain time period, which ranges from 3 to 360 (in minutes) and defaults
to 120 minutes; the user is allowed to log into the device again only after this time
passes.
unlock: A processing mode. In this mode, a login-failure user is allowed to log into the
switch again and again without any inhibition.
Description
Use the password-control aging aging-time command to configure the aging time for
system login passwords.
Use the password-control length length command to configure the minimum
password length for the system login passwords.
Use the password-control login-attempt login-times command to configure the
number of password attempts allowed for each user.
Use the password-control history max-record-num command to configure the
maximum number of history password records allowed for each user.
Use the password-control alert-before-expire alert-time command to configure the
alert time before password expiration, that is, specify the number of days before
password expiration to start a daily alert.
Use the password-control authentication-timeout authentication-timeout command
to configure the timeout time for user password authentication.
Use the password-control exceed command to configure the processing mode used
after password attempt fails.
By default, the system operates in locktime mode after password authentication fails.
Example
# Configure the aging time of the system login passwords to 100 days.
<3Com>system-view
System View: return to User View with Ctrl+Z.
[3Com] password-control aging 100
5
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
# Configure the minimum password length of the system login passwords to eight
characters.
[3Com] password-control length 8
# Configure the number of password attempts allowed for each user to five.
[3Com] password-control login-attempt 5
# Configure the maximum number of history password records allowed for each user to
10.
[3Com] password-control history 10
# Configure the alert time when users are alerted to their forthcoming expiration to
seven days ahead of their expiration times.
[3Com] password-control alert-before-expire
7
# Configure the timeout time of the user password authentication to 100 seconds.
[3Com] password-control authentication-timeout 100
# Configure the maximum number of password attempts to five, and configure the
system to allow the attempt failure user to re-log into the device 360 minutes after the
failure.
[3Com] password-control login-attempt 5 exceed locktime 360
1.1.6 password-control enable
Syntax
password-control { aging | length | history } enable
undo password-control { aging | length | history } enable
View
System view
Parameter
None
Description
Use the following password-control enable commands to enable various password
control functions of the system:
Use the password-control aging enable command to enable password aging.
Use the password-control length enable command to enable the limitation of the
minimum password length.
Use the password-control history enable command to enable the history password
recording.
6
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
When the password used to log into the switch expires, the switch requires the user to
change the password, and automatically saves the history (old) password to a file in the
flash memory. In this way, the switch can prevent any user from using one single
password or the used password for a long time to enhance the security.
Use the undo password-control { aging | length | history } enable command to
disable password control.
By default, password aging, limitation of minimum password length, and history
password recording are all disabled.
Using any of the undo password-control aging enable, undo password-control
length enable and undo password-control history enable commands, you can
enable the password control feature globally. Then user passwords are protected and
become invisible. If you want to modify the saved configuration file, you need to use the
save command.
To disable the password control feature globally, however, you need to use the undo
password-control aging enable, undo password-control length enable and undo
password-control history enable commands all. All user passwords are cleared to
avoid possible password cracking.
Related command: password-control.
Example
# Enable password aging.
[<3Com]>system-view
System View: return to User View with Ctrl+Z.
[3Com] password-control aging enable
Password aging enabled for all users. Default: 90 days.
# Enable the limitation of the minimum password length.
[3Com]password-control length
enable
Password minimum length enabled for all users. Default: 10 characters.
# Disable password aging.
[3Com] undo password-control aging
Password aging disabled for all users.
# Enable history password recording.
[3Com] password-control history enable
Password history enabled for all users.
# Disable history password recording.
[3Com]undo password-control history
Password history disabled for all users.
7
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
Display the password control information of the specified user. [3Com]display
local-user user-name test
The contents of local user test:
State:
Active
Idle-cut:
Disabled
Access-limit:
Disabled
Bind location:
Disabled
Vlan ID:
Current AccessNum: 0
Disabled
IP address:
MAC address:
ServiceType Mask: T
Disabled
Disabled
User Privilege:
3
Password-Aging:
Enabled
(90 days)
Password-Length:
Enabled
(10 characters)
Password History was last reset 2 days ago.
1.1.7 password-control super
Syntax
password-control super { aging aging-time | length min-length }
undo password-control super { aging | length }
View
System view
Parameter
aging-time: Aging time for super passwords. It ranges from 1 day to 365 days and
defaults to 90 days.
min-length: Minimum length for super passwords. It ranges from 4 to 16 characters and
defaults to 10 characters.
Description
Use the password-control super command to configure the parameters related with
the supper passwords, including the password aging time and the minimum password
length.
Use the undo password-control super command to restore the default settings for
the super passwords.
The super passwords are used for the user who has logged into the device and wants
to change from a lower privilege level to a higher privilege level.
Example
# Configure the aging time of the super passwords to 10 days.
8
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] password-control super aging 10
1.1.8 reset password-control history-record
Syntax
reset password-control history-record [ username username ]
View
User view
Parameter
username: Name of the user whose history password record will be deleted.
Description
Use the reset password-control history-record command to delete the history
password records of all users.
Use the reset password-control history-record username username command to
delete the history password record of a specific user.
Example
# Delete the history password records of all users
<3Com> reset password-control history-record
Are you sure to delete all
the
history record?[Y/N]
If you input "Y", the system deletes all the history password records of all users and
gives the following prompt:
All historical passwords have been cleared for all users.
# Delete the history password records of the user test.
<3Com> reset password-control history-record username test
Are you sure to delete all the history record of user test ?[Y/N]
If you input "Y", the system deletes all the history password records of the specified
user and gives the following prompt:
All historical passwords have been cleared for
user test.
1.1.9 reset password-control history-record super
Syntax
reset password-control history-record super [ level level-value ]
9
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
View
User view
Parameter
level-value: Privilege level, the history records of the super password for the users at
this level will be deleted. This value ranges from 1 to 3.
Description
Use the reset password-control history-record super level level-value command to
delete the history records of the super password for the users at the specified level.
Use the reset password-control history-record super command to delete the history
records of all super passwords.
Example
# Delete the history records of the super password for the users at level 2.
<3Com> reset password-control history-record super level 2
Are you sure to clear the specified-level super password history records?[Y/N]
If you input "Y", the system deletes the history records of the super password for the
users at level 2.
1.1.10 reset password-control blacklist
Syntax
reset password-control blacklist [ username username ]
View
User view
Parameter
username username: Specifies a user name.
Description
Use the reset password-control blacklist command to delete all the user entries in
the blacklist.
Use the reset password-control blacklist username username command to delete
specified user entries in the blacklist.
Example
# Check the user information in the blacklist; as you can see, the blacklist contains
three users: test, tes, and test2.
10
3Com Switch 7750 Series
Command Reference Guide – Password Control
Chapter 1 Password Control Configuration Commands
<3Com> display password-control blacklist
USERNAME
IP
test
192.168.30.25
tes
192.168.30.24
test2
192.168.30.23
# Delete the user test from the blacklist.
<3Com> reset password-control blacklist user-name test
Are you sure to delete the
All the blacklist users
blacklist-users ?[Y/N]y
have been cleared.
# Check the current user information in the blacklist; as you can see, the user test has
been deleted.
<3Com]> display password-control blacklist
USERNAME
IP
tes
192.168.30.24
test2
192.168.30.23
11
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Appendix A Command Index
The command index includes an alphabetical listing of the commands for the 3Com Switch 7750.
ABCDEFGHIJKLMNOPQRSTUVWXYZ
A
abr-summary
Routing Protocol
Command
3-1
access-limit
AAA&RADIUS&HWTA
CACS&EAD Command
1-1
accounting enable
Traffic Accounting
Command
1-1
accounting optional
AAA&RADIUS&HWTA
CACS&EAD Command
1-25
accounting-mode traffic
Traffic Accounting
Command
1-2
accounting-on enable
AAA&RADIUS&HWTA
CACS&EAD Command
1-23
acl
Login Command
2-1
acl
ACL Command
1-1
acl mode
ACL Command
1-2
acl order
ACL Command
1-3
active region-configuration
MSTP Command
1-1
add-member
Cluster Command
1-14
address-check
DHCP Command
2-1
address-check dhcp-relay
DHCP Command
2-1
address-check no-matched
DHCP Command
2-2
administrator-address
Cluster Command
1-15
aggregate
Routing Protocol
Command
5-1
am user-bind
Port Binding Command
1-2
am user-bind interface
Port Binding Command
1-1
apply as-path
Routing Protocol
Command
6-1
apply community
Routing Protocol
Command
6-2
apply cost
Routing Protocol
6-3
A-1
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Command
apply cost-type
Routing Protocol
Command
6-4
apply ip next-hop
Routing Protocol
Command
6-4
apply isis
Routing Protocol
Command
6-5
apply local-preference
Routing Protocol
Command
6-6
apply origin
Routing Protocol
Command
6-6
apply tag
Routing Protocol
Command
6-7
area
Routing Protocol
Command
3-2
area-authentication-mode
Routing Protocol
Command
4-1
arp check enable
ARP Command
1-1
arp max-dynamic-entry
ARP Command
1-2
arp max-entry
ARP Command
1-1
arp proxy enable
ARP Command
1-3
arp proxy source-vlan enable
ARP Command
1-3
arp source-suppression limit
ARP Command
1-4
arp static
ARP Command
1-5
arp timer aging
ARP Command
1-6
asbr-summary
Routing Protocol
Command
3-3
ascii
FTP and TFTP
Command
1-4
attack-protection
Telent Protection
Command
1-3
attack-protection disable-defaultroute
Telent Protection
Command
1-4
attack-protection icmp
Telent Protection
Command
1-2
attack-protection snmp
Telent Protection
Command
1-1
attack-protection telnet
Telent Protection
Command
1-1
attribute
AAA&RADIUS&HWTA
CACS&EAD Command
1-2
authentication-mode
Login Command
1-1
authentication-mode
Routing Protocol
Command
3-4
A-2
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
auto-build
Cluster Command
1-16
auto-execute command
Login Command
1-2
balance
Routing Protocol
Command
5-3
bgp
Routing Protocol
Command
5-3
binary
FTP and TFTP
Command
1-4
boot boot-loader
System Maintenance
and Debugging
Command
3-1
boot boot-loader primary
Hardware-dependent
Software Configuration
Command
1-2
boot bootrom
System Maintenance
and Debugging
Command
3-2
boot bootrom default
System Maintenance
and Debugging
Command
3-2
boot bootrom default
Hardware-dependent
Software Configuration
Command
1-1
boot bootrom file-url
Hardware-dependent
Software Configuration
Command
1-1
bootrom-update security-check enable
System Maintenance
and Debugging
Command
3-3
bridgemactocpu
MAC Address Table
Command
1-1
broadcast-suppression
VLAN Command
1-1
broadcast-suppression ( in VLAN view)
Port Basic
Configuration
Command
1-2
broadcast-suppression (in Ethernet port view)
Port Basic
Configuration
Command
1-1
bsr-policy
Multicast Command
5-1
build
Cluster Command
1-17
bye
SSH Terminal Service
Command
1-26
bye
FTP and TFTP
Command
1-5
B
A-3
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
C
c-bsr
Multicast Command
5-2
cd
SSH Terminal Service
Command
1-26
cd
File System
Management
Command
1-1
cd
FTP and TFTP
Command
1-6
cdup
SSH Terminal Service
Command
1-27
cdup
FTP and TFTP
Command
1-7
check region-configuration
MSTP Command
1-2
checkzero
Routing Protocol
Command
2-1
clock datetime
System Maintenance
and Debugging
Command
1-1
clock summer-time
System Maintenance
and Debugging
Command
1-1
clock timezone
System Maintenance
and Debugging
Command
1-3
close
FTP and TFTP
Command
1-8
cluster
Cluster Command
1-18
cluster enable
Cluster Command
1-19
cluster switch-to
Cluster Command
1-20
command-privilege level
CLI Command
1-1
compare-different-as-med
Routing Protocol
Command
5-4
confederation id
Routing Protocol
Command
5-5
confederation nonstandard
Routing Protocol
Command
5-6
confederation peer-as
Routing Protocol
Command
5-7
copy
File System
Management
Command
1-2
copy configuration
Port Basic
Configuration
Command
1-3
A-4
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
cost-style
Routing Protocol
Command
4-2
count
Remote Ping
Command
1-1
c-rp
Multicast Command
5-3
crp-policy
Multicast Command
5-4
cut connection
AAA&RADIUS&HWTA
CACS&EAD Command
1-3
dampening
Routing Protocol
Command
5-7
databits
Login Command
1-3
data-flow-format
AAA&RADIUS&HWTA
CACS&EAD Command
1-26
data-flow-format
AAA&RADIUS&HWTA
CACS&EAD Command
1-54
debugging
FTP and TFTP
Command
1-8
debugging
System Maintenance
and Debugging
Command
1-11
debugging udp-helper
UDP-Helper Command
1-1
debugging vrrp
VRRP&HA Command
1-1
default cost
Routing Protocol
Command
2-2
default cost
Routing Protocol
Command
3-5
default interval
Routing Protocol
Command
3-5
default limit
Routing Protocol
Command
3-6
default local-preference
Routing Protocol
Command
5-9
default med
Routing Protocol
Command
5-9
default tag
Routing Protocol
Command
3-7
default type
Routing Protocol
Command
3-8
default-cost
Routing Protocol
Command
3-8
default-route-advertise
Routing Protocol
Command
3-9
D
A-5
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
default-route-advertise
Routing Protocol
Command
4-3
delete
SSH Terminal Service
Command
1-28
delete
File System
Management
Command
1-3
delete
FTP and TFTP
Command
1-9
delete static-routes all
Routing Protocol
Command
1-15
delete-member
Cluster Command
1-21
description
VLAN Command
1-2
description
Port Basic
Configuration
Command
1-5
description
Port Isolation
Command
1-1
destination-ip
Remote Ping
Command
1-1
dhcp enable
DHCP Command
1-1
dhcp relay information enable
DHCP Command
2-3
dhcp relay information strategy
DHCP Command
2-4
dhcp select global
DHCP Command
1-1
dhcp select interface
DHCP Command
1-2
dhcp server detect
DHCP Command
1-3
dhcp server dns-list
DHCP Command
1-4
dhcp server domain-name
DHCP Command
1-5
dhcp server expired
DHCP Command
1-6
dhcp server forbidden-ip
DHCP Command
1-7
dhcp server ip-pool
DHCP Command
1-8
dhcp server nbns-list
DHCP Command
1-9
dhcp server netbios-type
DHCP Command
1-10
dhcp server option
DHCP Command
1-11
dhcp server ping
DHCP Command
1-12
dhcp server static-bind
DHCP Command
1-13
dhcp-security static
DHCP Command
2-5
dhcp-security tracker
DHCP Command
2-5
dhcp-server
Extended VLAN
Application Command
3-1
dhcp-server
DHCP Command
2-6
A-6
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
dhcp-server ip
DHCP Command
2-7
dhcp-snooping
DHCP Command
3-1
dhcp-snooping information enable
DHCP Command
3-2
dhcp-snooping trust
DHCP Command
3-1
dir
SSH Terminal Service
Command
1-28
dir
File System
Management
Command
1-4
dir
FTP and TFTP
Command
1-10
disconnect
FTP and TFTP
Command
1-11
display acl config
ACL Command
1-4
display acl config statistics
ACL Command
1-5
display acl mode
ACL Command
1-5
display acl order
ACL Command
1-6
display acl remaining entry
ACL Command
1-6
display acl running-packet-filter
ACL Command
1-8
display am user-bind
Port Binding Command
1-3
display arp
ARP Command
1-7
display arp |
ARP Command
1-8
display arp entry-limit
ARP Command
1-9
display arp interface
ARP Command
1-10
display arp proxy
ARP Command
1-11
display arp slot
ARP Command
1-11
display arp source-suppression
ARP Command
1-12
display arp timer aging
ARP Command
1-13
display arp vlan
ARP Command
1-12
display bgp group
Routing Protocol
Command
5-10
display bgp network
Routing Protocol
Command
5-11
display bgp paths
Routing Protocol
Command
5-12
display bgp peer
Routing Protocol
Command
5-13
display bgp routing-table
Routing Protocol
Command
5-14
display bgp routing-table as-path-acl
Routing Protocol
Command
5-16
A-7
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
display bgp routing-table cidr
Routing Protocol
Command
5-17
display bgp routing-table community
Routing Protocol
Command
5-18
display bgp routing-table community-list
Routing Protocol
Command
5-19
display bgp routing-table dampened
Routing Protocol
Command
5-20
display bgp routing-table different-origin-as
Routing Protocol
Command
5-21
display bgp routing-table flap-info
Routing Protocol
Command
5-22
display bgp routing-table peer
Routing Protocol
Command
5-24
display bgp routing-table regular-expression
Routing Protocol
Command
5-24
display bgp routing-table statistic
Routing Protocol
Command
5-25
display boot-loader
System Maintenance
and Debugging
Command
3-3
display brief interface
Port Basic
Configuration
Command
1-5
display channel
Infomation Center
Command
1-1
display clock
System Maintenance
and Debugging
Command
1-7
display cluster
Cluster Command
1-21
display cluster candidates
Cluster Command
1-23
display cluster members
Cluster Command
1-24
display connection
AAA&RADIUS&HWTA
CACS&EAD Command
1-4
display cpu
System Maintenance
and Debugging
Command
3-4
display current-configuration
Configuration File
Management
Command
1-1
display debugging
System Maintenance
and Debugging
Command
1-7
display device
System Maintenance
and Debugging
Command
3-5
display dhcp server conflict
DHCP Command
1-14
A-8
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
display dhcp server expired
DHCP Command
1-15
display dhcp server free-ip
DHCP Command
1-16
display dhcp server ip-in-use
DHCP Command
1-17
display dhcp server statistics
DHCP Command
1-18
display dhcp server tree
DHCP Command
1-20
display dhcp-security
DHCP Command
2-7
display dhcp-security tracker
DHCP Command
2-8
display dhcp-server
DHCP Command
2-9
display dhcp-server interface
DHCP Command
2-11
display dhcp-snooping
DHCP Command
3-3
display dhcp-snooping trust
DHCP Command
3-4
display dhcp-snooping vlan
DHCP Command
3-4
display diagnostic-information
System Maintenance
and Debugging
Command
1-12
display dldp
DLDP Command
1-1
display dns domain
DNS Command
1-1
display dns dynamic-host
DNS Command
1-1
display dns server
DNS Command
1-2
display domain
AAA&RADIUS&HWTA
CACS&EAD Command
1-5
display dot1x
802.1x Command
1-1
display environment
System Maintenance
and Debugging
Command
3-6
display fan
System Maintenance
and Debugging
Command
3-7
display fib
IP Address&IP
Performance&IPX
Command
2-1
display ftp-server
FTP and TFTP
Command
1-1
display ftp-user
FTP and TFTP
Command
1-2
display garp statistics
GVRP Command
1-1
display garp timer
GVRP Command
1-2
display gvrp statistics
GVRP Command
1-6
display gvrp status
GVRP Command
1-7
display habp
802.1x Command
2-1
display habp table
802.1x Command
2-2
A-9
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
display habp traffic
802.1x Command
2-2
display history-command
CLI Command
1-2
display Remote Ping
Remote Ping
Command
1-2
display hwtacacs
AAA&RADIUS&HWTA
CACS&EAD Command
1-55
display icmp statistics
IP Address&IP
Performance&IPX
Command
2-3
display igmp group
Multicast Command
4-1
display igmp interface
Multicast Command
4-2
display igmp-snooping configuration
Multicast Command
1-1
display igmp-snooping group
Multicast Command
1-2
display igmp-snooping statistics
Multicast Command
1-3
display info-center
Infomation Center
Command
1-1
display interface
Port Basic
Configuration
Command
1-7
display interface Vlan-interface
VLAN Command
1-3
display ip host
DNS Command
1-3
display ip interface
IP Address&IP
Performance&IPX
Command
1-1
display ip ip-prefix
Routing Protocol
Command
6-8
display ip routing-table
Routing Protocol
Command
1-1
display ip routing-table acl
Routing Protocol
Command
1-2
display ip routing-table ip-address
Routing Protocol
Command
1-5
display ip routing-table ip-address1 ip-address2
Routing Protocol
Command
1-7
display ip routing-table ip-prefix
Routing Protocol
Command
1-8
display ip routing-table protocol
Routing Protocol
Command
1-9
display ip routing-table radix
Routing Protocol
Command
1-11
display ip routing-table statistics
Routing Protocol
Command
1-12
display ip routing-table verbose
Routing Protocol
Command
1-13
A-10
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
display ip socket
IP Address&IP
Performance&IPX
Command
2-4
display ip statistics
IP Address&IP
Performance&IPX
Command
2-6
display ipx interface
IP Address&IP
Performance&IPX
Command
3-1
display ipx routing-table
IP Address&IP
Performance&IPX
Command
3-3
display ipx service-table
IP Address&IP
Performance&IPX
Command
3-5
display ipx statistics
IP Address&IP
Performance&IPX
Command
3-7
display isis brief
Routing Protocol
Command
4-4
display isis interface
Routing Protocol
Command
4-5
display isis lsdb
Routing Protocol
Command
4-6
display isis mesh-group
Routing Protocol
Command
4-6
display isis peer
Routing Protocol
Command
4-7
display isis route
Routing Protocol
Command
4-8
display isis spf-log
Routing Protocol
Command
4-9
display isolate port
Port Isolation
Command
1-1
display isolate-user-vlan
Extended VLAN
Application Command
2-1
display lacp system-id
Link Aggregation
Command
1-1
display link-aggregation interface
Link Aggregation
Command
1-1
display link-aggregation summary
Link Aggregation
Command
1-3
display link-aggregation verbose
Link Aggregation
Command
1-4
display local-server statistics
AAA&RADIUS&HWTA
CACS&EAD Command
1-27
display local-user
AAA&RADIUS&HWTA
CACS&EAD Command
1-7
A-11
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
display logbuffer
Infomation Center
Command
1-3
display logbuffer summary
Infomation Center
Command
1-6
display loopback-detection
Port Basic
Configuration
Command
1-9
display mac-address
MAC Address Table
Command
1-2
display mac-address aging-time
MAC Address Table
Command
1-2
display mac-address multicast
Multicast Command
3-1
display memory
Routing Protocol
Command
7-1
display memory
System Maintenance
and Debugging
Command
3-7
display memory limit
Routing Protocol
Command
7-2
display mirroring-group
Mirroring Command
1-1
display mpm forwarding-table
Multicast Command
2-1
display mpm group
Multicast Command
2-3
display multicast forwarding-table
Multicast Command
2-5
display multicast routing-table
Multicast Command
2-6
display multicast-source-deny
Multicast Command
2-8
display multicast-vlan
Multicast Command
1-4
display ndp
Cluster Command
1-1
display ntdp
Cluster Command
1-6
display ntdp device-list
Cluster Command
1-7
display ntp-service sessions
NTP Command.
1-1
display ntp-service status
NTP Command.
1-2
display ntp-service trace
NTP Command.
1-3
display ospf abr-asbr
Routing Protocol
Command
3-11
display ospf asbr-summary
Routing Protocol
Command
3-11
display ospf brief
Routing Protocol
Command
3-13
display ospf cumulative
Routing Protocol
Command
3-15
display ospf error
Routing Protocol
Command
3-16
A-12
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
display ospf interface
Routing Protocol
Command
3-19
display ospf lsdb
Routing Protocol
Command
3-20
display ospf nexthop
Routing Protocol
Command
3-23
display ospf peer
Routing Protocol
Command
3-24
display ospf request-queue
Routing Protocol
Command
3-26
display ospf retrans-queue
Routing Protocol
Command
3-27
display ospf routing
Routing Protocol
Command
3-28
display ospf vlink
Routing Protocol
Command
3-29
display pim bsr-info
Multicast Command
5-5
display pim interface
Multicast Command
5-6
display pim neighbor
Multicast Command
5-7
display pim routing-table
Multicast Command
5-8
display pim rp-info
Multicast Command
5-9
display poe interface
PoE Command
1-1
display poe interface power
PoE Command
1-3
display poe powersupply
PoE Command
1-5
display poe pse
PoE Command
1-6
display poe-power ac-input state
PoE Command
2-1
display poe-power alarm
PoE Command
2-2
display poe-power dc-output state
PoE Command
2-3
display poe-power dc-output value
PoE Command
2-4
display poe-power switch state
PoE Command
2-5
display port
Port Basic
Configuration
Command
1-10
display port vlan-vpn
QinQ Command
1-1
display power
System Maintenance
and Debugging
Command
3-8
display priority trust
QoS Command
1-1
display protocol-vlan interface
VLAN Command
1-13
display protocol-vlan slot
VLAN Command
1-14
display protocol-vlan vlan
VLAN Command
1-14
A-13
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
display qos cos-local-precedence-map
QoS Command
1-2
display qos-interface all
QoS Command
1-2
display qos-interface line-rate
QoS Command
1-3
display qos-interface mirrored-to
Mirroring Command
1-2
display qos-interface queue-scheduler
QoS Command
1-4
display qos-interface traffic-bandwidth
QoS Command
1-6
display qos-interface traffic-limit
QoS Command
1-6
display qos-interface traffic-priority
QoS Command
1-7
display qos-interface traffic-red
QoS Command
1-8
display qos-interface traffic-redirect
QoS Command
1-9
display qos-interface traffic-remark-vlanid
QoS Command
1-9
display qos-interface traffic-statistic
QoS Command
1-10
display radius
AAA&RADIUS&HWTA
CACS&EAD Command
1-27
display radius statistics
AAA&RADIUS&HWTA
CACS&EAD Command
1-29
display rip
Routing Protocol
Command
2-2
display rip routing
Routing Protocol
Command
2-3
display rmon alarm
SNMP&RMON
Command
2-1
display rmon event
SNMP&RMON
Command
2-2
display rmon eventlog
SNMP&RMON
Command
2-3
display rmon history
SNMP&RMON
Command
2-4
display rmon prialarm
SNMP&RMON
Command
2-5
display rmon statistics
SNMP&RMON
Command
2-7
display route-policy
Routing Protocol
Command
6-9
display rsa local-key-pair public
SSH Terminal Service
Command
1-1
display rsa peer-public-key
SSH Terminal Service
Command
1-2
display saved-configuration
Configuration File
Management
Command
1-7
display schedule reboot
System Maintenance
and Debugging
3-9
A-14
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Command
display snmp-agent
SNMP&RMON
Command
1-1
display snmp-agent community
SNMP&RMON
Command
1-1
display snmp-agent group
SNMP&RMON
Command
1-2
display snmp-agent mib-view
SNMP&RMON
Command
1-3
display snmp-agent statistics
SNMP&RMON
Command
1-5
display snmp-agent sys-info
SNMP&RMON
Command
1-6
display snmp-agent usm-user
SNMP&RMON
Command
1-7
display ssh server
SSH Terminal Service
Command
1-3
display ssh server-info
SSH Terminal Service
Command
1-18
display ssh user-information
SSH Terminal Service
Command
1-5
display startup
Configuration File
Management
Command
1-9
display stop-accounting-buffer
AAA&RADIUS&HWTA
CACS&EAD Command
1-30
display stop-accounting-buffer
AAA&RADIUS&HWTA
CACS&EAD Command
1-56
display stp
MSTP Command
1-3
display stp region-configuration
MSTP Command
1-5
display supervision-module information
PoE Command
2-5
display supervlan
Extended VLAN
Application Command
3-1
display switchover state
VRRP&HA Command
2-1
display tcp statistics
IP Address&IP
Performance&IPX
Command
2-7
display tcp status
IP Address&IP
Performance&IPX
Command
2-10
display this
Configuration File
Management
Command
1-8
display time-range
ACL Command
1-8
display transceiver-information interface
Port Basic
Configuration
1-11
A-15
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Command
display trapbuffer
Infomation Center
Command
1-6
display udp statistics
IP Address&IP
Performance&IPX
Command
2-11
display udp-helper server
UDP-Helper Command
1-1
display uplink monitor
System Maintenance
and Debugging
Command
3-9
display user-interface
Login Command
1-3
display users
Login Command
1-5
display users
System Maintenance
and Debugging
Command
1-8
display version
System Maintenance
and Debugging
Command
1-9
display vlan
VLAN Command
1-4
display vlan
Extended VLAN
Application Command
1-3
display voice vlan oui
Extended VLAN
Application Command
1-1
display voice vlan status
Extended VLAN
Application Command
1-1
display vrrp
VRRP&HA Command
1-1
dldp
DLDP Command
1-2
dldp authentication-mode
DLDP Command
1-3
dldp interval
DLDP Command
1-4
dldp reset
DLDP Command
1-5
dldp unidirectional-shutdown
DLDP Command
1-6
dldp work-mode
DLDP Command
1-6
dns domain
DNS Command
1-4
dns resolve
DNS Command
1-5
dns server
DNS Command
1-6
dns-list
DHCP Command
1-22
domain
AAA&RADIUS&HWTA
CACS&EAD Command
1-9
domain-authentication-mode
Routing Protocol
Command
4-10
domain-name
DHCP Command
1-23
dot1x
802.1x Command
1-4
A-16
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
dot1x authentication-method
802.1x Command
1-5
dot1x dhcp-launch
802.1x Command
1-6
dot1x guest-vlan
802.1x Command
1-7
dot1x max-user
802.1x Command
1-9
dot1x port-control
802.1x Command
1-10
dot1x port-method
802.1x Command
1-11
dot1x quiet-period
802.1x Command
1-12
dot1x re-authenticate
802.1x Command
1-13
dot1x retry
802.1x Command
1-14
dot1x retry-version-max
802.1x Command
1-15
dot1x supp-proxy-check
802.1x Command
1-15
dot1x timer
802.1x Command
1-18
dot1x version-check
802.1x Command
1-20
duplex
Port Basic
Configuration
Command
1-12
enable snmp trap updown
SNMP&RMON
Command
1-8
execute
File System
Management
Command
1-5
exit
SSH Terminal Service
Command
1-29
expired
DHCP Command
1-24
file prompt
File System
Management
Command
1-6
filter-policy export
Routing Protocol
Command
2-5
filter-policy export
Routing Protocol
Command
3-31
filter-policy export
Routing Protocol
Command
4-11
filter-policy export
Routing Protocol
Command
5-26
filter-policy import
Routing Protocol
Command
2-6
filter-policy import
Routing Protocol
3-32
E
F
A-17
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Command
filter-policy import
Routing Protocol
Command
4-12
filter-policy import
Routing Protocol
Command
5-27
fixdisk
File System
Management
Command
1-6
flow interval
Port Basic
Configuration
Command
1-14
flow-control
Login Command
1-6
flow-control
Port Basic
Configuration
Command
1-13
flow-control enable
Port Basic
Configuration
Command
1-13
format
File System
Management
Command
1-7
free user-interface
Login Command
1-7
frequency
Remote Ping
Command
1-5
ftp
FTP and TFTP
Command
1-12
ftp cluster
Cluster Command
1-27
ftp server enable
FTP and TFTP
Command
1-2
ftp timeout
FTP and TFTP
Command
1-3
ftp-server
Cluster Command
1-28
garp timer
GVRP Command
1-2
garp timer leaveall
GVRP Command
1-4
gateway-list
DHCP Command
1-25
get
SSH Terminal Service
Command
1-29
get
FTP and TFTP
Command
1-13
gratuitous-arp-learning enable
ARP Command
1-13
group
Routing Protocol
Command
5-27
G
A-18
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
gvrp
GVRP Command
1-7
gvrp registration
GVRP Command
1-8
habp enable
802.1x Command
2-3
habp server vlan
802.1x Command
2-4
habp timer
802.1x Command
2-4
hardspeedup
Port Basic
Configuration
Command
1-15
header
Login Command
1-8
help
SSH Terminal Service
Command
1-30
history-command max-size
Login Command
1-10
holdtime
Cluster Command
1-28
host-route
Routing Protocol
Command
2-7
Remote Ping
Remote Ping
Command
1-6
Remote Ping-agent enable
Remote Ping
Command
1-7
hwtacacs nas-ip
AAA&RADIUS&HWTA
CACS&EAD Command
1-57
hwtacacs scheme
AAA&RADIUS&HWTA
CACS&EAD Command
1-58
idle-cut
AAA&RADIUS&HWTA
CACS&EAD Command
1-10
idle-timeout
Login Command
1-11
if-match { acl | ip-prefix }
Routing Protocol
Command
6-10
if-match as-path
Routing Protocol
Command
6-11
if-match community
Routing Protocol
Command
6-11
if-match cost
Routing Protocol
Command
6-12
if-match interface
Routing Protocol
Command
6-13
if-match ip next-hop
Routing Protocol
Command
6-14
if-match tag
Routing Protocol
6-15
H
I
A-19
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Command
igmp enable
Multicast Command
4-3
igmp group-limit
Multicast Command
4-4
igmp group-policy
Multicast Command
4-5
igmp group-policy vlan
Multicast Command
4-6
igmp host-join port
Multicast Command
4-7
igmp host-join vlan
Multicast Command
4-8
igmp lastmember-queryinterval
Multicast Command
4-9
igmp max-response-time
Multicast Command
4-10
igmp proxy
Multicast Command
4-11
igmp report-aggregation
Multicast Command
4-12
igmp robust-count
Multicast Command
4-13
igmp timer other-querier-present
Multicast Command
4-14
igmp timer query
Multicast Command
4-15
igmp version
Multicast Command
4-15
igmp-snooping
Multicast Command
1-4
igmp-snooping fast-leave
Multicast Command
1-5
igmp-snooping group-limit
Multicast Command
1-6
igmp-snooping group-policy
Multicast Command
1-7
igmp-snooping host-aging-time
Multicast Command
1-9
igmp-snooping max-response-time
Multicast Command
1-10
igmp-snooping report-aggregation
Multicast Command
1-10
igmp-snooping router-aging-time
Multicast Command
1-11
ignore-lsp-checksum-error
Routing Protocol
Command
4-13
import-route
Routing Protocol
Command
2-8
import-route
Routing Protocol
Command
3-33
import-route
Routing Protocol
Command
4-14
import-route
Routing Protocol
Command
5-28
import-route isis level-2 into level-1
Routing Protocol
Command
4-15
inboundcar
QoS Command
1-11
info-center channel
Infomation Center
Command
1-7
info-center console channel
Infomation Center
Command
1-8
A-20
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
info-center enable
Infomation Center
Command
1-9
info-center logbuffer
Infomation Center
Command
1-9
info-center loghost
Infomation Center
Command
1-10
info-center loghost source
Infomation Center
Command
1-12
info-center monitor channel
Infomation Center
Command
1-12
info-center snmp channel
Infomation Center
Command
1-13
info-center source
Infomation Center
Command
1-14
info-center timestamp
Infomation Center
Command
1-20
info-center trapbuffer
Infomation Center
Command
1-21
instance
MSTP Command
1-6
interface
Port Basic
Configuration
Command
1-16
interface Vlan-interface
VLAN Command
1-6
ip
IP Address&IP
Performance&IPX
Command
2-12
ip address
IP Address&IP
Performance&IPX
Command
1-3
ip address
Cluster Command
1-29
ip as-path-acl
Routing Protocol
Command
6-16
ip community-list
Routing Protocol
Command
6-16
ip forward-broadcast
IP Address&IP
Performance&IPX
Command
2-13
ip host
DNS Command
1-6
ip ip-prefix
Routing Protocol
Command
6-17
ip route-static
Routing Protocol
Command
1-15
ip route-static default-preference
Routing Protocol
Command
1-17
ip-pool
Cluster Command
1-30
ipx enable
IP Address&IP
3-9
A-21
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Performance&IPX
Command
ipx encapsulation
IP Address&IP
Performance&IPX
Command
3-10
ipx netbios-propagation
IP Address&IP
Performance&IPX
Command
3-10
ipx network
IP Address&IP
Performance&IPX
Command
3-11
ipx rip import-route static
IP Address&IP
Performance&IPX
Command
3-12
ipx rip mtu
IP Address&IP
Performance&IPX
Command
3-12
ipx rip multiplier
IP Address&IP
Performance&IPX
Command
3-13
ipx rip timer update
IP Address&IP
Performance&IPX
Command
3-14
ipx route load-balance-path
IP Address&IP
Performance&IPX
Command
3-14
ipx route max-reserve-path
IP Address&IP
Performance&IPX
Command
3-15
ipx route-static
IP Address&IP
Performance&IPX
Command
3-16
ipx sap disable
IP Address&IP
Performance&IPX
Command
3-17
ipx sap gns-disable-reply
IP Address&IP
Performance&IPX
Command
3-17
ipx sap gns-load-balance
IP Address&IP
Performance&IPX
Command
3-18
ipx sap max-reserve-servers
IP Address&IP
Performance&IPX
Command
3-19
ipx sap mtu
IP Address&IP
Performance&IPX
Command
3-19
ipx sap multiplier
IP Address&IP
Performance&IPX
Command
3-20
ipx sap timer update
IP Address&IP
3-21
A-22
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Performance&IPX
Command
ipx service
IP Address&IP
Performance&IPX
Command
3-21
ipx split-horizon
IP Address&IP
Performance&IPX
Command
3-23
ipx tick
IP Address&IP
Performance&IPX
Command
3-23
ipx update-change-only
IP Address&IP
Performance&IPX
Command
3-24
isis
Routing Protocol
Command
4-15
isis authentication-mode
Routing Protocol
Command
4-16
isis circuit-level
Routing Protocol
Command
4-18
isis cost
Routing Protocol
Command
4-19
isis dis-priority
Routing Protocol
Command
4-19
isis enable
Routing Protocol
Command
4-20
isis mesh-group
Routing Protocol
Command
4-21
isis timer csnp
Routing Protocol
Command
4-22
isis timer hello
Routing Protocol
Command
4-23
isis timer holding-multiplier
Routing Protocol
Command
4-24
isis timer lsp
Routing Protocol
Command
4-25
isis timer retransmit
Routing Protocol
Command
4-25
is-level
Routing Protocol
Command
4-26
isolate-user-vlan
Extended VLAN
Application Command
2-2
isolate-user-vlan enable
Extended VLAN
Application Command
2-3
Port Basic
1-17
J
jumboframe enable
A-23
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Configuration
Command
K
key
AAA&RADIUS&HWTA
CACS&EAD Command
1-31
key
AAA&RADIUS&HWTA
CACS&EAD Command
1-58
lacp enable
Link Aggregation
Command
1-6
lacp port-priority
Link Aggregation
Command
1-6
lacp system-priority
Link Aggregation
Command
1-7
language-mode
System Maintenance
and Debugging
Command
1-4
lcd
FTP and TFTP
Command
1-14
level
AAA&RADIUS&HWTA
CACS&EAD Command
1-11
line-rate
QoS Command
1-12
link-aggregation
Link Aggregation
Command
1-7
link-aggregation group description
Link Aggregation
Command
1-8
link-aggregation group mode
Link Aggregation
Command
1-9
loadsharing enable
System Maintenance
and Debugging
Command
3-10
local-server
AAA&RADIUS&HWTA
CACS&EAD Command
1-33
local-user
AAA&RADIUS&HWTA
CACS&EAD Command
1-12
local-user password-display-mode
AAA&RADIUS&HWTA
CACS&EAD Command
1-13
lock
Login Command
1-12
logging-host
Cluster Command
1-31
log-peer-change
Routing Protocol
Command
4-27
loopback-detection enable
Port Basic
Configuration
1-17
L
A-24
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Command
loopback-detection interval-time
Port Basic
Configuration
Command
1-18
ls
SSH Terminal Service
Command
1-31
ls
FTP and TFTP
Command
1-15
mac-address
MAC Address Table
Command
1-4
mac-address learning synchronization
MAC Address Table
Command
1-6
mac-address mac-learning disable
MAC Address Table
Command
1-6
mac-address max-mac-count
MAC Address Table
Command
1-7
mac-address multicast interface
Multicast Command
3-1
mac-address timer
MAC Address Table
Command
1-8
md5-compatible
Routing Protocol
Command
4-28
mdi
Port Basic
Configuration
Command
1-19
memory { safety | limit }*
Routing Protocol
Command
7-5
memory auto-establish disable
Routing Protocol
Command
7-3
memory auto-establish enable
Routing Protocol
Command
7-4
messenger
AAA&RADIUS&HWTA
CACS&EAD Command
1-13
mirrored-to
Mirroring Command
1-3
mirroring-group
Mirroring Command
1-6
mirroring-group (only for recovery)
Mirroring Command
1-7
mirroring-group mirroring-port
Mirroring Command
1-8
mirroring-group mirroring-slot
Mirroring Command
1-8
mirroring-group monitor-port
Mirroring Command
1-9
mirroring-group monitor-slot
Mirroring Command
1-10
mirroring-group reflector-port
Mirroring Command
1-11
mirroring-group remote-probe vlan
Mirroring Command
1-11
M
A-25
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
mkdir
SSH Terminal Service
Command
1-31
mkdir
File System
Management
Command
1-8
mkdir
FTP and TFTP
Command
1-16
modem
Login Command
1-12
modem auto-answer
Login Command
1-13
modem timer answer
Login Command
1-14
monitor inner-channel
Hardware-dependent
Software Configuration
Command
1-3
monitor inner-channel
Hardware-dependent
Software Configuration
Command
1-4
monitor slot
Hardware-dependent
Software Configuration
Command
1-5
more
File System
Management
Command
1-8
move
File System
Management
Command
1-9
multicast route-limit
Multicast Command
2-9
multicast routing-enable
Multicast Command
2-10
multicast static-router-port
Multicast Command
2-10
multicast static-router-port vlan
Multicast Command
2-11
multicast wrongif-holdtime
Multicast Command
2-12
multicast-source-deny
Multicast Command
2-13
multicast-suppression
Port Basic
Configuration
Command
1-20
multicast-vlan enable
Multicast Command
1-12
multicast-vlan subvlan
Multicast Command
1-13
name
VLAN Command
1-7
name
AAA&RADIUS&HWTA
CACS&EAD Command
1-14
nas-ip
AAA&RADIUS&HWTA
CACS&EAD Command
1-34
nas-ip
AAA&RADIUS&HWTA
1-59
N
A-26
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
CACS&EAD Command
nbns-list
DHCP Command
1-26
ndp enable
Cluster Command
1-3
ndp timer aging
Cluster Command
1-4
ndp timer hello
Cluster Command
1-5
netbios-type
DHCP Command
1-26
network
Routing Protocol
Command
2-9
network
Routing Protocol
Command
3-34
network
Routing Protocol
Command
5-29
network
Traffic Accounting
Command
1-5
network
DHCP Command
1-27
network-entity
Routing Protocol
Command
4-28
nssa
Routing Protocol
Command
3-35
ntdp enable
Cluster Command
1-10
ntdp explore
Cluster Command
1-11
ntdp hop
Cluster Command
1-11
ntdp timer
Cluster Command
1-12
ntdp timer hop-delay
Cluster Command
1-13
ntdp timer port-delay
Cluster Command
1-13
ntp-service access
NTP Command.
1-3
ntp-service authentication enable
NTP Command.
1-5
ntp-service authentication-keyid
NTP Command.
1-5
ntp-service broadcast-client
NTP Command.
1-6
ntp-service broadcast-server
NTP Command.
1-7
ntp-service disable
NTP Command.
1-8
ntp-service in-interface disable
NTP Command.
1-8
ntp-service max-dynamic-sessions
NTP Command.
1-9
ntp-service multicast-client
NTP Command.
1-10
ntp-service multicast-server
NTP Command.
1-10
ntp-service refclock-master
NTP Command.
1-11
ntp-service reliable authentication-keyid
NTP Command.
1-12
ntp-service source-interface
NTP Command.
1-13
ntp-service unicast-peer
NTP Command.
1-14
A-27
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
ntp-service unicast-server
NTP Command.
1-15
open
FTP and TFTP
Command
1-17
option
DHCP Command
1-28
ospf
Routing Protocol
Command
3-36
ospf authentication-mode
Routing Protocol
Command
3-37
ospf cost
Routing Protocol
Command
3-38
ospf dr-priority
Routing Protocol
Command
3-38
ospf mib-binding
Routing Protocol
Command
3-39
ospf mtu-enable
Routing Protocol
Command
3-40
ospf network-type
Routing Protocol
Command
3-41
ospf timer dead
Routing Protocol
Command
3-42
ospf timer hello
Routing Protocol
Command
3-43
ospf timer poll
Routing Protocol
Command
3-44
ospf timer retransmit
Routing Protocol
Command
3-45
ospf trans-delay
Routing Protocol
Command
3-45
packet-filter
ACL Command
1-10
parity
Login Command
1-14
passive
FTP and TFTP
Command
1-18
password
AAA&RADIUS&HWTA
CACS&EAD Command
1-15
pause-protection
System Maintenance
and Debugging
Command
3-11
peer
Routing Protocol
Command
2-10
peer
Routing Protocol
3-46
O
P
A-28
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Command
peer advertise-community
Routing Protocol
Command
5-30
peer allow-as-loop
Routing Protocol
Command
5-31
peer as-number
Routing Protocol
Command
5-31
peer as-path-acl export
Routing Protocol
Command
5-32
peer as-path-acl import
Routing Protocol
Command
5-33
peer connect-interface
Routing Protocol
Command
5-33
peer default-route-advertise
Routing Protocol
Command
5-34
peer description
Routing Protocol
Command
5-35
peer ebgp-max-hop
Routing Protocol
Command
5-36
peer enable
Routing Protocol
Command
5-37
peer filter-policy export
Routing Protocol
Command
5-37
peer filter-policy import
Routing Protocol
Command
5-38
peer group
Routing Protocol
Command
5-39
peer ip-prefix export
Routing Protocol
Command
5-40
peer ip-prefix import
Routing Protocol
Command
5-40
peer next-hop-local
Routing Protocol
Command
5-41
peer password
Routing Protocol
Command
5-42
peer public-as-only
Routing Protocol
Command
5-43
peer reflect-client
Routing Protocol
Command
5-43
peer route-policy export
Routing Protocol
Command
5-44
peer route-policy import
Routing Protocol
Command
5-45
peer route-update-interval
Routing Protocol
Command
5-46
peer timer
Routing Protocol
5-47
A-29
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Command
peer-public-key end
SSH Terminal Service
Command
1-5
pim
Multicast Command
5-10
pim bsr-boundary
Multicast Command
5-11
pim dm
Multicast Command
5-12
pim neighbor-limit
Multicast Command
5-13
pim neighbor-policy
Multicast Command
5-13
pim sm
Multicast Command
5-14
pim timer hello
Multicast Command
5-15
ping
System Maintenance
and Debugging
Command
2-1
poe enable
PoE Command
1-7
poe enable slot
PoE Command
1-8
poe legacy enable slot
PoE Command
1-9
poe max-power
PoE Command
1-10
poe max-power slot
PoE Command
1-10
poe mode
PoE Command
1-11
poe power max-value
PoE Command
1-12
poe power-management
PoE Command
1-12
poe priority
PoE Command
1-13
poe upgrade
PoE Command
1-14
poe-power input-thresh lower
PoE Command
2-7
poe-power input-thresh upper
PoE Command
2-7
poe-power output-thresh lower
PoE Command
2-8
poe-power output-thresh upper
PoE Command
2-9
port
VLAN Command
1-12
port
Port Isolation
Command
1-2
port access vlan
Port Basic
Configuration
Command
1-21
port hybrid protocol-vlan vlan
VLAN Command
1-15
port hybrid pvid vlan
Port Basic
Configuration
Command
1-22
port hybrid vlan
Port Basic
Configuration
Command
1-22
A-30
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
port isolate
Port Isolation
Command
1-3
port link-aggregation group
Link Aggregation
Command
1-9
port link-type
Port Basic
Configuration
Command
1-23
port trunk permit vlan
Port Basic
Configuration
Command
1-24
port trunk pvid vlan
Port Basic
Configuration
Command
1-25
port-isolate group
Port Isolation
Command
1-4
preference
Routing Protocol
Command
2-11
preference
Routing Protocol
Command
3-47
preference
Routing Protocol
Command
4-29
preference
Routing Protocol
Command
5-47
primary accounting
AAA&RADIUS&HWTA
CACS&EAD Command
1-35
primary accounting
AAA&RADIUS&HWTA
CACS&EAD Command
1-60
primary authentication
AAA&RADIUS&HWTA
CACS&EAD Command
1-36
primary authentication
AAA&RADIUS&HWTA
CACS&EAD Command
1-61
primary authorization
AAA&RADIUS&HWTA
CACS&EAD Command
1-62
priority
QoS Command
1-13
priority trust
QoS Command
1-14
protocol inbound
Login Command
1-15
protocol inbound
SSH Terminal Service
Command
1-6
protocol multicast-mac enable
Routing Protocol
Command
3-48
protocol-vlan
VLAN Command
1-18
protocol-vlan vlan slot
VLAN Command
1-16
public-key-code begin
SSH Terminal Service
Command
1-7
public-key-code begin
SSH Terminal Service
Command
1-18
A-31
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
public-key-code end
SSH Terminal Service
Command
1-8
public-key-code end
SSH Terminal Service
Command
1-19
put
SSH Terminal Service
Command
1-32
put
FTP and TFTP
Command
1-18
pwd
SSH Terminal Service
Command
1-32
pwd
File System
Management
Command
1-10
pwd
FTP and TFTP
Command
1-19
qe monitor
System Maintenance
and Debugging
Command
3-12
qe monitor errpkt
System Maintenance
and Debugging
Command
3-13
qe monitor errpkt check-time
System Maintenance
and Debugging
Command
3-14
qe monitor overflow-threshold
System Maintenance
and Debugging
Command
3-14
qos
QoS Command
1-15
qos cos-local-precedence-map
QoS Command
1-17
queue-scheduler
QoS Command
1-19
quit
SSH Terminal Service
Command
1-20
quit
SSH Terminal Service
Command
1-33
quit
FTP and TFTP
Command
1-20
quit
System Maintenance
and Debugging
Command
1-4
radius nas-ip
AAA&RADIUS&HWTA
CACS&EAD Command
1-37
radius scheme
AAA&RADIUS&HWTA
1-38
Q
R
A-32
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
CACS&EAD Command
radius-scheme
AAA&RADIUS&HWTA
CACS&EAD Command
1-16
raw-vlan-id inbound
QinQ Command
2-1
rdram
System Maintenance
and Debugging
Command
3-15
reboot
System Maintenance
and Debugging
Command
3-15
reboot member
Cluster Command
1-32
reflect between-clients
Routing Protocol
Command
5-48
reflector cluster-id
Routing Protocol
Command
5-49
refresh bgp
Routing Protocol
Command
5-50
region-name
MSTP Command
1-7
register-policy
Multicast Command
5-16
remotehelp
FTP and TFTP
Command
1-21
remote-probe vlan
Mirroring Command
1-12
remove
SSH Terminal Service
Command
1-33
rename
SSH Terminal Service
Command
1-34
rename
File System
Management
Command
1-11
reset
Routing Protocol
Command
2-11
reset acl counter
ACL Command
1-13
reset arp
ARP Command
1-14
reset bgp
Routing Protocol
Command
5-50
reset bgp dampening
Routing Protocol
Command
5-51
reset bgp flap-info
Routing Protocol
Command
5-52
reset bgp group
Routing Protocol
Command
5-52
reset counters interface
Port Basic
Configuration
Command
1-26
reset dhcp server conflict
DHCP Command
1-29
A-33
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
reset dhcp server ip-in-use
DHCP Command
1-30
reset dhcp server statistics
DHCP Command
1-30
reset dhcp-server
DHCP Command
2-11
reset dhcp-snooping
DHCP Command
3-5
reset dns dynamic-host
DNS Command
1-7
reset dot1x statistics
802.1x Command
1-20
reset garp statistics
GVRP Command
1-5
reset hwtacacs statistics
AAA&RADIUS&HWTA
CACS&EAD Command
1-63
reset igmp group
Multicast Command
4-16
reset igmp-snooping statistics
Multicast Command
1-14
reset ip statistics
IP Address&IP
Performance&IPX
Command
2-13
reset ipx routing-table statistics protocol
IP Address&IP
Performance&IPX
Command
3-24
reset ipx statistics
IP Address&IP
Performance&IPX
Command
3-25
reset isis all
Routing Protocol
Command
4-30
reset isis peer
Routing Protocol
Command
4-31
reset lacp statistics
Link Aggregation
Command
1-10
reset logbuffer
Infomation Center
Command
1-22
reset multicast forwarding-table
Multicast Command
2-14
reset multicast routing-table
Multicast Command
2-15
reset ndp statistics
Cluster Command
1-6
reset ospf
Routing Protocol
Command
3-49
reset pim neighbor
Multicast Command
5-16
reset pim routing-table
Multicast Command
5-17
reset radius statistics
AAA&RADIUS&HWTA
CACS&EAD Command
1-39
reset recycle-bin
File System
Management
Command
1-12
reset saved-configuration
Configuration File
Management
Command
1-10
A-34
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
reset stop-accounting-buffer
AAA&RADIUS&HWTA
CACS&EAD Command
1-40
reset stop-accounting-buffer
AAA&RADIUS&HWTA
CACS&EAD Command
1-63
reset stp
MSTP Command
1-8
reset tcp statistics
IP Address&IP
Performance&IPX
Command
2-14
reset traffic-statistic
QoS Command
1-20
reset trapbuffer
Infomation Center
Command
1-22
reset udp statistics
IP Address&IP
Performance&IPX
Command
2-14
reset udp-helper packet
UDP-Helper Command
1-2
reset vrrp statistics
VRRP&HA Command
1-3
retry
AAA&RADIUS&HWTA
CACS&EAD Command
1-41
retry realtime-accounting
AAA&RADIUS&HWTA
CACS&EAD Command
1-42
retry stop-accounting
AAA&RADIUS&HWTA
CACS&EAD Command
1-43
retry stop-accounting
AAA&RADIUS&HWTA
CACS&EAD Command
1-64
return
System Maintenance
and Debugging
Command
1-5
revision-level
MSTP Command
1-8
rip
Routing Protocol
Command
2-12
rip authentication-mode
Routing Protocol
Command
2-13
rip input
Routing Protocol
Command
2-14
rip metricin
Routing Protocol
Command
2-15
rip metricout
Routing Protocol
Command
2-15
rip output
Routing Protocol
Command
2-16
rip split-horizon
Routing Protocol
Command
2-17
rip version
Routing Protocol
Command
2-18
rip work
Routing Protocol
Command
2-19
A-35
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
rmdir
SSH Terminal Service
Command
1-34
rmdir
File System
Management
Command
1-13
rmdir
FTP and TFTP
Command
1-22
rmon alarm
SNMP&RMON
Command
2-9
rmon event
SNMP&RMON
Command
2-11
rmon history
SNMP&RMON
Command
2-12
rmon prialarm
SNMP&RMON
Command
2-13
rmon statistics
SNMP&RMON
Command
2-15
route-policy
Routing Protocol
Command
6-19
router id
Routing Protocol
Command
3-50
rsa local-key-pair create
SSH Terminal Service
Command
1-9
rsa local-key-pair destroy
SSH Terminal Service
Command
1-10
rsa peer-public-key
SSH Terminal Service
Command
1-11
rsa peer-public-key
SSH Terminal Service
Command
1-20
rule (Advanced ACL)
ACL Command
1-15
rule (Basic ACL)
ACL Command
1-14
rule (Layer 2 ACL)
ACL Command
1-21
rule (user-defined ACL)
ACL Command
1-24
save
Configuration File
Management
Command
1-11
schedule reboot at
System Maintenance
and Debugging
Command
3-16
schedule reboot delay
System Maintenance
and Debugging
Command
3-17
scheme
AAA&RADIUS&HWTA
CACS&EAD Command
1-17
S
A-36
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
screen-length
Login Command
1-16
secondary accounting
AAA&RADIUS&HWTA
CACS&EAD Command
1-44
secondary accounting
AAA&RADIUS&HWTA
CACS&EAD Command
1-65
secondary authentication
AAA&RADIUS&HWTA
CACS&EAD Command
1-45
secondary authentication
AAA&RADIUS&HWTA
CACS&EAD Command
1-66
secondary authorization
AAA&RADIUS&HWTA
CACS&EAD Command
1-67
security-policy-server
AAA&RADIUS&HWTA
CACS&EAD Command
2-1
self-service-url
AAA&RADIUS&HWTA
CACS&EAD Command
1-18
send
Login Command
1-16
server-type
AAA&RADIUS&HWTA
CACS&EAD Command
1-46
service-type
Login Command
1-17
service-type
AAA&RADIUS&HWTA
CACS&EAD Command
1-19
set authentication password
Login Command
1-19
set backboard enhance
System Maintenance
and Debugging
Command
3-19
set inlink
Hardware-dependent
Software Configuration
Command
1-2
set-overload
Routing Protocol
Command
4-31
sftp
SSH Terminal Service
Command
1-35
sftp server enable
SSH Terminal Service
Command
1-24
shared-vlan mainboard
QinQ Command
3-1
shared-vlan slot
QinQ Command
3-2
shell
Login Command
1-20
shutdown
VLAN Command
1-7
shutdown
Port Basic
Configuration
Command
1-26
silent-interface
Routing Protocol
Command
3-51
silent-interface
Routing Protocol
Command
4-32
A-37
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
slave auto-update config
VRRP&HA Command
2-1
slave restart
VRRP&HA Command
2-2
slave switchover
VRRP&HA Command
2-2
slave update configuration
VRRP&HA Command
2-3
snmp-agent
SNMP&RMON
Command
1-9
snmp-agent community
Login Command
2-1
snmp-agent community
SNMP&RMON
Command
1-9
snmp-agent group
Login Command
2-2
snmp-agent group
SNMP&RMON
Command
1-10
snmp-agent local-engineid
SNMP&RMON
Command
1-11
snmp-agent mib-view
SNMP&RMON
Command
1-12
snmp-agent packet max-size
SNMP&RMON
Command
1-13
snmp-agent sys-info
SNMP&RMON
Command
1-14
snmp-agent target-host
SNMP&RMON
Command
1-15
snmp-agent trap enable
SNMP&RMON
Command
1-16
snmp-agent trap enable ospf
Routing Protocol
Command
3-51
snmp-agent trap life
SNMP&RMON
Command
1-17
snmp-agent trap queue-size
SNMP&RMON
Command
1-18
snmp-agent trap source
SNMP&RMON
Command
1-19
snmp-agent usm-user
Login Command
2-4
snmp-agent usm-user
SNMP&RMON
Command
1-20
snmp-host
Cluster Command
1-32
source-policy
Multicast Command
5-18
speed
Login Command
1-21
speed
Port Basic
Configuration
Command
1-27
speedup
Port Basic
Configuration
Command
1-28
A-38
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
spf-delay-interval
Routing Protocol
Command
4-33
spf-schedule-interval
Routing Protocol
Command
3-52
spf-slice-size
Routing Protocol
Command
4-33
ssh authentication-type default
SSH Terminal Service
Command
1-12
ssh client assign rsa-key
SSH Terminal Service
Command
1-21
ssh client first-time enable
SSH Terminal Service
Command
1-22
ssh server authentication-retries
SSH Terminal Service
Command
1-13
ssh server compatible-ssh1x enable
SSH Terminal Service
Command
1-13
ssh server rekey-interval
SSH Terminal Service
Command
1-14
ssh server timeout
SSH Terminal Service
Command
1-15
ssh user assign rsa-key
SSH Terminal Service
Command
1-16
ssh user authentication-type
SSH Terminal Service
Command
1-16
ssh user service-type
SSH Terminal Service
Command
1-25
ssh2
SSH Terminal Service
Command
1-23
startup saved-configuration
Configuration File
Management
Command
1-12
state
AAA&RADIUS&HWTA
CACS&EAD Command
1-20
state
AAA&RADIUS&HWTA
CACS&EAD Command
1-46
static-bind ip-address
DHCP Command
1-31
static-bind mac-address
DHCP Command
1-32
static-rp
Multicast Command
5-19
stop-accounting-buffer enable
AAA&RADIUS&HWTA
CACS&EAD Command
1-48
stop-accounting-buffer enable
AAA&RADIUS&HWTA
CACS&EAD Command
1-68
stopbits
Login Command
1-21
stp
MSTP Command
1-9
stp bpdu-protection
MSTP Command
1-10
A-39
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
stp bridge-diameter
MSTP Command
1-11
stp config-digest-snooping
MSTP Command
1-12
stp cost
MSTP Command
1-13
stp edged-port
MSTP Command
1-14
stp interface
MSTP Command
1-15
stp interface config-digest-snooping
MSTP Command
1-16
stp interface cost
MSTP Command
1-18
stp interface edged-port
MSTP Command
1-19
stp interface loop-protection
MSTP Command
1-20
stp interface mcheck
MSTP Command
1-21
stp interface no-agreement-check
MSTP Command
1-22
stp interface point-to-point
MSTP Command
1-23
stp interface port priority
MSTP Command
1-25
stp interface root-protection
MSTP Command
1-26
stp interface transmit-limit
MSTP Command
1-27
stp loop-protection
MSTP Command
1-28
stp max-hops
MSTP Command
1-29
stp mcheck
MSTP Command
1-30
stp mode
MSTP Command
1-30
stp no-agreement-check
MSTP Command
1-31
stp pathcost-standard
MSTP Command
1-32
stp point-to-point
MSTP Command
1-34
stp port priority
MSTP Command
1-35
stp priority
MSTP Command
1-36
stp region-configuration
MSTP Command
1-37
stp root primary
MSTP Command
1-38
stp root secondary
MSTP Command
1-39
stp root-protection
MSTP Command
1-40
stp tc-protection
MSTP Command
1-41
stp timer forward-delay
MSTP Command
1-42
stp timer hello
MSTP Command
1-43
stp timer max-age
MSTP Command
1-44
stp timer-factor
MSTP Command
1-45
stp transmit-limit
MSTP Command
1-46
stub
Routing Protocol
Command
3-53
A-40
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
subvlan
Extended VLAN
Application Command
3-3
summary
Routing Protocol
Command
2-19
summary
Routing Protocol
Command
4-34
summary
Routing Protocol
Command
5-53
super
CLI Command
1-2
super password
CLI Command
1-3
supervlan
Extended VLAN
Application Command
3-4
sysname
Login Command
1-22
sysname
System Maintenance
and Debugging
Command
1-5
system-view
System Maintenance
and Debugging
Command
1-6
tcp timer fin-timeout
IP Address&IP
Performance&IPX
Command
2-15
tcp timer syn-timeout
IP Address&IP
Performance&IPX
Command
2-15
tcp window
IP Address&IP
Performance&IPX
Command
2-16
telnet
Login Command
1-23
temperature-limit
System Maintenance
and Debugging
Command
3-19
terminal debugging
Infomation Center
Command
1-23
terminal debugging
System Maintenance
and Debugging
Command
1-13
terminal logging
Infomation Center
Command
1-23
terminal monitor
Infomation Center
Command
1-24
terminal trapping
Infomation Center
Command
1-25
test-enable
Remote Ping
1-7
T
A-41
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
Command
test-type
Remote Ping
Command
1-8
tftp cluster get
Cluster Command
1-33
tftp cluster put
Cluster Command
1-34
tftp get
FTP and TFTP
Command
1-24
tftp put
FTP and TFTP
Command
1-25
tftp-server
Cluster Command
1-34
tftp-server acl
FTP and TFTP
Command
1-26
timeout
Remote Ping
Command
1-9
timer
Routing Protocol
Command
5-53
timer
AAA&RADIUS&HWTA
CACS&EAD Command
1-49
timer
Cluster Command
1-35
timer lsp-max-age
Routing Protocol
Command
4-35
timer lsp-refresh
Routing Protocol
Command
4-36
timer quiet
AAA&RADIUS&HWTA
CACS&EAD Command
1-50
timer quiet
AAA&RADIUS&HWTA
CACS&EAD Command
1-69
timer realtime-accounting
AAA&RADIUS&HWTA
CACS&EAD Command
1-50
timer realtime-accounting
AAA&RADIUS&HWTA
CACS&EAD Command
1-69
timer response-timeout
AAA&RADIUS&HWTA
CACS&EAD Command
1-51
timer response-timeout
AAA&RADIUS&HWTA
CACS&EAD Command
1-71
timer spf
Routing Protocol
Command
4-37
time-range
ACL Command
1-25
timers
Routing Protocol
Command
2-20
tracert
System Maintenance
and Debugging
Command
2-3
traffic-bandwidth
QoS Command
1-23
A-42
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
traffic-group
Traffic Accounting
Command
1-8
traffic-limit
QoS Command
1-26
traffic-priority
QoS Command
1-28
traffic-red
QoS Command
1-32
traffic-redirect
QoS Command
1-33
traffic-remark-vlanid
QoS Command
1-35
traffic-share-across-interface
Routing Protocol
Command
2-21
traffic-slot
Traffic Accounting
Command
1-8
traffic-statistic
QoS Command
1-37
udp-helper port
UDP-Helper Command
1-3
udp-helper server
UDP-Helper Command
1-4
umount
File System
Management
Command
1-13
undelete
File System
Management
Command
1-14
undo synchronization
Routing Protocol
Command
5-54
uplink monitor
System Maintenance
and Debugging
Command
3-20
user
FTP and TFTP
Command
1-23
user privilege level
Login Command
1-24
user-interface
Login Command
1-23
user-name-format
AAA&RADIUS&HWTA
CACS&EAD Command
1-52
user-name-format
AAA&RADIUS&HWTA
CACS&EAD Command
1-71
verbose
FTP and TFTP
Command
1-23
virtual-cable-test
Port Basic
Configuration
Command
1-29
vlan
VLAN Command
1-8
U
V
A-43
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
vlan all
VLAN Command
1-10
vlan to
VLAN Command
1-9
vlan-assignment-mode
AAA&RADIUS&HWTA
CACS&EAD Command
1-21
vlan-mapping modulo
MSTP Command
1-47
vlan-vpn enable
QinQ Command
1-1
vlan-vpn tunnel
MSTP Command
1-48
vlan-vpn vid
QinQ Command
2-2
vlink-peer
Routing Protocol
Command
3-54
voice vlan
Extended VLAN
Application Command
1-4
voice vlan aging
Extended VLAN
Application Command
1-5
voice vlan enable
Extended VLAN
Application Command
1-5
voice vlan mac-address
Extended VLAN
Application Command
1-6
voice vlan mode
Extended VLAN
Application Command
1-7
voice vlan security enable
Extended VLAN
Application Command
1-8
vrrp authentication-mode
VRRP&HA Command
1-4
vrrp method
VRRP&HA Command
1-5
vrrp ping-enable
VRRP&HA Command
1-6
vrrp vrid preempt-mode
VRRP&HA Command
1-6
vrrp vrid priority
VRRP&HA Command
1-8
vrrp vrid timer advertise
VRRP&HA Command
1-9
vrrp vrid track
VRRP&HA Command
1-9
vrrp vrid virtual-ip
VRRP&HA Command
1-11
W
X
Y
Z
A-44
3Com Switch 7750 Series
Command Reference Guide – Command Index
Appendix A Command Indexx
A-45
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.5 Linearized : No Tagged PDF : No Page Mode : UseOutlines XMP Toolkit : 3.1-702 Producer : Acrobat Distiller 7.0.5 (Windows) Company : 3Com Corporation Source Modified : D:20060814155757 Create Date : 2006:08:17 15:34:32-04:00 Creator Tool : Acrobat PDFMaker 7.0.7 for Word Modify Date : 2006:09:28 22:06:27-04:00 Metadata Date : 2006:09:28 22:06:27-04:00 Document ID : uuid:7ef822c8-66fb-4097-a591-83aa5368a2fa Instance ID : uuid:2871b9db-7d15-4705-8441-33fc6620de87 Version ID : 27 Format : application/pdf Title : 3Com Switch 7750 Command Reference Guide Creator : 3Com Subject : Headline : Has XFA : No Page Count : 1177 Author : 3ComEXIF Metadata provided by EXIF.tools