Scribd
Upload
84 views1,712 pages

ExtremeWareXOSCommandRef11 3

The ExtremeWare XOS operating system is based, in part, on the Linux operating system. The machine-readable copy of the corresponding source code is available for the cost of distribution.

Uploaded by

jarguetao
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
84 views1,712 pages

ExtremeWareXOSCommandRef11 3

The ExtremeWare XOS operating system is based, in part, on the Linux operating system. The machine-readable copy of the corresponding source code is available for the cost of distribution.

Uploaded by

jarguetao
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1712

ExtremeWare XOS Command Reference Guide

Software Version 11.3

Extreme Networks, Inc. 3585 Monroe Street Santa Clara, California 95051 (408) 579-2800 (888) 257-3000 http://www.extremenetworks.com Published: September 2005 Part number: 100195-00 Rev 01

Alpine, Altitude, BlackDiamond, EPICenter, Ethernet Everywhere, Extreme Ethernet Everywhere, Extreme Networks, Extreme Turbodrive, Extreme Velocity, ExtremeWare, ExtremeWorks, GlobalPx Content Director, the Go Purple Extreme Solution Partners Logo, ServiceWatch, Summit, the Summit7i Logo, and the Color Purple, among others, are trademarks or registered trademarks of Extreme Networks, Inc. or its subsidiaries in the United States and other countries. Other names and marks may be the property of their respective owners. 2005 Extreme Networks, Inc. All Rights Reserved. Specifications are subject to change without notice. The ExtremeWare XOS operating system is based, in part, on the Linux operating system. The machine-readable copy of the corresponding source code is available for the cost of distribution. Please direct requests to Extreme Networks for more information at the following address: Software Licensing Department 3585 Monroe Street Santa Clara CA 95051 NetWare and Novell are registered trademarks of Novell, Inc. Merit is a registered trademark of Merit Network, Inc. Solaris is a trademark of Sun Microsystems, Inc. F5, BIG/ip, and 3DNS are registered trademarks of F5 Networks, Inc. see/IT is a trademark of F5 Networks, Inc. sFlow is a registered trademark of InMon Corporation.

All other registered trademarks, trademarks and service marks are property of their respective owners. 123456789

Authors: Hugh Bussell, Megan Mahar, Peggy Murphy Production: Hugh Bussell

ExtremeWare XOS 11.3 Command Reference

Contents
Preface......................................................................................................................................... 29 Chapter 1: Command Reference Overview....................................................................................... 31 Chapter 2: Commands for Accessing the Switch.............................................................................. 39
clear account lockout ................................................................................................................40 clear session.............................................................................................................................41 configure account .....................................................................................................................42 configure account password-policy char-validation........................................................................44 configure account password-policy history ...................................................................................46 configure account password-policy lockout-on-login-failures ..........................................................48 configure account password-policy max-age .................................................................................50 configure account password-policy min-length .............................................................................52 configure banner .......................................................................................................................54 configure cli max-sessions .........................................................................................................55 configure cli max-failed-logins....................................................................................................56 configure dns-client add ............................................................................................................57 configure dns-client default-domain............................................................................................59 configure dns-client delete.........................................................................................................60 configure failsafe-account ..........................................................................................................62 configure idletimeout ................................................................................................................64 configure safe-default-script.......................................................................................................65 configure time ..........................................................................................................................67 configure timezone....................................................................................................................68 create account ..........................................................................................................................72 delete account ..........................................................................................................................74 disable cli space-completion ......................................................................................................76 disable clipaging .......................................................................................................................77 disable idletimeout....................................................................................................................78 enable cli space-completion .......................................................................................................79 enable clipaging........................................................................................................................80 enable idletimeout ....................................................................................................................81 enable license ..........................................................................................................................82 history......................................................................................................................................84 ping.........................................................................................................................................85 reboot ......................................................................................................................................87 show accounts ..........................................................................................................................89 show accounts password-policy...................................................................................................91 show banner .............................................................................................................................93 show dns-client.........................................................................................................................94 show licenses ...........................................................................................................................95

ExtremeWare XOS 11.3 Command Reference

Contents show switch..............................................................................................................................97 traceroute...............................................................................................................................100

Chapter 3: Commands for Managing the Switch ............................................................................ 103


configure node priority.............................................................................................................106 configure power supply ............................................................................................................108 configure snmp add community................................................................................................111 configure snmp add trapreceiver...............................................................................................113 configure snmp delete community ............................................................................................115 configure snmp delete trapreceiver ...........................................................................................117 configure snmp sysContact.......................................................................................................118 configure snmp sysLocation .....................................................................................................119 configure snmp sysName .........................................................................................................120 configure snmpv3 add access...................................................................................................121 configure snmpv3 add community ............................................................................................123 configure snmpv3 add filter .....................................................................................................125 configure snmpv3 add filter-profile ...........................................................................................127 configure snmpv3 add group user .............................................................................................128 configure snmpv3 add mib-view ...............................................................................................130 configure snmpv3 add notify ....................................................................................................132 configure snmpv3 add target-addr ............................................................................................133 configure snmpv3 add target-params ........................................................................................135 configure snmpv3 add user ......................................................................................................137 configure snmpv3 add user clone-from......................................................................................139 configure snmpv3 delete access ...............................................................................................140 configure snmpv3 delete community.........................................................................................142 configure snmpv3 delete filter ..................................................................................................143 configure snmpv3 delete filter-profile........................................................................................144 configure snmpv3 delete group user..........................................................................................145 configure snmpv3 delete mib-view ............................................................................................147 configure snmpv3 delete notify.................................................................................................149 configure snmpv3 delete target-addr .........................................................................................150 configure snmpv3 delete target-params .....................................................................................151 configure snmpv3 delete user...................................................................................................152 configure snmpv3 engine-boots ................................................................................................154 configure snmpv3 engine-id .....................................................................................................155 configure sntp-client ...............................................................................................................156 configure sntp-client update-interval .........................................................................................158 configure telnet access-profile..................................................................................................159 configure telnet port ................................................................................................................161 configure telnet vr ...................................................................................................................163 disable dhcp vlan ....................................................................................................................165 disable snmp access ...............................................................................................................166 disable snmp traps ..................................................................................................................167 disable sntp-client ..................................................................................................................168 disable telnet..........................................................................................................................169

ExtremeWare XOS 11.3 Command Reference

Contents disable watchdog ....................................................................................................................170 enable dhcp vlan.....................................................................................................................171 enable snmp access ................................................................................................................172 enable snmp traps...................................................................................................................174 enable sntp-client ...................................................................................................................175 enable telnet ..........................................................................................................................176 enable watchdog .....................................................................................................................178 exit ........................................................................................................................................179 logout ....................................................................................................................................180 quit .......................................................................................................................................181 show dhcp-client state.............................................................................................................182 show checkpoint-data ..............................................................................................................183 show management ..................................................................................................................185 show node ..............................................................................................................................187 show odometers ......................................................................................................................189 show power ............................................................................................................................192 show power budget..................................................................................................................195 show power controller ..............................................................................................................199 show session ..........................................................................................................................201 show snmpv3 access ...............................................................................................................203 show snmpv3 context ..............................................................................................................206 show snmpv3 counters ............................................................................................................207 show snmpv3 engine-info.........................................................................................................209 show snmpv3 filter ..................................................................................................................210 show snmpv3 filter-profile........................................................................................................212 show snmpv3 group.................................................................................................................214 show snmpv3 mib-view ............................................................................................................217 show snmpv3 notify.................................................................................................................219 show snmpv3 target-addr .........................................................................................................220 show snmpv3 extreme-target-addr-ext .......................................................................................222 show snmpv3 target-params .....................................................................................................223 show snmpv3 user...................................................................................................................225 show sntp-client......................................................................................................................227 telnet.....................................................................................................................................229 telnet msm .............................................................................................................................231 tftp ........................................................................................................................................233

Chapter 4: Commands for Managing the ExtremeWare XOS Software.............................................. 237


clear cpu-monitoring ...............................................................................................................238 cp..........................................................................................................................................240 disable cpu-monitoring ............................................................................................................243 disable xml-mode....................................................................................................................244 enable cpu-monitoring .............................................................................................................245 enable xml-mode ....................................................................................................................247 ls...........................................................................................................................................248 mv.........................................................................................................................................250

ExtremeWare XOS 11.3 Command Reference

Contents restart process ........................................................................................................................253 rm .........................................................................................................................................255 show cpu-monitoring ...............................................................................................................257 show heartbeat process............................................................................................................260 show memory..........................................................................................................................263 show memory process ..............................................................................................................267 show process ..........................................................................................................................269 start process ...........................................................................................................................275 terminate process....................................................................................................................277

Chapter 5: Commands for Configuring Slots and Ports on a Switch................................................. 279


clear counters ports.................................................................................................................281 clear lacp counters ..................................................................................................................282 clear counters edp...................................................................................................................283 clear slot ................................................................................................................................284 configure edp advertisement-interval.........................................................................................285 configure ip-mtu vlan ..............................................................................................................286 configure jumbo-frame-size ......................................................................................................288 configure mirroring add ...........................................................................................................290 configure mirroring delete ........................................................................................................292 configure ports auto off............................................................................................................294 configure ports auto on ............................................................................................................296 configure ports auto-polarity.....................................................................................................297 configure ports display-string ...................................................................................................298 configure ports preferred-medium .............................................................................................299 configure ports rate-limit flood .................................................................................................301 configure ports redundant ........................................................................................................302 configure sharing add ports ......................................................................................................304 configure sharing address-based ...............................................................................................306 configure sharing delete ports ..................................................................................................308 configure sharing lacp system-priority .......................................................................................309 configure slot module ..............................................................................................................311 disable edp ports ....................................................................................................................313 disable jumbo-frame ports .......................................................................................................314 disable learning port................................................................................................................315 disable mirroring .....................................................................................................................316 disable port ............................................................................................................................317 disable sharing .......................................................................................................................318 disable slot.............................................................................................................................319 disable smartredundancy .........................................................................................................321 enable edp ports .....................................................................................................................322 enable jumbo-frame ports ........................................................................................................324 enable learning port ................................................................................................................326 enable mirroring to port ...........................................................................................................327 enable port .............................................................................................................................329 enable sharing grouping...........................................................................................................330

ExtremeWare XOS 11.3 Command Reference

Contents enable slot .............................................................................................................................333 enable smartredundancy ..........................................................................................................335 restart ports............................................................................................................................336 run msm-failover .....................................................................................................................337 show edp................................................................................................................................339 show lacp ...............................................................................................................................341 show lacp lag..........................................................................................................................343 show lacp member-port ...........................................................................................................347 show mirroring ........................................................................................................................350 show ports collisions ...............................................................................................................352 show ports configuration ..........................................................................................................354 show ports information ............................................................................................................357 show ports packet ...................................................................................................................361 show ports redundant ..............................................................................................................363 show ports sharing ..................................................................................................................364 show ports utilization...............................................................................................................366 show slot................................................................................................................................370 unconfigure ports display string ................................................................................................375 unconfigure ports redundant ....................................................................................................376 unconfigure slot ......................................................................................................................377

Chapter 6: LLDP Commands ......................................................................................................... 379


configure lldp ports management-address..................................................................................380 configure lldp ports port-description..........................................................................................381 configure lldp ports system-capabilities.....................................................................................382 configure lldp ports system-description .....................................................................................383 configure lldp ports system-name .............................................................................................384 configure lldp ports vendor-specific dot1 port-vlan-ID .................................................................385 configure lldp ports vendor-specific dot1 port-protocol-vlan-ID ....................................................386 configure lldp ports vendor-specific dot1 vlan-name ...................................................................388 configure lldp ports vendor-specific dot3 link-aggregation ...........................................................390 configure lldp ports vendor-specific dot3 mac-phy......................................................................391 configure lldp ports vendor-specific dot3 max-frame-size ............................................................392 configure lldp ports vendor-specific dot3 power-via-mdi ..............................................................393 configure lldp reinitialize-delay.................................................................................................395 configure lldp snmp-notification-interval ...................................................................................396 configure lldp transmit-delay....................................................................................................397 configure lldp transmit-hold .....................................................................................................398 configure lldp transmit-interval.................................................................................................399 disable lldp ports ....................................................................................................................400 disable snmp traps lldp ...........................................................................................................401 enable lldp ports .....................................................................................................................402 enable snmp traps lldp ............................................................................................................403 show lldp ...............................................................................................................................404 show lldp neighbors.................................................................................................................406 show lldp statistics..................................................................................................................408

ExtremeWare XOS 11.3 Command Reference

Contents unconfigure lldp......................................................................................................................410

Chapter 7: Power Over Ethernet Commands................................................................................... 411


clear inline-power stats ports....................................................................................................412 configure inline-power budget slot ............................................................................................414 configure inline-power disconnect-precedence ...........................................................................416 configure inline-power label ports .............................................................................................418 configure inline-power operator-limit ports.................................................................................420 configure inline-power priority ports ..........................................................................................421 configure inline-power usage-threshold......................................................................................422 disable inline-power ................................................................................................................423 disable inline-power legacy slot ................................................................................................425 disable inline-power ports ........................................................................................................426 disable inline-power slot ..........................................................................................................427 enable inline-power .................................................................................................................428 enable inline-power legacy slot .................................................................................................430 enable inline-power ports .........................................................................................................431 enable inline-power slot ...........................................................................................................433 reset inline-power ports ...........................................................................................................435 show inline-power ...................................................................................................................436 show inline-power configuration ports........................................................................................439 show inline-power info ports.....................................................................................................441 show inline-power slot .............................................................................................................444 show inline-power stats ports....................................................................................................446 show inline-power stats slot......................................................................................................448 unconfigure inline-power budget slot.........................................................................................450 unconfigure inline-power disconnect-precedence........................................................................451 unconfigure inline-power operator-limit ports .............................................................................452 unconfigure inline-power priority ports ......................................................................................453 unconfigure inline-power usage-threshold ..................................................................................454

Chapter 8: Commands for Status Monitoring and Statistics ............................................................ 455


clear counters .........................................................................................................................457 clear log .................................................................................................................................458 clear log counters....................................................................................................................459 configure log display ...............................................................................................................461 configure log filter events.........................................................................................................463 configure log filter events match...............................................................................................466 configure log target filter..........................................................................................................470 configure log target format .......................................................................................................473 configure log target match .......................................................................................................477 configure log target severity......................................................................................................479 configure log target syslog........................................................................................................481 configure sflow agent ipaddress ................................................................................................483 configure sflow collector ipaddress............................................................................................484 configure sflow max-cpu-sample-limit .......................................................................................486

ExtremeWare XOS 11.3 Command Reference

Contents configure sflow poll-interval .....................................................................................................487 configure sflow ports sample-rate..............................................................................................488 configure sflow sample-rate......................................................................................................490 configure sys-health-check interval ...........................................................................................491 configure sys-recovery-level ......................................................................................................494 configure sys-recovery-level slot................................................................................................496 configure syslog add ................................................................................................................499 configure syslog delete ............................................................................................................501 create log filter .......................................................................................................................503 delete log filter .......................................................................................................................505 disable cli-config-logging .........................................................................................................506 disable log debug-mode ...........................................................................................................507 disable log display...................................................................................................................508 disable log target ....................................................................................................................509 disable rmon ..........................................................................................................................511 disable sflow ..........................................................................................................................512 disable sflow ports ..................................................................................................................513 disable sys-health-check ..........................................................................................................514 disable syslog .........................................................................................................................516 enable cli-config-logging ..........................................................................................................517 enable log debug-mode............................................................................................................518 enable log display ...................................................................................................................519 enable log target .....................................................................................................................520 enable rmon ...........................................................................................................................522 enable sflow ...........................................................................................................................524 enable sflow ports ...................................................................................................................525 enable sys-health-check...........................................................................................................526 enable syslog ..........................................................................................................................528 show fans ...............................................................................................................................529 show log.................................................................................................................................532 show log components ..............................................................................................................536 show log configuration .............................................................................................................540 show log configuration filter .....................................................................................................542 show log configuration target....................................................................................................544 show log counters ...................................................................................................................547 show log events.......................................................................................................................549 show ports rxerrors ..................................................................................................................551 show ports statistics ................................................................................................................554 show ports txerrors ..................................................................................................................557 show rmon memory .................................................................................................................560 show sflow configuration ..........................................................................................................563 show sflow statistics ................................................................................................................565 show temperature....................................................................................................................567 show version ...........................................................................................................................569 unconfigure log filter ...............................................................................................................573 unconfigure log target format ...................................................................................................574

ExtremeWare XOS 11.3 Command Reference

Contents unconfigure sflow....................................................................................................................576 unconfigure sflow agent ...........................................................................................................577 unconfigure sflow collector.......................................................................................................578 unconfigure sflow ports............................................................................................................580 upload log ..............................................................................................................................581

Chapter 9: VLAN Commands......................................................................................................... 585


configure protocol add .............................................................................................................586 configure protocol delete .........................................................................................................588 configure vlan add ports ..........................................................................................................589 configure vlan delete ports .......................................................................................................591 configure vlan ipaddress ..........................................................................................................592 configure vlan name ................................................................................................................594 configure vlan protocol ............................................................................................................595 configure vlan tag ...................................................................................................................597 configure vman add ports.........................................................................................................598 configure vman delete ports .....................................................................................................600 configure vman ethertype.........................................................................................................601 configure vman tag..................................................................................................................602 create protocol........................................................................................................................603 create vlan .............................................................................................................................604 create vman............................................................................................................................606 delete protocol........................................................................................................................608 delete vlan .............................................................................................................................609 delete vman............................................................................................................................610 disable dot1p examination inner-tag port...................................................................................611 disable loopback-mode vlan .....................................................................................................612 enable dot1p examination inner-tag port ...................................................................................613 enable loopback-mode vlan ......................................................................................................614 show protocol .........................................................................................................................615 show vlan ...............................................................................................................................616 show vman .............................................................................................................................620 unconfigure vlan ipaddress.......................................................................................................622

Chapter 10: Commands for Virtual Routers.................................................................................... 625


create virtual-router .................................................................................................................626 configure vr add protocol .........................................................................................................627 configure vr add ports..............................................................................................................628 configure vr delete protocol ......................................................................................................629 configure vr delete ports ..........................................................................................................630 delete virtual-router .................................................................................................................631 show virtual-router ..................................................................................................................632 virtual-router...........................................................................................................................634

Chapter 11: FDB Commands ......................................................................................................... 637


clear fdb ................................................................................................................................638 configure fdb agingtime ...........................................................................................................639

10

ExtremeWare XOS 11.3 Command Reference

Contents create fdbentry vlan ports ........................................................................................................640 delete fdbentry .......................................................................................................................642 disable flooding port................................................................................................................643 enable flooding port ................................................................................................................645 show fdb ................................................................................................................................647

Chapter 12: Policy Manager Commands ....................................................................................... 649


check policy ...........................................................................................................................650 check policy attribute ..............................................................................................................651 edit policy ..............................................................................................................................653 refresh policy..........................................................................................................................655 show policy ............................................................................................................................656

Chapter 13: ACL Commands ......................................................................................................... 657


clear access-list counter ..........................................................................................................658 clear access-list meter .............................................................................................................660 configure access-list................................................................................................................661 configure access-list add .........................................................................................................663 configure access-list delete ......................................................................................................665 configure ipv6acl address-mask................................................................................................666 configure meter ......................................................................................................................667 create access-list ....................................................................................................................669 create meter ...........................................................................................................................671 delete access-list ....................................................................................................................672 delete meter ...........................................................................................................................673 disable access-list refresh blackhole .........................................................................................674 enable access-list refresh blackhole ..........................................................................................675 show access-list ......................................................................................................................676 show access-list configuration ..................................................................................................678 show access-list counter ..........................................................................................................679 show access-list dynamic .........................................................................................................681 show access-list dynamic counter .............................................................................................682 show access-list dynamic rule ..................................................................................................683 show access-list meter.............................................................................................................684 unconfigure access-list ............................................................................................................685

Chapter 14: QoS Commands......................................................................................................... 687


configure configure configure configure configure configure configure configure configure configure diffserv examination code-point..................................................................................689 diffserv replacement .................................................................................................691 dot1p type ...............................................................................................................693 ports qosprofile.........................................................................................................695 ports rate-limit egress................................................................................................697 qosprofile ingress ports..............................................................................................699 qosprofile ports.........................................................................................................701 qosprofile weight ......................................................................................................703 qosscheduler ............................................................................................................705 vlan qosprofile..........................................................................................................706

ExtremeWare XOS 11.3 Command Reference

11

Contents create qosprofile .....................................................................................................................707 delete qosprofile .....................................................................................................................709 disable diffserv examination port ..............................................................................................710 disable diffserv replacement port ..............................................................................................711 disable dot1p replacement ports...............................................................................................712 enable diffserv examination port ...............................................................................................713 enable diffserv replacement ports .............................................................................................714 enable dot1p replacement ports ...............................................................................................716 show diffserv ..........................................................................................................................718 show dot1p ............................................................................................................................720 show ports qosmonitor .............................................................................................................722 show qosprofile .......................................................................................................................724 unconfigure diffserv ................................................................................................................727 unconfigure qosprofile .............................................................................................................728

Chapter 15: Security Commands .................................................................................................. 731


clear vlan dhcp-address-allocation ............................................................................................732 configure dos-protect acl-expire................................................................................................733 configure dos-protect interval ...................................................................................................734 configure dos-protect trusted ports............................................................................................735 configure dos-protect type l3-protect alert-threshold ...................................................................737 configure dos-protect type l3-protect notify-threshold .................................................................738 configure ports limit-learning lock-learning ................................................................................739 configure radius server.............................................................................................................742 configure radius shared-secret ..................................................................................................744 configure radius timeout ..........................................................................................................746 configure radius-accounting server............................................................................................748 configure radius-accounting shared-secret .................................................................................750 configure radius-accounting timeout .........................................................................................752 configure ssh2 key ..................................................................................................................753 configure ssl certificate pregenerated ........................................................................................755 configure ssl certificate privkeylen ............................................................................................757 configure ssl privkey pregenerated ............................................................................................759 configure tacacs server ............................................................................................................761 configure tacacs shared-secret .................................................................................................763 configure tacacs timeout..........................................................................................................764 configure tacacs-accounting server ...........................................................................................765 configure tacacs-accounting shared-secret.................................................................................767 configure tacacs-accounting timeout .........................................................................................768 configure vlan dhcp-address-range............................................................................................769 configure vlan dhcp-lease-timer................................................................................................770 configure vlan dhcp-options .....................................................................................................771 disable dos-protect..................................................................................................................773 disable dhcp ports vlan............................................................................................................774 disable radius .........................................................................................................................775 disable radius-accounting ........................................................................................................776

12

ExtremeWare XOS 11.3 Command Reference

Contents disable ssh2 ...........................................................................................................................777 disable tacacs.........................................................................................................................778 disable tacacs-accounting ........................................................................................................779 disable tacacs-authorization .....................................................................................................780 disable web https ....................................................................................................................781 download ssl certificate ...........................................................................................................782 download ssl privkey................................................................................................................784 enable dos-protect ..................................................................................................................786 enable dos-protect simulated ...................................................................................................787 enable dhcp ports vlan ............................................................................................................788 enable radius..........................................................................................................................789 enable radius-accounting .........................................................................................................791 enable ssh2............................................................................................................................793 enable tacacs .........................................................................................................................795 enable tacacs-accounting.........................................................................................................796 enable tacacs-authorization......................................................................................................797 enable web https.....................................................................................................................798 scp2 ......................................................................................................................................800 show dhcp-server ....................................................................................................................803 show dos-protect .....................................................................................................................804 show radius ............................................................................................................................806 show radius-accounting ...........................................................................................................809 show ssl .................................................................................................................................811 show tacacs............................................................................................................................813 show tacacs-accounting ...........................................................................................................815 show vlan dhcp-address-allocation ............................................................................................817 show vlan dhcp-config .............................................................................................................818 ssh2 ......................................................................................................................................819 unconfigure radius ..................................................................................................................822 unconfigure radius-accounting..................................................................................................824 unconfigure tacacs ..................................................................................................................826 unconfigure tacacs-accounting .................................................................................................827 unconfigure vlan dhcp .............................................................................................................828 unconfigure vlan dhcp-address-range ........................................................................................829 unconfigure vlan dhcp-options..................................................................................................830

Chapter 16: Network Login Commands ......................................................................................... 831


clear netlogin state..................................................................................................................832 clear netlogin state mac-address...............................................................................................833 configure netlogin add mac-list ................................................................................................834 configure netlogin banner ........................................................................................................836 configure netlogin base-url.......................................................................................................837 configure netlogin delete mac-list .............................................................................................838 configure netlogin dot1x eapol-transmit-version .........................................................................839 configure netlogin dot1x guest-vlan...........................................................................................840 configure netlogin dot1x timers ................................................................................................842

ExtremeWare XOS 11.3 Command Reference

13

Contents configure netlogin local-user ....................................................................................................843 configure netlogin move-fail-action ...........................................................................................845 configure netlogin ports mode ..................................................................................................846 configure netlogin redirect-page ...............................................................................................850 configure netlogin vlan ............................................................................................................851 configure vlan netlogin-lease-timer ...........................................................................................852 create netlogin local-user .........................................................................................................853 delete netlogin local-user .........................................................................................................856 disable netlogin ......................................................................................................................857 disable netlogin dot1x guest-vlan ports......................................................................................858 disable netlogin logout-privilege ...............................................................................................859 disable netlogin ports ..............................................................................................................860 disable netlogin session-refresh ................................................................................................861 enable netlogin .......................................................................................................................862 enable netlogin dot1x guest-vlan ports ......................................................................................863 enable netlogin logout-privilege ................................................................................................865 enable netlogin ports ...............................................................................................................866 enable netlogin session-refresh.................................................................................................868 show banner netlogin...............................................................................................................869 show netlogin .........................................................................................................................870 show netlogin local-users .........................................................................................................875 show netlogin mac-list .............................................................................................................877 unconfigure netlogin dot1x guest-vlan .......................................................................................878 unconfigure netlogin vlan.........................................................................................................879

Chapter 17: CLEAR-Flow Commands ............................................................................................. 881


disable clear-flow ....................................................................................................................882 enable clear-flow.....................................................................................................................883 show clear-flow .......................................................................................................................884 show clear-flow acl-modified ....................................................................................................885 show clear-flow rule.................................................................................................................886 show clear-flow rule-all ............................................................................................................888 show clear-flow rule-triggered ...................................................................................................890

Chapter 18: EAPS Commands....................................................................................................... 891


configure configure configure configure configure configure configure configure configure configure configure eaps eaps eaps eaps eaps eaps eaps eaps eaps eaps eaps add control vlan ................................................................................................893 add protect vlan ................................................................................................895 delete control vlan.............................................................................................896 delete protect vlan.............................................................................................897 failtime ............................................................................................................898 failtime expiry-action .........................................................................................900 fast-convergence ...............................................................................................902 hellotime..........................................................................................................904 mode ...............................................................................................................906 name ...............................................................................................................907 port .................................................................................................................908

14

ExtremeWare XOS 11.3 Command Reference

Contents configure eaps shared-port link-id.............................................................................................910 configure eaps shared-port mode ..............................................................................................911 configure eaps shared-port segment-timeout expiry-action...........................................................912 create eaps.............................................................................................................................914 create eaps shared-port ...........................................................................................................915 delete eaps.............................................................................................................................916 delete eaps shared-port ...........................................................................................................917 disable eaps ...........................................................................................................................918 enable eaps ............................................................................................................................919 show eaps ..............................................................................................................................921 show eaps shared-port .............................................................................................................925 show vlan eaps .......................................................................................................................930 unconfigure eaps shared-port link-id .........................................................................................932 unconfigure eaps shared-port mode ..........................................................................................933 unconfigure eaps port ..............................................................................................................934

Chapter 19: STP Commands......................................................................................................... 935


clear counters stp ...................................................................................................................938 configure stpd add vlan ...........................................................................................................940 configure stpd default-encapsulation.........................................................................................943 configure stpd delete vlan ........................................................................................................945 configure stpd forwarddelay .....................................................................................................946 configure stpd hellotime ..........................................................................................................947 configure stpd maxage.............................................................................................................948 configure stpd mode................................................................................................................949 configure stpd ports cost..........................................................................................................950 configure stpd ports link-type ...................................................................................................952 configure stpd ports mode........................................................................................................954 configure stpd ports priority .....................................................................................................956 configure stpd priority .............................................................................................................957 configure stpd tag ...................................................................................................................958 configure vlan add ports stpd ...................................................................................................959 create stpd .............................................................................................................................961 delete stpd .............................................................................................................................963 disable stpd............................................................................................................................964 disable stpd auto-bind .............................................................................................................965 disable stpd ports ...................................................................................................................966 disable stpd rapid-root-failover .................................................................................................967 enable stpd ............................................................................................................................968 enable stpd auto-bind..............................................................................................................969 enable stpd ports ....................................................................................................................971 enable stpd rapid-root-failover ..................................................................................................972 show stpd...............................................................................................................................973 show stpd ports.......................................................................................................................975 show vlan stpd ........................................................................................................................977 unconfigure stpd .....................................................................................................................979

ExtremeWare XOS 11.3 Command Reference

15

Contents unconfigure stpd ports link-type ...............................................................................................980

Chapter 20: ESRP Commands....................................................................................................... 981


clear esrp counters ..................................................................................................................983 clear esrp neighbor..................................................................................................................985 clear esrp sticky ......................................................................................................................986 configure esrp add elrp-poll ports .............................................................................................988 configure esrp add master........................................................................................................989 configure esrp add member......................................................................................................990 configure esrp add track-environment........................................................................................991 configure esrp add track-iproute ...............................................................................................992 configure esrp add track-ping ...................................................................................................993 configure esrp add track-vlan ...................................................................................................994 configure esrp delete elrp-poll ports ..........................................................................................995 configure esrp delete master ....................................................................................................996 configure esrp delete member ..................................................................................................997 configure esrp delete track-environment ....................................................................................998 configure esrp delete track-iproute............................................................................................999 configure esrp delete track-ping..............................................................................................1000 configure esrp delete track-vlan ..............................................................................................1001 configure esrp domain-id .......................................................................................................1002 configure esrp election-policy .................................................................................................1003 configure esrp elrp-master-poll disable ....................................................................................1006 configure esrp elrp-master-poll enable.....................................................................................1007 configure esrp elrp-premaster-poll disable ...............................................................................1009 configure esrp elrp-premaster-poll enable ................................................................................1010 configure esrp group..............................................................................................................1012 configure esrp mode ..............................................................................................................1014 configure esrp name ..............................................................................................................1016 configure esrp ports mode......................................................................................................1017 configure esrp ports no-restart ................................................................................................1018 configure esrp ports restart ....................................................................................................1019 configure esrp ports weight ....................................................................................................1020 configure esrp priority............................................................................................................1022 configure esrp timer hello ......................................................................................................1023 configure esrp timer neighbor.................................................................................................1025 configure esrp timer neutral ...................................................................................................1027 configure esrp timer premaster ...............................................................................................1028 configure esrp timer restart ....................................................................................................1030 create esrp ...........................................................................................................................1031 delete esrp ...........................................................................................................................1033 disable esrp..........................................................................................................................1034 enable esrp ..........................................................................................................................1035 show esrp .............................................................................................................................1036 show esrp counters................................................................................................................1039

16

ExtremeWare XOS 11.3 Command Reference

Contents

Chapter 21: VRRP Commands..................................................................................................... 1041


clear counters vrrp ................................................................................................................1043 configure vrrp vlan vrid add ipaddress .....................................................................................1044 configure vrrp vlan vrid add track-iproute.................................................................................1045 configure vrrp vlan vrid add track-ping ....................................................................................1046 configure vrrp vlan vrid add track-vlan.....................................................................................1047 configure vrrp vlan vrid advertisement-interval .........................................................................1048 configure vrrp vlan vrid authentication.....................................................................................1049 configure vrrp vlan vrid delete ipaddress..................................................................................1050 configure vrrp vlan vrid delete track-iproute .............................................................................1051 configure vrrp vlan vrid delete track-ping .................................................................................1052 configure vrrp vlan vrid delete track-vlan .................................................................................1053 configure vrrp vlan vrid dont-preempt......................................................................................1054 configure vrrp vlan vrid preempt .............................................................................................1055 configure vrrp vlan vrid priority ...............................................................................................1056 create vrrp vlan vrid...............................................................................................................1057 delete vrrp vlan vrid...............................................................................................................1058 disable vrrp vrid ....................................................................................................................1059 enable vrrp vrid.....................................................................................................................1060 show vrrp .............................................................................................................................1061 show vrrp vlan.......................................................................................................................1063

Chapter 22: IP Unicast Commands ............................................................................................. 1065


clear iparp............................................................................................................................1067 configure bootprelay add........................................................................................................1068 configure bootprelay delete ....................................................................................................1069 configure bootprelay dhcp-agent information check ..................................................................1070 configure bootprelay dhcp-agent information option..................................................................1071 configure bootprelay dhcp-agent information policy ..................................................................1073 configure iparp add ...............................................................................................................1074 configure iparp add proxy.......................................................................................................1075 configure iparp delete............................................................................................................1077 configure iparp delete proxy ...................................................................................................1078 configure iparp max_entries ...................................................................................................1080 configure iparp max_pending_entries ......................................................................................1081 configure iparp max_proxy_entries ..........................................................................................1082 configure iparp timeout .........................................................................................................1083 configure iproute add ............................................................................................................1084 configure iproute add blackhole..............................................................................................1085 configure iproute add blackhole default...................................................................................1086 configure iproute add default .................................................................................................1087 configure iproute delete .........................................................................................................1088 configure iproute delete blackhole ..........................................................................................1089 configure iproute delete blackhole default ...............................................................................1090 configure iproute delete default ..............................................................................................1091 configure iproute priority........................................................................................................1092

ExtremeWare XOS 11.3 Command Reference

17

Contents configure irdp .......................................................................................................................1094 configure vlan add secondary-ipaddress...................................................................................1095 configure vlan delete secondary-ipaddress ...............................................................................1096 configure vlan udp-profile ......................................................................................................1097 disable bootp vlan .................................................................................................................1099 disable bootprelay .................................................................................................................1100 disable icmp address-mask ....................................................................................................1101 disable icmp parameter-problem.............................................................................................1102 disable icmp port-unreachables ..............................................................................................1103 disable icmp redirects ...........................................................................................................1104 disable icmp time-exceeded ...................................................................................................1105 disable icmp timestamp.........................................................................................................1106 disable icmp unreachables.....................................................................................................1107 disable icmp useredirects ......................................................................................................1108 disable iparp checking...........................................................................................................1109 disable iparp refresh..............................................................................................................1110 disable ipforwarding ..............................................................................................................1111 disable ip-option loose-source-route ........................................................................................1112 disable ip-option record-route.................................................................................................1113 disable ip-option record-timestamp .........................................................................................1114 disable ip-option strict-source-route ........................................................................................1115 disable ip-option router-alert ..................................................................................................1116 disable irdp ..........................................................................................................................1117 disable udp-echo-server .........................................................................................................1118 enable bootp vlan..................................................................................................................1119 enable bootprelay..................................................................................................................1120 enable icmp address-mask .....................................................................................................1121 enable icmp parameter-problem .............................................................................................1122 enable icmp port-unreachables...............................................................................................1123 enable icmp redirects ............................................................................................................1124 enable icmp time-exceeded....................................................................................................1125 enable icmp timestamp .........................................................................................................1126 enable icmp unreachables .....................................................................................................1127 enable icmp useredirects .......................................................................................................1128 enable iparp checking ...........................................................................................................1129 enable iparp refresh ..............................................................................................................1130 enable ipforwarding ...............................................................................................................1131 enable ip-option loose-source-route.........................................................................................1133 enable ip-option record-route .................................................................................................1134 enable ip-option record-timestamp..........................................................................................1135 enable ip-option strict-source-route.........................................................................................1136 enable ip-option router-alert ...................................................................................................1137 enable iproute sharing ...........................................................................................................1138 enable irdp ...........................................................................................................................1139 enable udp-echo-server..........................................................................................................1140 rtlookup ...............................................................................................................................1141

18

ExtremeWare XOS 11.3 Command Reference

Contents show bootprelay ....................................................................................................................1142 show iparp............................................................................................................................1143 show iparp proxy ...................................................................................................................1146 show ipconfig .......................................................................................................................1147 show iproute .........................................................................................................................1148 show iproute origin ................................................................................................................1149 show ipstats .........................................................................................................................1150 show udp-profile ...................................................................................................................1153 unconfigure bootprelay dhcp-agent information check ..............................................................1154 unconfigure bootprelay dhcp-agent information option ..............................................................1155 unconfigure bootprelay dhcp-agent information policy ..............................................................1156 unconfigure icmp ..................................................................................................................1157 unconfigure iparp..................................................................................................................1158 unconfigure irdp ...................................................................................................................1159 unconfigure udp-profile .........................................................................................................1160

Chapter 23: IPv6 Unicast Commands.......................................................................................... 1161


clear neighbor-discovery cache ...............................................................................................1162 configure iproute add ............................................................................................................1163 configure iproute add blackhole..............................................................................................1164 configure iproute add blackhole ipv6 default ...........................................................................1165 configure iproute add default .................................................................................................1167 configure iproute delete .........................................................................................................1168 configure iproute delete blackhole ..........................................................................................1169 configure iproute delete blackhole ipv6 default ........................................................................1170 configure iproute delete default ..............................................................................................1171 configure iproute ipv6 priority ................................................................................................1172 configure neighbor-discovery cache add ..................................................................................1174 configure neighbor-discovery cache delete ...............................................................................1175 configure vlan router-discovery add prefix ................................................................................1176 configure vlan router-discovery delete prefix.............................................................................1177 configure vlan router-discovery default-lifetime ........................................................................1178 configure vlan router-discovery hop-limit .................................................................................1179 configure vlan router-discovery link-mtu ..................................................................................1180 configure vlan router-discovery managed-config-flag .................................................................1181 configure vlan router-discovery max-interval.............................................................................1182 configure vlan router-discovery min-interval .............................................................................1183 configure vlan router-discovery other-config-flag.......................................................................1184 configure vlan router-discovery reachable-time .........................................................................1185 configure vlan router-discovery retransmit-time ........................................................................1186 configure vlan router-discovery set prefix .................................................................................1187 configure tunnel ipaddress .....................................................................................................1189 create tunnel 6to4 ................................................................................................................1190 create tunnel ipv6-in-ipv4......................................................................................................1191 delete tunnel ........................................................................................................................1192 disable ipforwarding ipv6 .......................................................................................................1193

ExtremeWare XOS 11.3 Command Reference

19

Contents disable router-discovery .........................................................................................................1194 enable ipforwarding ipv6........................................................................................................1195 enable router-discovery ..........................................................................................................1196 rtlookup ...............................................................................................................................1197 show ipconfig ipv6 ................................................................................................................1198 show iproute ipv6..................................................................................................................1199 show iproute ipv6 origin.........................................................................................................1200 show ipstats ipv6 ..................................................................................................................1201 show neighbor-discovery cache ipv6........................................................................................1202 show router-discovery ............................................................................................................1204 show tunnel..........................................................................................................................1206 unconfigure tunnel ................................................................................................................1207

Chapter 24: RIP Commands........................................................................................................ 1209


clear rip counters ..................................................................................................................1210 configure rip add vlan............................................................................................................1211 configure rip delete vlan ........................................................................................................1212 configure rip garbagetime ......................................................................................................1213 configure rip import-policy .....................................................................................................1214 configure rip routetimeout......................................................................................................1215 configure rip vlan rxmode.......................................................................................................1216 configure rip vlan txmode.......................................................................................................1217 configure rip updatetime........................................................................................................1218 configure rip vlan cost ...........................................................................................................1219 configure rip vlan route-policy ................................................................................................1220 configure rip vlan trusted-gateway...........................................................................................1222 disable rip ............................................................................................................................1223 disable rip aggregation...........................................................................................................1224 disable rip export ..................................................................................................................1225 disable rip originate-default ...................................................................................................1226 disable rip poisonreverse........................................................................................................1227 disable rip splithorizon ..........................................................................................................1228 disable rip triggerupdates.......................................................................................................1229 disable rip use-ip-router-alert .................................................................................................1230 enable rip.............................................................................................................................1231 enable rip aggregation ...........................................................................................................1232 enable rip export ...................................................................................................................1233 enable rip originate-default cost .............................................................................................1235 enable rip poisonreverse ........................................................................................................1236 enable rip splithorizon ...........................................................................................................1237 enable rip triggerupdates .......................................................................................................1238 enable rip use-ip-router-alert ..................................................................................................1239 show rip ...............................................................................................................................1240 show rip interface .................................................................................................................1241 show rip interface vlan...........................................................................................................1243 show rip memory...................................................................................................................1244

20

ExtremeWare XOS 11.3 Command Reference

Contents show rip routes .....................................................................................................................1245 unconfigure rip .....................................................................................................................1246

Chapter 25: RIPng Commands .................................................................................................... 1247


clear ripng counters...............................................................................................................1248 configure ripng add ...............................................................................................................1249 configure ripng delete............................................................................................................1250 configure ripng garbagetime ...................................................................................................1251 configure ripng import-policy..................................................................................................1252 configure ripng routetimeout ..................................................................................................1254 configure ripng updatetime ....................................................................................................1255 configure ripng cost...............................................................................................................1256 configure ripng route-policy....................................................................................................1257 configure ripng trusted-gateway ..............................................................................................1259 disable ripng ........................................................................................................................1261 disable ripng export...............................................................................................................1262 disable ripng originate-default ................................................................................................1263 disable ripng poisonreverse ....................................................................................................1264 disable ripng splithorizon .......................................................................................................1265 disable ripng triggerupdate.....................................................................................................1266 enable ripng .........................................................................................................................1267 enable ripng export ...............................................................................................................1268 enable ripng originate-default.................................................................................................1270 enable ripng poisonreverse .....................................................................................................1271 enable ripng splithorizon........................................................................................................1272 enable ripng triggerupdates....................................................................................................1273 show ripng............................................................................................................................1274 show ripng interface ..............................................................................................................1276 show ripng routes ..................................................................................................................1278 unconfigure ripng..................................................................................................................1280

Chapter 26: OSPF Commands ..................................................................................................... 1281


clear ospf counters ................................................................................................................1283 configure ospf cost ................................................................................................................1285 configure ospf priority............................................................................................................1286 configure ospf authentication .................................................................................................1287 configure ospf add virtual-link ................................................................................................1289 configure ospf add vlan area...................................................................................................1290 configure ospf add vlan area link-type .....................................................................................1291 configure ospf area external-filter............................................................................................1292 configure ospf area interarea-filter ..........................................................................................1293 configure ospf area add range.................................................................................................1294 configure ospf area delete range .............................................................................................1295 configure ospf area normal .....................................................................................................1296 configure ospf area nssa stub-default-cost ...............................................................................1297 configure ospf area stub stub-default-cost ...............................................................................1299

ExtremeWare XOS 11.3 Command Reference

21

Contents configure ospf area timer .......................................................................................................1300 configure ospf ase-limit .........................................................................................................1302 configure ospf ase-summary add.............................................................................................1303 configure ospf ase-summary delete .........................................................................................1304 configure ospf delete virtual-link.............................................................................................1305 configure ospf delete vlan ......................................................................................................1306 configure ospf import-policy ...................................................................................................1307 configure ospf lsa-batch-interval .............................................................................................1308 configure ospf metric-table ....................................................................................................1309 configure ospf restart.............................................................................................................1310 configure ospf restart grace-period ..........................................................................................1311 configure ospf restart-helper...................................................................................................1312 configure ospf routerid...........................................................................................................1314 configure ospf spf-hold-time...................................................................................................1315 configure ospf virtual-link timer ..............................................................................................1316 configure ospf vlan area .........................................................................................................1318 configure ospf vlan neighbor add ............................................................................................1319 configure ospf vlan neighbor delete.........................................................................................1320 configure ospf vlan timer .......................................................................................................1321 create ospf area ....................................................................................................................1323 delete ospf area ....................................................................................................................1324 disable ospf..........................................................................................................................1325 disable ospf capability opaque-lsa ..........................................................................................1326 disable ospf export ................................................................................................................1327 disable ospf originate-default .................................................................................................1328 disable ospf restart-helper-lsa-check .......................................................................................1329 disable ospf use-ip-router-alert ...............................................................................................1330 enable ospf ..........................................................................................................................1331 enable ospf capability opaque-lsa ...........................................................................................1332 enable ospf export.................................................................................................................1333 enable ospf originate-default ..................................................................................................1335 enable ospf restart-helper-lsa-check........................................................................................1336 enable ospf use-ip-router-alert ................................................................................................1337 show ospf .............................................................................................................................1338 show ospf area ......................................................................................................................1339 show ospf area detail .............................................................................................................1340 show ospf ase-summary .........................................................................................................1341 show ospf interfaces detail .....................................................................................................1342 show ospf interfaces ..............................................................................................................1343 show ospf lsdb ......................................................................................................................1344 show ospf memory.................................................................................................................1346 show ospf neighbor ...............................................................................................................1347 show ospf virtual-link.............................................................................................................1348 unconfigure ospf ...................................................................................................................1349

22

ExtremeWare XOS 11.3 Command Reference

Contents

Chapter 27: OSPFv3 Commands ................................................................................................. 1351


clear ospfv3 counters ............................................................................................................1352 configure ospfv3 add interface ...............................................................................................1354 configure ospfv3 add interface all ...........................................................................................1356 configure ospfv3 add virtual-link.............................................................................................1358 configure ospfv3 area add range .............................................................................................1359 configure ospfv3 area cost .....................................................................................................1360 configure ospfv3 area delete range..........................................................................................1361 configure ospfv3 area external-filter ........................................................................................1362 configure ospfv3 area interarea-filter.......................................................................................1364 configure ospfv3 area normal .................................................................................................1366 configure ospfv3 area priority .................................................................................................1367 configure ospfv3 area stub .....................................................................................................1368 configure ospfv3 area timer....................................................................................................1369 configure ospfv3 delete interface ............................................................................................1371 configure ospfv3 delete virtual-link .........................................................................................1372 configure ospfv3 import-policy ...............................................................................................1373 configure ospfv3 interface area...............................................................................................1375 configure ospfv3 interface cost ...............................................................................................1376 configure ospfv3 interface priority...........................................................................................1377 configure ospfv3 interface timer .............................................................................................1378 configure ospfv3 metric-table .................................................................................................1380 configure ospfv3 routerid .......................................................................................................1381 configure ospfv3 spf-hold-time ...............................................................................................1383 configure ospfv3 virtual-link timer ..........................................................................................1384 create ospfv3 area.................................................................................................................1386 delete ospfv3 area.................................................................................................................1387 disable ospfv3 ......................................................................................................................1388 disable ospfv3 export.............................................................................................................1389 enable ospfv3 .......................................................................................................................1390 enable ospfv3 export .............................................................................................................1391 show ospfv3 .........................................................................................................................1393 show ospfv3 area ..................................................................................................................1395 show ospfv3 interfaces ..........................................................................................................1397 show ospfv3 lsdb ..................................................................................................................1399 show ospfv3 lsdb stats...........................................................................................................1401 show ospfv3 memory .............................................................................................................1403 show ospfv3 neighbor ............................................................................................................1404 show ospfv3 virtual-link .........................................................................................................1405 unconfigure ospfv3................................................................................................................1406

Chapter 28: BGP Commands....................................................................................................... 1409


clear bgp neighbor counters ...................................................................................................1411 clear bgp flap-statistics .........................................................................................................1413 configure bgp add aggregate-address ......................................................................................1415 configure bgp add confederation-peer sub-AS-number ..............................................................1417

ExtremeWare XOS 11.3 Command Reference

23

Contents configure bgp add network .....................................................................................................1418 configure bgp AS-number ......................................................................................................1419 configure bgp cluster-id .........................................................................................................1420 configure bgp confederation-id ...............................................................................................1421 configure bgp delete aggregate-address ...................................................................................1422 configure bgp delete confederation-peer sub-AS-number...........................................................1423 configure bgp delete network..................................................................................................1424 configure bgp export shutdown-priority ....................................................................................1425 configure bgp import-policy....................................................................................................1427 configure bgp local-preference ...............................................................................................1428 configure bgp med ................................................................................................................1430 configure bgp neighbor dampening .........................................................................................1431 configure bgp neighbor description .........................................................................................1433 configure bgp neighbor maximum-prefix ..................................................................................1434 configure bgp neighbor next-hop-self ......................................................................................1436 configure bgp neighbor no-dampening.....................................................................................1437 configure bgp neighbor password ............................................................................................1438 configure bgp neighbor peer-group..........................................................................................1440 configure bgp neighbor route-policy ........................................................................................1442 configure bgp neighbor route-reflector-client............................................................................1443 configure bgp neighbor send-community .................................................................................1445 configure bgp neighbor shutdown-priority ................................................................................1447 configure bgp neighbor soft-reset............................................................................................1448 configure bgp neighbor source-interface ..................................................................................1450 configure bgp neighbor timer..................................................................................................1451 configure bgp neighbor weight................................................................................................1452 configure bgp peer-group dampening ......................................................................................1454 configure bgp peer-group maximum-prefix ...............................................................................1456 configure bgp peer-group next-hop-self....................................................................................1458 configure bgp peer-group no-dampening..................................................................................1459 configure bgp peer-group route-reflector-client.........................................................................1460 configure bgp peer-group send-community ..............................................................................1461 configure bgp peer-group password .........................................................................................1462 configure bgp peer-group remote-AS-number ...........................................................................1463 configure bgp peer-group route-policy .....................................................................................1464 configure bgp peer-group soft-reset.........................................................................................1465 configure bgp peer-group source-interface ...............................................................................1467 configure bgp peer-group timer...............................................................................................1469 configure bgp peer-group weight.............................................................................................1471 configure bgp routerid ...........................................................................................................1472 configure bgp soft-reconfiguration...........................................................................................1473 create bgp neighbor peer-group ..............................................................................................1474 create bgp neighbor remote-AS-number...................................................................................1475 create bgp peer-group............................................................................................................1476 delete bgp neighbor...............................................................................................................1477 delete bgp peer-group............................................................................................................1478

24

ExtremeWare XOS 11.3 Command Reference

Contents disable bgp ..........................................................................................................................1479 disable bgp aggregation .........................................................................................................1480 disable bgp always-compare-med............................................................................................1481 disable bgp community format ...............................................................................................1482 disable bgp export.................................................................................................................1483 disable bgp neighbor .............................................................................................................1485 disable bgp neighbor capability ..............................................................................................1486 disable bgp neighbor remove-private-AS-numbers.....................................................................1488 disable bgp neighbor soft-in-reset ...........................................................................................1489 disable bgp neighbor use-ip-router-alert ..................................................................................1490 disable bgp peer-group ..........................................................................................................1491 disable bgp peer-group capability ...........................................................................................1492 disable bgp peer-group remove-private-AS-numbers..................................................................1493 disable bgp peer-group soft-in-reset ........................................................................................1494 disable bgp peer-group use-ip-router-alert................................................................................1495 enable bgp ...........................................................................................................................1496 enable bgp aggregation ..........................................................................................................1497 enable bgp always-compare-med ............................................................................................1498 enable bgp community format ................................................................................................1499 enable bgp export .................................................................................................................1500 enable bgp neighbor ..............................................................................................................1502 enable bgp neighbor capability ...............................................................................................1503 enable bgp neighbor remove-private-AS-numbers .....................................................................1505 enable bgp neighbor soft-in-reset............................................................................................1506 enable bgp neighbor use-ip-router-alert ...................................................................................1507 enable bgp peer-group ...........................................................................................................1508 enable bgp peer-group capability ............................................................................................1509 enable bgp peer-group remove-private-AS-numbers ..................................................................1510 enable bgp peer-group soft-in-reset.........................................................................................1511 enable bgp peer-group use-ip-router-alert ................................................................................1512 show bgp..............................................................................................................................1513 show bgp neighbor ................................................................................................................1514 show bgp neighbor flap-statistics ............................................................................................1515 show bgp neighbor routes ......................................................................................................1517 show bgp peer-group .............................................................................................................1519 show bgp routes ....................................................................................................................1520 show bgp routes summary ......................................................................................................1522 show bgp memory .................................................................................................................1523

Chapter 29: IP Multicast Commands........................................................................................... 1525


clear igmp group ...................................................................................................................1527 clear igmp snooping ..............................................................................................................1528 clear pim cache ....................................................................................................................1529 configure igmp......................................................................................................................1530 configure igmp snooping flood-list ..........................................................................................1532 configure igmp snooping leave-timeout....................................................................................1534

ExtremeWare XOS 11.3 Command Reference

25

Contents configure igmp snooping timer ...............................................................................................1535 configure igmp snooping vlan ports add static group.................................................................1536 configure igmp snooping vlan ports delete static group .............................................................1538 configure igmp snooping vlan ports add static router ................................................................1539 configure igmp snooping vlan ports delete static router .............................................................1540 configure igmp snooping vlan ports filter .................................................................................1541 configure pim add vlan ..........................................................................................................1543 configure pim cbsr ................................................................................................................1544 configure pim crp static .........................................................................................................1545 configure pim crp timer .........................................................................................................1547 configure pim crp vlan ...........................................................................................................1548 configure pim delete vlan.......................................................................................................1550 configure pim register-rate-limit-interval..................................................................................1551 configure pim register-suppress-interval register-probe-interval ..................................................1552 configure pim register-checksum-to ........................................................................................1553 configure pim spt-threshold ...................................................................................................1554 configure pim timer vlan ........................................................................................................1555 configure pim vlan trusted-gateway .........................................................................................1556 disable igmp.........................................................................................................................1557 disable igmp snooping ...........................................................................................................1558 disable ipmcforwarding..........................................................................................................1560 disable pim ..........................................................................................................................1561 enable igmp .........................................................................................................................1562 enable igmp snooping............................................................................................................1563 enable igmp snooping with-proxy ............................................................................................1565 enable ipmcforwarding ..........................................................................................................1566 enable pim ...........................................................................................................................1567 show igmp............................................................................................................................1568 show igmp group...................................................................................................................1570 show igmp snooping ..............................................................................................................1571 show igmp snooping vlan filter ...............................................................................................1573 show igmp snooping vlan static ..............................................................................................1574 show l2stats .........................................................................................................................1575 show pim .............................................................................................................................1576 show pim cache ....................................................................................................................1578 unconfigure igmp ..................................................................................................................1580 unconfigure pim....................................................................................................................1581

Chapter 30: IPv6 Multicast Commands ....................................................................................... 1583


clear mld group.....................................................................................................................1584 clear mld snooping ................................................................................................................1585 configure mld .......................................................................................................................1586 configure mld snooping vlan ports add static group ..................................................................1588 configure mld snooping vlan ports delete static group ...............................................................1590 configure mld snooping vlan ports add static router ..................................................................1591 configure mld snooping vlan ports delete static router...............................................................1592

26

ExtremeWare XOS 11.3 Command Reference

Contents configure mld snooping flood-list ............................................................................................1593 configure mld snooping leave-timeout .....................................................................................1595 configure mld snooping timer .................................................................................................1596 disable mld ..........................................................................................................................1598 disable mld snooping.............................................................................................................1599 enable mld ...........................................................................................................................1601 enable mld snooping .............................................................................................................1602 enable mld snooping with-proxy..............................................................................................1604 show mld .............................................................................................................................1605 show mld group ....................................................................................................................1607 show mld snooping................................................................................................................1608 show mld snooping vlan static ................................................................................................1610 unconfigure mld....................................................................................................................1611

Appendix A: Configuration and Image Commands ........................................................................ 1613


configure firmware ................................................................................................................1614 download bootrom .................................................................................................................1617 download image ....................................................................................................................1620 install bootrom......................................................................................................................1627 install firmware .....................................................................................................................1629 install image.........................................................................................................................1631 run update ...........................................................................................................................1634 save configuration .................................................................................................................1635 show configuration ................................................................................................................1638 show memorycard .................................................................................................................1640 synchronize ..........................................................................................................................1641 unconfigure switch ................................................................................................................1644 uninstall image .....................................................................................................................1645 use configuration ..................................................................................................................1647 use image ............................................................................................................................1649

Appendix B: Troubleshooting Commands .................................................................................... 1651


clear elrp counters ................................................................................................................1653 configure debug coredumps ...................................................................................................1654 configure elrp-client one-shot .................................................................................................1656 configure elrp-client periodic..................................................................................................1658 disable elrp-client .................................................................................................................1660 disable log debug-mode .........................................................................................................1661 eject memorycard..................................................................................................................1662 enable elrp-client ..................................................................................................................1664 enable log debug-mode..........................................................................................................1665 nslookup ..............................................................................................................................1666 run diagnostics .....................................................................................................................1668 run elrp................................................................................................................................1671 save debug tracefiles .............................................................................................................1673 show debug ..........................................................................................................................1675 show diagnostics ...................................................................................................................1677

ExtremeWare XOS 11.3 Command Reference

27

Contents show elrp .............................................................................................................................1680 show platform .......................................................................................................................1682 show tech.............................................................................................................................1683 top ......................................................................................................................................1685 unconfigure elrp-client ..........................................................................................................1687

Appendix C: CNA Agent Commands............................................................................................. 1689


clear cna-testplug counters ....................................................................................................1690 configure cna-testplug scheduler ipaddress..............................................................................1691 configure cna-testplug vlan ....................................................................................................1693 disable cna-testplug ..............................................................................................................1694 enable cna-testplug ...............................................................................................................1695 show cna-testplug .................................................................................................................1696

Appendix D: Added, Modified, and Deleted Commands ................................................................ 1699 Index of Commands ................................................................................................................... 1701

28

ExtremeWare XOS 11.3 Command Reference

Preface
This preface provides an overview of this guide, describes guide conventions, and lists other publications that may be useful.

Introduction
This guide provides the complete syntax for all the commands available in the currently supported versions of the ExtremeWare XOS software running on modular switches from Extreme Networks. This guide is intended for use as a reference by network administrators who are responsible for installing and setting up network equipment. It assumes knowledge of Extreme Networks switch configuration. For conceptual information and guidance on configuring Extreme Networks switches, see the ExtremeWare XOS Concepts Guide for your version of the ExtremeWare XOS software.

Terminology
When features, functionality, or operation is specific to a switch family, the family name is used. Explanations about features and operations that are the same across all product families simply refer to the product as the switch.

Conventions
This sections discusses the conventions used in this guide.

Platform-dependent Conventions
Each command has a separate entry for platform availability, which addresses which platforms support the entire feature. In many cases, although the command is available on all platforms, each platform uses specific keywords. These keywords specific to each platform are shown in the Syntax Description and discussed in the Usage Guidelines.

ExtremeWare XOS 11.3 Command Reference

29

Preface

Text Conventions
Table 1 and Table 2 list conventions that are used throughout this guide.

Table 1: Notice icons


Icon Notice Type Note Alerts you to... Important features or instructions.

Caution

Risk of personal injury, system damage, or loss of data.

Warning

Risk of severe personal injury.

Table 2: Text conventions


Convention Screen displays The words enter and type [Key] names Description This typeface indicates command syntax, or represents information as it appears on the screen. When you see the word enter in this guide, you must type something, and then press the Return or Enter key. Do not press the Return or Enter key when an instruction simply says type. Key names are written with brackets, such as [Return] or [Esc]. If you must press two or more keys simultaneously, the key names are linked with a plus sign (+). Example: Press [Ctrl]+[Alt]+[Del]. Words in italicized type Italics emphasize a point or denote new terms at the place where they are defined in the text.

Command Titles
For clarity and brevity, the command titles omit variables, values, and optional arguments. The complete command syntax is displayed directly below the command titles.

Related Publications
The publications related to this one are:

ExtremeWare XOS release notes ExtremeWare XOS Concepts Guide Extreme Networks Consolidated XOS Hardware Installation Guide

Documentation for Extreme Networks products is available on the World Wide Web at the following location: http://www.extremenetworks.com/

30

ExtremeWare XOS 11.3 Command Reference

Command Reference Overview

Introduction
This guide provides details of the command syntax for all ExtremeWare XOS commands as of ExtremeWare XOS version 11.3. This guide does not provide feature descriptions, explanations of the technologies, or configuration examples. For information about the various features and technologies supported by Extreme Networks switches, see the installation and user guides for your product. This guide does not replace the installation and user guides; this guide supplements the installation and user guides. This chapter discusses the following topics:

Audience on page 31 Structure of this Guide on page 32 Platforms and Required Software Versions on page 32 Software Licensing on page 32 Understanding the Command Syntax on page 34 Port Numbering on page 36 Line-Editing Keys on page 38 Command History on page 38

Audience
This guide is intended for use by network administrators who are responsible for installing and setting up network equipment. It assumes a basic working knowledge of the following:

Local area networks (LANs) Ethernet concepts Ethernet switching and bridging concepts Routing concepts Internet Protocol (IP) concepts Routing Information Protocol (RIP) and Open Shortest Path First (OSPF) concepts Border Gateway Protocol (BGP-4) concepts IP Multicast concepts Protocol Independent Multicast (PIM) concepts Internet Packet Exchange (IPX) concepts Simple Network Management Protocol (SNMP)

This guide also assumes that you have read the Installation and User Guide for your product.

ExtremeWare XOS 11.3 Command Reference

31

Command Reference Overview

Structure of this Guide


This guide documents each ExtremeWare XOS command. Related commands are grouped together and organized into chapters based on their most common usage. The chapters reflect the organization of the ExtremeWare XOS Concepts Guide. If a specific command is relevant to a wide variety of functions and could be included in a number of different chapters, we have attempted to place the command in the most logical chapter. Within each chapter, commands appear in alphabetical order. You can use the Index of Commands to locate specific commands if they do not appear where you expect to find them. For each command, the following information is provided:

Command SyntaxThe actual syntax of the command. The syntax conventions (the use of braces or curly brackets, for example) are defined in the section Understanding the Command Syntax on page 34. DescriptionA brief (one sentence) summary of what the command does. Syntax DescriptionThe definition of any keywords and options used in the command. DefaultThe defaults, if any, for this command. The default can be the default action of the command if optional arguments are not provided, or it can be the default state of the switch (such as for an enable/disable command). Usage GuidelinesInformation to help you use the command. This may include prerequisites, prohibitions, and related commands, as well as other information. ExampleExamples of the command usage, including output, if relevant. HistoryThe version of ExtremeWare XOS in which the command was introduced, and version(s) where it was modified, if appropriate.

Platforms and Required Software Versions


ExtremeWare XOS is the full-featured software operating system that is designed to run on the Extreme Networks devices. ExtremeWare XOS supports the following platforms: BlackDiamond 10800 family of switchesExtremeWare XOS 10.1 and higher

BlackDiamond 8810 switch (formerly known as Aspen)ExtremeWare XOS 11.1 and higher Summit X450 switchExtremeWare XOS 11.2 and higher BlackDiamond 8806 switchExtremeWare XOS 11.3.1 and higher

Software Licensing
NOTE
Information on required licensing is in the Platform Availability section for each command. If there is not licensing information for the command, you do not need a license.

32

ExtremeWare XOS 11.3 Command Reference

Software Licensing As all switches ship with Advanced Edge capabilities, two level of software licensing apply to ExtremeWare XOS 11.3: the Core and the Advanced Core license (refer to Table 3). Additionally, the U.S. government requires a security license to enable certain features.

Table 3: Licensing requirements for ExtremeWare XOS version 11.3


License level Advanced Edge Core Advanced Core BlackDiamond 10K switch Ships (as part of Core license) Ships MSM 1N/A MSM1XLShips BlackDiamond 8800 family of switches Ships Requires license N/A Summit X450 switch Ships Requires license N/A

NOTE
With ExtremeWare XOS software version 11.2, BGP functionality moved from the Advanced Core license level to the Core license. You have BGP functionality with a Core license.

When you are working with modular switches, the license belongs with the switch chassis, not with the particular MSM module. The licensing levels required for each feature, if any, are outlined in the discussion of each feature. If licensing is not mentioned, the full functionality of that feature is available on every switch.

License Levels
This section discusses the licensing capabilities of the various switches.

Upgrading on the BlackDiamond 8800 Family of Switches and Summit X450 Switch Only
The BlackDiamond 8800 family of switches and the Summit X450 switch ship with an Advanced Edge license. With ExtremeWare XOS 11.2, you can obtain the Core license for these switches. The Core license provides additional functionality for some features, as well as Border Gateway Protocol (BGP) functionality, on the switches. The Advanced Core license is not available for the BlackDiamond 8800 family of switches or the Summit X450 switch. Once you obtain a license, you cannot downgrade licenses. The license key contains all the necessary information on the license level.

NOTE
Refer to the specific chapter of the ExtremeWare XOS Concepts Guide to determine if the Core license is required for some functionality. If not noted, all functionality is available, and license is not required.

ExtremeWare XOS 11.3 Command Reference

33

Command Reference Overview If you attempt to execute a command and you do not either have the required license or have reached the limits defined by the current license level, the system returns one of the following messages:
Error: This command cannot be executed at the current license level. Error: You have reached the maximum limit for this feature at this license level.

Upgrading on the BlackDiamond 10K Switch Only


The licensing levels on the BlackDiamond 10K switch depend on the MSM you have in your system:

The MSM 1 ships with a Core license; you cannot upgrade to an Advanced Core license. The MSM 1XL ships with an Advanced Core license. NOTE

Beginning with ExtremeWare XOS version 11.2, you can run BGP with a core license on the BlackDiamond 10K switch; that is both the MSM1 and the MSM1XL now run BGP.

If you attempt to execute a command and you do not either have the required license or have reached the limits defined by the current license level, the system returns one of the following messages:
Error: This command cannot be executed at the current license level. Error: You have reached the maximum limit for this feature at this license level.

Enabling and Displaying Licenses


To enable the license, use the following command:
enable license <key>

To display the current license level (as well as enabled feature packs), use the following command:
show licenses

Security Licensing
Certain additional ExtremeWare XOS features, such as the use of SSH2 encryption, may be under United States export restriction control. Extreme Networks ships these security features in a disabled state. You can obtain information on enabling these features at no charge from Extreme Networks.

Understanding the Command Syntax


This section covers the following topics:

Access Levels on page 35 Syntax Symbols on page 35 Command Completion with Syntax Helper on page 35 Names on page 36 Command Shortcuts on page 36

34

ExtremeWare XOS 11.3 Command Reference

Understanding the Command Syntax

Access Levels
When entering a command at the prompt, ensure that you have the appropriate privilege level. Most configuration commands require you to have the administrator privilege level.

Syntax Symbols
You may see a variety of symbols shown as part of the command syntax. These symbols explain how to enter the command, and you do not type them as part of the command itself. Table 4 summarizes command syntax symbols.

Table 4: Command syntax symbols


Symbol angle brackets < > Description Enclose a variable or value. You must specify the variable or value. For example, in the syntax configure vlan <vlan_name> ipaddress <ip_address> you must supply a VLAN name for <vlan_name> and an address for <ip_address> when entering the command. Do not type the angle brackets. You may not include spaces within angle brackets. square brackets [ ] Enclose a required value or list of required arguments. One or more values or arguments can be specified. For example, in the syntax use image [primary | secondary] you must specify either the primary or secondary image when entering the command. Do not type the square brackets. vertical bar | Separates mutually exclusive items in a list, one of which must be entered. For example, in the syntax configure snmp community [readonly | readwrite] <alphanumeric_string> you must specify either the read or write community string in the command. Do not type the vertical bar. braces { } Enclose an optional value or a list of optional arguments. One or more values or arguments can be specified. For example, in the syntax reboot {time <month> <day> <year> <hour> <min> <sec>} {cancel} {warm} {msm <slot_id>} you can specify either a particular date and time combination, or the keyword cancel to cancel a previously scheduled reboot. If you do not specify an argument, the command will prompt asking if you want to reboot the switch now. Do not type the braces.

Command Completion with Syntax Helper


The CLI has a built-in syntax helper. If you are unsure of the complete syntax for a particular command, enter as much of the command as possible and press [Tab]. The syntax helper provides a list of options for the remainder of the command, and places the cursor at the end of the command you have entered so far, ready for the next option. If the command is one where the next option is a named component, such as a VLAN, access profile, or route map, the syntax helper will also list any currently configured names that might be used as the next option. In situations where this list might be very long, the syntax helper will list only one line of names, followed by an ellipses to indicate that there are more names than can be displayed. The syntax helper also provides assistance if you have entered an incorrect command.

ExtremeWare XOS 11.3 Command Reference

35

Command Reference Overview

Abbreviated Syntax
Abbreviated syntax is the shortest unambiguous allowable abbreviation of a command or parameter. Typically, this is the first three letters of the command. If you do not enter enough letters to allow the switch to determine which command you mean, the syntax helper will provide a list of the options based on the portion of the command you have entered. NOTE
When using abbreviated syntax, you must enter enough characters to make the command unambiguous and distinguishable to the switch.

Names
All named components within a category of the switch configuration, such as VLAN, must have a unique name. Names can be re-used across categories, however. Names must begin with an alphabetical character and cannot contain any spaces. The maximum length for a name is 32 characters. Names may contain alphanumeric characters and underscores (_) and cannot be keywords, such as vlan, stp, and so on. NOTE
If you use the same name across categories (for example, STPD and EAPS names), you must specify the identifying keyword as well as the actual name.

Command Shortcuts
All named components within a category of the switch configuration must have a unique name. Components are named using the create command. When you enter a command to configure a named component, you do not need to use the keyword of the component. For example, to create a VLAN, you must enter a unique VLAN name:
create vlan engineering

Once you have created the VLAN with a unique name, you can then eliminate the keyword vlan from all other commands that require the name to be entered (unless you used the same name for another category such as STPD or EAPS). For example, instead of entering the modular switch command:
configure vlan engineering delete port 1:3,4:6

you could enter the following shortcut:


configure engineering delete port 1:3,4:6

Port Numbering
Commands that require you to enter one or more port numbers use the parameter <port_list> in the syntax. The available variables differ on a stand-alone switch and on a modular switch.

36

ExtremeWare XOS 11.3 Command Reference

Port Numbering

NOTE
The keyword all acts on all possible ports; it continues on all ports even if one port in the sequence fails.

Stand-alone Switch Numerical Ranges


Commands that require you to enter one or more port numbers on a stand-alone switch, such as the Summit X450 switch, use the parameter <port_list> in the syntax. A <port_list> can be a single port. For example, port 5 would be:
5

A <port_list> can also be a range of numbers. Separate the port numbers by a dash to enter a range of contiguous numbers, and separate the numbers by a comma to enter a range of noncontiguous numbers:

x-ySpecifies a contiguous series of ports on a stand-alone switch. x,ySpecifies a noncontiguous series of ports on a stand-alone switch. x-y,a,dSpecifies a contiguous series of ports and a noncontiguous series of ports on a stand-alone

switch.

Modular Switch Numerical Ranges


Commands that require you to enter one or more port numbers on a modular switch, such as the BlackDiamond 10K switch, use the parameter <port_list> in the syntax. The syntax for the port and slot is:
port <slot_number>:<port_number>

A <port_list> can be one port on a particular slot. For example, port 1 on slot 3 would be:
port 3:1

A <port_list> can be a range of numbers. For example, ports 1 through 3 on slot 3 would be:
port 3:1-3:3

You can add additional slot and port numbers to the list, separated by a comma:
port 3:1,4:8,6:10

You can specify all ports on a particular slot, using the asterisk (*) wildcard. For example,
port 3:*

indicates all ports on slot 3. You can specify a range of slots and ports. For example,
port 2:3-4:5

indicates slot 2, port 3 through slot 4, port 5.

ExtremeWare XOS 11.3 Command Reference

37

Command Reference Overview

Line-Editing Keys
Table 5 describes the line-editing keys available using the CLI.

Table 5: Line-editing keys


Key(s) Left arrow or [Ctrl] + B Right arrow or [Ctrl] + F [Ctrl] + H or Backspace Delete or [Ctrl] + D [Ctrl] + K Insert Left Arrow Right Arrow [Ctrl] + L [Ctrl] + P or Up Arrow [Ctrl] + N or Down Arrow [Ctrl] + U [Ctrl] + W [Ctrl] + C Description Moves the cursor one character to the left. Moves the cursor one character to the right. Deletes character to left of cursor and shifts remainder of line to left. Deletes character under cursor and shifts remainder of line to left. Deletes characters from under cursor to end of line. Toggles on and off. When toggled on, inserts text and shifts previous text to right. Moves cursor to left. Moves cursor to right. Clears screen and movers cursor to beginning of line. Displays previous command in command history buffer and places cursor at end of command. Displays next command in command history buffer and places cursor at end of command. Clears all characters typed from cursor to beginning of line. Deletes previous word. Interrupts the current CLI command execution.

Command History
ExtremeWare XOS remembers all the commands you enter. You can display a list of these commands by using the following command:
history

If you use a command more than once, consecutively, the history will only list the first instance.

38

ExtremeWare XOS 11.3 Command Reference

Commands for Accessing the Switch

This chapter describes commands used for:

Accessing and configuring the switch including how to set up user accounts, passwords, date and time settings, and software licenses Managing passwords Configuring the Domain Name Service (DNS) client Checking basic switch connectivity Enabling and displaying licenses Returning the switch to safe defaults mode

ExtremeWare XOS supports the following two levels of management:


User Administrator

A user-level account has viewing access to all manageable parameters, with the exception of:

User account database SNMP community strings

A user-level account can change the password assigned to the account name and use the ping command to test device reachability. An administrator-level account can view and change all switch parameters. It can also add and delete users and change the password associated with any account name. The administrator can disconnect a management session that has been established by way of a Telnet connection. If this happens, the user logged on by way of the Telnet connection is notified that the session has been terminated. The DNS client in ExtremeWare XOS augments certain ExtremeWare XOS commands to accept either IP addresses or host names. For example, DNS can be used during a Telnet session when you are accessing a device or when using the ping command to check the connectivity of a device. The switch offers the following commands for checking basic connectivity:

ping traceroute

The ping command enables you to send Internet Control Message Protocol (ICMP) echo messages to a remote IP device. The traceroute command enables you to trace the routed path between the switch and a destination endstation.

ExtremeWare XOS 11.3 Command Reference

39

Commands for Accessing the Switch

clear account lockout


clear account [all | <name>] lockout

Description
Re-enables an account that has been locked out (disabled) for exceeding the permitted number failed login attempts, which was configured by using the configure account password-policy lockouton-login-failures command.

Syntax Description
all name Specifies all users. Specifies an account name.

Default
N/A.

Usage Guidelines
This command applies to sessions at the console port of the switch as well as all other sessions. You can re-enable both user and administrative accounts, once they have been disabled for exceeding the 3 failed login attempts. NOTE
The failsafe accounts are never locked out.

This command only clears the locked-out (or disabled) condition of the account. The action of locking out accounts following the failed login attempts remains until you turn it off by issuing the configure account [all | <name>] password-policy lockout-on-login failures off command.

Example
The following command re-enables the account finance, which had been locked out (disabled) for exceeding 3 consecutive failed login attempts:
clear account finance lockout

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

40

ExtremeWare XOS 11.3 Command Reference

clear session

clear session
clear session [<sessId> | all]

Description
Terminates a Telnet and/or SSH2 sessions from the switch.

Syntax Description
sessId all Specifies a session number from show session output to terminate. Terminates all sessions.

Default
N/A.

Usage Guidelines
An administrator-level account can disconnect a management session that has been established by way of a Telnet connection. You can determine the session number of the session you want to terminate by using the show session command. The show session output displays information about current Telnet and/or SSH2 sessions including:

The session number The login date and time The user name The type of Telnet session Authentication information

Depending on the software version running on your switch, additional session information may be displayed. The session number is the first number displayed in the show session output.

Example
The following command terminates session 4 from the system:
clear session 4

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

41

Commands for Accessing the Switch

configure account
configure account <name>

Description
Configures a password for the specified account, either user account or administrative account.

Syntax Description
name Specifies an account name.

Default
N/A.

Usage Guidelines
You must create a user or administrative account before you can configure that account with a password. Use the create account account command to create a user account. The system prompts you to specify a password after you enter this command. You must enter a password for this command; passwords cannot be null. Passwords can have a minimum of 0 character and can have a maximum of 32 characters. Passwords are case-sensitive; user names are not case-sensitive.

NOTE
If the account is configured to require a specific password format, the minimum is 8 characters. See configure account password-policy char-validation for more information.

You must have administrator privileges to change passwords for accounts other than your own.

Example
The following command defines a new password green for the account marketing:
configure account marketing

The switch responds with a password prompt:


password: green

Your keystrokes will not be echoed as you enter the new password. After you enter the password, the switch will then prompt you to reenter it.
Reenter password: green

Assuming you enter it successfully a second time, the password is now changed.

42

ExtremeWare XOS 11.3 Command Reference

configure account

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

43

Commands for Accessing the Switch

configure account password-policy char-validation


configure account [all | <name>] password-policy char-validation [none | all-char-groups]

Description
Requires that the user include an upper-case letter, a lower-case letter, a digit, and a symbol in the password.

Syntax Description
all name none all-char-groups Specifies all users (and future users). Specifies an account name. Resets password to accept all formats. Specifies that the password must contain at least two characters from each of the four groups. NOTE: The password minimum length will be 8 characters if you specify this option.

Default
N/A.

Usage Guidelines
This feature is disabled by default. Once you issue this command, each password must include at least two characters of each of the following four types:

Upper-case A-Z Lower-case a-z 0-9 !, @, #, $, %, ^, *, (, )

The minimum number of characters for these specifically formatted passwords is 8 characters and the maximum is 32 characters. Use the none option to reset the password to accept all formats.

Example
The following command requires all users to use this specified format for all passwords:
configure account all password-policy char-validation all-char-groups

44

ExtremeWare XOS 11.3 Command Reference

configure account password-policy char-validation

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

45

Commands for Accessing the Switch

configure account password-policy history


configure account [all | <name>] password-policy history [<num_passwords> | none]

Description
Configures the switch to verify the specified number of previous passwords for the account. The user is prevented from changing the password on a user or administrative account to any of these previously saved passwords.

Syntax Description
all name num_passwords none Specifies all accounts (and future users). Specifies an account name. Specifies the number of previous passwords the system verifies for each account. The range is 1 to 10 passwords. Resets the system to not remember any previous passwords.

Default
N/A.

Usage Guidelines
Use this command to instruct the system to verify new passwords against a list of all previously used passwords, once an account successfully changes a password. The limit is the number of previous passwords that the system checks against in the record to verify the new password. If this parameter is configured, the system returns an error message if a user attempts to change the password to one that is saved by the system (up to the configured limit) for that account; this applies to both user and administrative accounts. This also applies to a configured password on the default admin account on the switch. The limit of previous passwords that the system checks for previous use is configurable from 1 to 10. Using the none option disables previous password tracking and returns the system to the default state of no record of previous passwords.

Example
The following command instructs the system to verify that the new password has not been used as a password in the previous 5 passwords for the account engineering:
configure account engineering password-policy history 5

History
This command was first available in ExtremeWare XOS 11.2.

46

ExtremeWare XOS 11.3 Command Reference

configure account password-policy history

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

47

Commands for Accessing the Switch

configure account password-policy lockout-on-loginfailures


configure account [all | <name>] password-policy lockout-on-login-failures [on | off]

Description
Disables an account after the user has 3 consecutive failed login attempts.

Syntax Description
all name on off Specifies all users (and future users). Specifies an account name. Specifies an account name. Resets the password to never lockout the user.

Default
N/A.

Usage Guidelines
If you are not working on SSH, you can configure the number of failed logins that trigger lockout, using the configure cli max-failed-logins <num-of-logins> command. This command applies to sessions at the console port of the switch as well as all other sessions and to user-level and administrator-level accounts. This command locks out the user after 3 consecutive failed login attempts; the users account must be specifically re-enabled by an administrator. Using the off option resets the account to allow innumerable consecutive failed login attempts, which is the system default. The system default is that 3 failed consecutive login attempts terminate the particular session, but the user may launch another session; there is no lockout feature by default.

NOTE
The failsafe accounts are never locked out, no matter how many consecutive failed login attempts.

Example
The following command enables the account finance for lockout. After 3 consecutive failed login attempts, the account is subsequently locked out:
configure account finance password-policy lockout-on-login-failures on

48

ExtremeWare XOS 11.3 Command Reference

configure account password-policy lockout-on-login-failures

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

49

Commands for Accessing the Switch

configure account password-policy max-age


configure account [all | <name>] password-policy max-age [<num_days> | none]

Description
Configures a time limit for the passwords for specified accounts. The passwords for the default admin account and the failsafe account do not age out.

Syntax Description
all name num_days none Specifies all accounts (and future users). Specifies an account name. Specifies the length of time that a password can be used. The range is 1 to 365 days. Resets the password to never expire.

Default
N/A.

Usage Guidelines
The passwords for the default admin account and the failsafe account never expire. The time limit is specified in days, from 1 to 365 days. Existing sessions are not closed when the time limit expires; it will not open the next time the user attempts to log in. When a user logs into an account with an expired password, the system first verifies that the entered password had been valid prior to expiring and then prompts the user to change the password.

NOTE
This is the sole time that a user with a user-level (opposed to an administrator-level) account can make any changes to the user-level account.

Using the none option prevents the password for the specified account from ever expiring (it resets the password to the system default of no time limit).

50

ExtremeWare XOS 11.3 Command Reference

configure account password-policy max-age

Example
The following command sets a 3-month time limit for the password for the account marketing:
configure account marketing password-policy max-age 90

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

51

Commands for Accessing the Switch

configure account password-policy min-length


configure account [all | <name>] password-policy min-length [<num_characters> | none]

Description
Requires a minimum number of characters for passwords.

Syntax Description
all name num_characters Specifies all accounts (and future users). Specifies an account name. Specifies the minimum number of characters required for the password. The range is 1 to 32 characters. NOTE: If you configure the configure account password-policy char-validation parameter, the minimum length is 8 characters. none Resets password to accept a minimum of 0 characters. NOTE: If you configure the configure account password-policy char-validation parameter, the minimum length is 8 characters.

Default
N/A.

Usage Guidelines
Use this command to configure a minimum length restriction for all passwords for specified accounts. This command affects the minimum allowed length for the next password; the current password is unaffected. The minimum password length is configurable from 1 to 32 characters. Using the none option disables the requirement of minimum password length and returns the system to the default state (password minimum is 0 by default).

NOTE
If the account is configured to require a specific password format, the minimum is 8 characters. See configure account password-policy char-validation for more information.

52

ExtremeWare XOS 11.3 Command Reference

configure account password-policy min-length

Example
The following command requires a minimum of 8 letters for the password for the account management:
configure account management password-policy min-length 8

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

53

Commands for Accessing the Switch

configure banner
configure banner

Description
Configures the banner string that is displayed at the beginning of each login prompt of each session.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Press [Return] at the beginning of a line to terminate the command and apply the banner. To clear the banner, press [Return] at the beginning of the first line. You can enter up to 24 rows of 79-column text that is displayed before the login prompt of each session.

Example
The following command adds a banner, Welcome to the switch, before the login prompt:
configure banner [Return] Welcome to the switch

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

54

ExtremeWare XOS 11.3 Command Reference

configure cli max-sessions

configure cli max-sessions


configure cli max-sessions <num-of-sessions>

Description
Limits number of simultaneous CLI sessions on the switch.

Syntax Description
num-of-sessions Specifies the maximum number of concurrent sessions permitted. The range is 1 to 16.

Default
The default is eight sessions.

Usage Guidelines
The value must be greater than 0; the range is 1 to 16.

Example
configure cli max-sessions 10

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

55

Commands for Accessing the Switch

configure cli max-failed-logins


configure cli max-failed-logins <num-of-logins>

Description
Establishes the maximum number of failed logins permitted before the session is terminated.

Syntax Description
num-of-logins Specifies the maximum number of failed logins permitted; the range is 1 to 10.

Default
The default is three logins.

Usage Guidelines
The value must be greater than 0; the range is 1 to 10.

Example
The following command sets the maximum number of failed logins to five:
configure cli max-failed-logins 5

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

56

ExtremeWare XOS 11.3 Command Reference

configure dns-client add

configure dns-client add


configure dns-client add [domain-suffix <domain_name> | name-server <ip_address> {vr <vr_name>}]

Description
Adds a domain suffix to the domain suffix list or a name server to the available server list for the DNS client.

Syntax Description
domain-suffix domain_name name-server ip_address vr Specifies adding a domain suffix. Specifies a domain name. Specifies adding a name server. Specifies an IP address for the name server. Specifies use of a virtual router. NOTE: User-created VRs are not available on the BlackDiamond 8800 family of switches (formerly known as Aspen) or the Summit X450 switch. vr_name Specifies a virtual router.

Default
N/A.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch do not support user-created VRs.

The domain suffix list can include up to six items. If the use of all previous names fails to resolve a name, the most recently added entry on the domain suffix list will be the last name used during name resolution. This command will not overwrite any exiting entries. If a null string is used as the last suffix in the list, and all other lookups fail, the name resolver will attempt to look up the name with no suffix. Up to eight DNS name servers can be configured. The default value for the virtual router used by the DNS client option is VR-Default.

Examples
The following command configures a domain name and adds it to the domain suffix list:
configure dns-client add domain-suffix xyz_inc.com

ExtremeWare XOS 11.3 Command Reference

57

Commands for Accessing the Switch The following command specifies that the switch use the DNS server 10.1.2.1:
configure dns-client add name-server 10.1.2.1

The following command on the BlackDiamond 10K switch specifies that the switch use the virtual router Management:
configure dns-client add name-server 10.1.2.1 vr VR-Management

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

58

ExtremeWare XOS 11.3 Command Reference

configure dns-client default-domain

configure dns-client default-domain


configure dns-client default-domain <domain_name>

Description
Configures the domain that the DNS client uses if a fully qualified domain name is not entered.

Syntax Description
domain_name Specifies a default domain name.

Default
N/A.

Usage Guidelines
The default domain name will be used to create a fully qualified host name when a domain name is not specified. For example, if the default domain name is set to food.com then when a command like ping dog is entered, the ping will actually be executed as ping dog.food.com.

Example
The following command configures the default domain name for the server:
configure dns-client default-domain xyz_inc.com

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

59

Commands for Accessing the Switch

configure dns-client delete


configure dns-client delete [domain-suffix <domain_name> | name-server <ip_address> {vr <vr_name>}]

Description
Deletes a domain suffix from the domain suffix list or a name server from the available server list for the DNS client.

Syntax Description
domain-suffix domain_name name-server ip_address vr Specifies deleting a domain suffix. Specifies a domain name. Specifies deleting a name server. Specifies an IP address for the name server. Specifies deleting a virtual router. NOTE: User-created VRs are not available on the BlackDiamond 8800 family of switches or the Summit X450 switch. vr_name Specifies a virtual router.

Default
N/A.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Specifying a domain suffix removes an entry from the domain suffix list. If the deleted item was not the last entry in the list, all items that had been added later are moved up in the list. If no entries in the list match the domain name specified, an error message will be displayed. The default value for the virtual router used by the DNS client option is VR-Default.

Examples
The following command deletes a domain name from the domain suffix list:
configure dns-client delete domain-suffix xyz_inc.com

The following command removes a DNS server from the list:


configure dns-client delete name-server 10.1.2.1

60

ExtremeWare XOS 11.3 Command Reference

configure dns-client delete

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

61

Commands for Accessing the Switch

configure failsafe-account
configure failsafe-account

Description
Configures a name and password for the failsafe account.

Syntax Description
This command has no arguments or variables.

Default
The failsafe account is always configured.

Usage Guidelines
The failsafe account is the account of last resort to access your switch. You will be prompted for the failsafe account name, and prompted twice to specify the password for the account. For example:
BD-10808.1 # configure failsafe-account enter failsafe user name: blue5green enter failsafe password: enter password again: BD-10808.2

The failsafe account is immediately saved to NVRAM.

NOTE
The information that you use to configure the failsafe account cannot be recovered by Extreme Networks. Technical support cannot retrieve passwords or account names for this account. Protect this information carefully.

To access your switch using the failsafe account, you must be connected to the serial port of the switch. You cannot access the failsafe account through any other port. At the switch login prompt, carefully enter the failsafe account name. If you enter an erroneous account name, you cannot re-enter the correct name. Once you enter the failsafe account name, you are prompted to enter the password. Once you successfully log in to the failsafe account, you see the following prompt:
failsafe>

62

ExtremeWare XOS 11.3 Command Reference

configure failsafe-account From here, you have four command choices:


Loginuse this command to access the switch CLI. You will have full administrator capabilities. Rebootuse this command to reboot the current MSM (on modular switches). Helpuse this command to display a short help text. Exituse this command to exit the failsafe account and return to the login prompt.

Typically, you would use the Login command to correct the problem that required you to use the failsafe account.

Example
The following command defines a failsafe account:
configure failsafe-account

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

63

Commands for Accessing the Switch

configure idletimeout
configure idletimeout <minutes>

Description
Configures the time-out for idle console, SSH2, and Telnet sessions.

Syntax Description
minutes Specifies the time-out interval, in minutes. Range is 1 to 240 (1 minute to 4 hours).

Default
The default time-out is 20 minutes.

Usage Guidelines
This command configures the length of time the switch will wait before disconnecting idle console, SSH2, or Telnet sessions. The idletimeout feature must be enabled for this command to have an effect (the idletimeout feature is enabled by default).

Example
The following command sets the time-out for idle login and console sessions to 10 minutes:
configure idletimeout 10

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

64

ExtremeWare XOS 11.3 Command Reference

configure safe-default-script

configure safe-default-script
configure safe-default-script

Description
Allows you to change management access to your device and to enhance security. Runs an interactive script that prompts you to choose to enable or disable SNMP, Telnet, Web access, and enabled ports. Refer to Safe Defaults Setup Method on page 47 in the Extreme Networks XOS Concepts Guide for complete information on the safe default mode.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Once you issue this command, the system presents you with the following interactive script:
Telnet is enabled by default. Telnet is unencrypted and has been the target of security exploits in the past. Would you like to disable Telnet? [y/N]: No SNMP access is enabled by default. SNMP uses no encryption, SNMPv3 can be configured to eliminate this problem. Would you like to disable SNMP? [y/N]: No All ports are enabled by default. In some secure applications, it maybe more desirable for the ports to be turned off. Would you like unconfigured ports to be turned off by default? [y/N]: No Since you have chosen less secure management methods, please remember to increase the security of your network by taking the following actions: * change your admin password * change your SNMP public and private strings * consider using SNMPv3 to secure network management traffic

Example
The following command reruns the interactive script to configure management access:
configure safe-default-script

ExtremeWare XOS 11.3 Command Reference

65

Commands for Accessing the Switch

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

66

ExtremeWare XOS 11.3 Command Reference

configure time

configure time
configure time <month> <day> <year> <hour> <min> <sec>

Description
Configures the system date and time.

Syntax Description
month day year hour min sec Specifies the month. The range is 1-12. Specifies the day of the month. The range is 1-31. Specifies the year in the YYYY format.The range is 2003 to 2036. Specifies the hour of the day. The range is 0 (midnight) to 23 (11 pm). Specifies the minute. The range is 0-59. Specifies the second. The range is 0-59.

Default
N/A.

Usage Guidelines
The format for the system date and time is as follows:
mm dd yyyy hh mm ss

The time uses a 24-hour clock format. You cannot set the year earlier than 2003 or past 2036. You have the choice of inputting the entire time/date string. If you provide one item at a time and press [Tab], the screen prompts you for the next item. Press <cr> to complete the input.

Example
The following command configures a system date of February 15, 2002 and a system time of 8:42 AM and 55 seconds:
configure time 02 15 2002 08 42 55

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

67

Commands for Accessing the Switch

configure timezone
configure timezone {name <tz_name>} <GMT_offset> {autodst {name <dst_timezone_ID>} {<dst_offset>} {begins [every <floatingday> | on <absoluteday>] {at <time_of_day>} {ends [every <floatingday> | on <absoluteday>] {at <time_of_day>}}} | noautodst}

Description
Configures the Greenwich Mean Time (GMT) offset and Daylight Saving Time (DST) preference.

Syntax Description
GMT_offset std-timezone-ID autodst dst-timezone-ID dst_offset floating_day Specifies a Greenwich Mean Time (GMT) offset, in + or - minutes. Specifies an optional name for this timezone specification. May be up to six characters in length. The default is an empty string. Enables automatic Daylight Saving Time. Specifies an optional name for this DST specification. May be up to six characters in length. The default is an empty string. Specifies an offset from standard time, in minutes. Value is in the range of 1 to 60. Default is 60 minutes. Specifies the day, week, and month of the year to begin or end DST each year. Format is: <week> <day> <month> where: <week> is specified as [first | second | third | fourth | last] or 1-5. <day> is specified as [sunday | monday | tuesday | wednesday | thursday | friday | saturday] or 1-7 (where 1 is Sunday). <month> is specified as [january | february | march | april | may | june | july | august | september | october | november | december] or 1-12. Default for beginning is first sunday april; default for ending is last sunday october. absolute_day Specifies a specific day of a specific year on which to begin or end DST. Format is: <month> <day> <year> where: <month> is specified as 1-12. <day> is specified as 1-31. <year> is specified as 2003-2035. The year must be the same for the begin and end dates. time_of_day noautodst Specifies the time of day to begin or end Daylight Saving Time. May be specified as an hour (0-23) or as hour:minutes. Default is 2:00. Disables automatic Daylight Saving Time.

Default
Autodst, beginning every first Sunday in April, and ending every last Sunday in October.

68

ExtremeWare XOS 11.3 Command Reference

configure timezone

Usage Guidelines
Network Time Protocol (NTP) server updates are distributed using GMT time. To properly display the local time in logs and other timestamp information, the switch should be configured with the appropriate offset to GMT based on geographic location. The gmt_offset is specified in +/- minutes from the GMT time. Automatic DST changes can be enabled or disabled. The default configuration, where DST begins on the first Sunday in April at 2:00 AM and ends the last Sunday in October at 2:00 AM, applies to most of North America, and can be configured with the following syntax: configure timezone <gmt_offst> autodst. The starting and ending date and time for DST may be specified, as these vary in time zones around the world.

Use the every keyword to specify a year-after-year repeating set of dates (for example, the last Sunday in March every year) Use the on keyword to specify a non-repeating, specific date for the specified year. If you use this option, you will need to specify the command again every year. The begins specification defaults to every first sunday april. The ends specification defaults to every last sunday october. The ends date may occur earlier in the year than the begins date. This will be the case for countries in the Southern Hemisphere. If you specify only the starting or ending time (not both) the one you leave unspecified will be reset to its default. The time_of_day specification defaults to 2:00. The timezone IDs are optional. They are used only in the display of timezone configuration information in the show switch command.

To disable automatic DST changes, re-specify the GMT offset using the noautodst option:
configure timezone <gmt_offst> noautodst.

NTP updates are distributed using GMT time. To properly display the local time in logs and other timestamp information, the switch should be configured with the appropriate offset to GMT based on geographical location. Table 6 describes the GMT offsets.

Table 6: Greenwich Mean Time offsets


GMT Offset in Hours +0:00 GMT Offset in Minutes +0 Common Time Zone References GMT - Greenwich Mean UT or UTC - Universal (Coordinated) WET - Western European -1:00 -2:00 -3:00 -4:00 -5:00 -6:00 -60 -120 -180 -240 -300 -360 AST - Atlantic Standard EST - Eastern Standard CST - Central Standard WAT - West Africa AT - Azores Cape Verde Islands Azores Brasilia, Brazil; Buenos Aires, Argentina; Georgetown, Guyana; Caracas; La Paz Bogota, Columbia; Lima, Peru; New York, NY, Trevor City, MI USA Mexico City, Mexico Cities London, England; Dublin, Ireland; Edinburgh, Scotland; Lisbon, Portugal; Reykjavik, Iceland; Casablanca, Morocco

ExtremeWare XOS 11.3 Command Reference

69

Commands for Accessing the Switch

Table 6: Greenwich Mean Time offsets (Continued)


GMT Offset in Hours -7:00 -8:00 -9:00 -10:00 GMT Offset in Minutes -420 -480 -540 -600 Common Time Zone References MST - Mountain Standard PST - Pacific Standard YST - Yukon Standard AHST - Alaska-Hawaii Standard CAT - Central Alaska HST - Hawaii Standard -11:00 -12:00 +1:00 -660 -720 +60 NT - Nome IDLW - International Date Line West CET - Central European FWT - French Winter MET - Middle European MEWT - Middle European Winter SWT - Swedish Winter +2:00 +120 EET - Eastern European, Russia Zone 1 Athens, Greece; Helsinki, Finland; Istanbul, Turkey; Jerusalem, Israel; Harare, Zimbabwe Kuwait; Nairobi, Kenya; Riyadh, Saudi Arabia; Moscow, Russia; Tehran, Iran Abu Dhabi, UAE; Muscat; Tblisi; Volgograd; Kabul New Delhi, Pune, Allahabad, India Paris, France; Berlin, Germany; Amsterdam, The Netherlands; Brussels, Belgium; Vienna, Austria; Madrid, Spain; Rome, Italy; Bern, Switzerland; Stockholm, Sweden; Oslo, Norway Cities Saskatchewan, Canada Los Angeles, CA, Cupertino, CA, Seattle, WA USA

+3:00 +4:00 +5:00 +5:30 +6:00 +7:00 +8:00 +9:00 +10:00

+180 +240 +300 +330 +360 +420 +480 +540 +600

BT - Baghdad, Russia Zone 2 ZP4 - Russia Zone 3 ZP5 - Russia Zone 4 IST India Standard Time ZP6 - Russia Zone 5 WAST - West Australian Standard CCT - China Coast, Russia Zone 7 JST - Japan Standard, Russia Zone 8 EAST - East Australian Standard GST - Guam Standard Russia Zone 9

+11:00 +12:00

+660 +720 IDLE - International Date Line East NZST - New Zealand Standard NZT - New Zealand Wellington, New Zealand; Fiji, Marshall Islands

Example
The following command configures GMT offset for Mexico City, Mexico and disables automatic DST:
configure timezone -360 noautodst

70

ExtremeWare XOS 11.3 Command Reference

configure timezone The following four commands are equivalent, and configure the GMT offset and automatic DST adjustment for the US Eastern timezone, with an optional timezone ID of EST:
configure timezone name EST -300 autodst name EDT 60 begins every first sunday april at 2:00 ends every last sunday october at 2:00 configure timezone name EST -300 autodst name EDT 60 begins every 1 1 4 at 2:00 ends every 5 1 10 at 2:00 configure timezone name EST -300 autodst name EDT configure timezone -300 autodst

The following command configures the GMT offset and automatic DST adjustment for the Middle European timezone, with the optional timezone ID of MET:
configure timezone name MET 60 autodst name MDT begins every last sunday march at 1 ends every last sunday october at 1

The following command configures the GMT offset and automatic DST adjustment for New Zealand. The ending date must be configured each year because it occurs on the first Sunday on or after March 5:
configure timezone name NZST 720 autodst name NZDT 60 begins every first sunday october at 2 ends on 3/16/2002 at 2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

71

Commands for Accessing the Switch

create account
create account [admin | user] <account-name> {encrypted <password> }

Description
Creates a new user account.

Syntax Description
admin user account-name encrypted password Specifies an access level for account type admin. Specifies an access level for account type user. Specifies a new user account name. See Usage Guidelines for more information. Specifies an encrypted option. Specifies a user password. See Usage Guidelines for more information. NOTE: On the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch, if you do not want a password associated with the specified account, press Enter twice.

Default
By default, the switch is configured with two accounts with the access levels shown in Table 7.

Table 7: User account levels


Account Name admin user Access Level This user can access and change all manageable parameters. The admin account cannot be deleted. This user can view (but not change) all manageable parameters, with the following exceptions: This user cannot view the user account database. This user cannot view the SNMP community strings. This user cannot view SSL settings. This user has access to the ping command.

You can use the default names (admin and user), or you can create new names and passwords for the accounts. Default accounts do not have passwords assigned to them.

Usage Guidelines
The switch can have a total of 16 user accounts. The system must have one administrator account. You must have administrator privileges to change passwords for accounts other than your own. User names and passwords are case-sensitive. User account names must have a minimum of 1 character and can have a maximum of 32 characters. Passwords must have a minimum of 0 characters and can have a maximum of 32 characters.

72

ExtremeWare XOS 11.3 Command Reference

create account

NOTE
On the BlackDiamond 8800 family of switches and the Summit X450 switch, if you do not want a password associated with the specified account, press Enter twice.

Example
The following command creates a new account named John2 with administrator privileges:
create account admin John2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

73

Commands for Accessing the Switch

delete account
delete account <name>

Description
Deletes a specified user account.

Syntax Description
name Specifies a user account name.

Default
N/A.

Usage Guidelines
Use the show accounts command to determine which account you want to delete from the system. The show accounts output displays the following information in a tabular format:

The user name Access information associated with each user User login information Session information

Depending on the software version running on your switch and the type of switch you have, additional account information may be displayed. You must have administrator privileges to delete a user account. The system must have one administrator account; the command will fail if an attempt is made to delete the last administrator account on the system. To ensure security, change the password on the default account, but do not delete it. The changed password will remain intact through configuration uploads and downloads. If you must delete the default account, first create another administrator-level account.

Example
The following command deletes account John2:
delete account John2

History
This command was first available in ExtremeWare XOS 10.1.

74

ExtremeWare XOS 11.3 Command Reference

delete account

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

75

Commands for Accessing the Switch

disable cli space-completion


disable cli space-completion

Description
Disables the ExtremeWare XOS feature that completes a command automatically with the spacebar. If you disable this feature, The [Tab] key can still be used for auto-completion.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
disable cli space-completion

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

76

ExtremeWare XOS 11.3 Command Reference

disable clipaging

disable clipaging
disable clipaging

Description
Disables pausing at the end of each show screen.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
The command line interface (CLI) is designed for use in a VT100 environment. Most show command output will pause when the display reaches the end of a page. This command disables the pause mechanism and allows the display to print continuously to the screen. CLI paging is only active on a per-shell session basis. In other words, when you enable or disable CLI paging from within the current configuration, it only affects that session. For new or existing sessions, paging is enabled by default. This setting cannot be saved. To view the status of CLI paging on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for CLI paging.

Example
The follow command disables clipaging and allows you to print continuously to the screen:
disable clipaging

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

77

Commands for Accessing the Switch

disable idletimeout
disable idletimeout

Description
Disables the timer that disconnects idle sessions from the switch.

Syntax Description
This command has no arguments or variables.

Default
Enabled. Timeout 20 minutes.

Usage Guidelines
When idle time-outs are disabled, console sessions remain open until the switch is rebooted or until you logoff. Telnet sessions remain open until you close the Telnet client. To view the status of idle time-outs on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for idle time-outs.

Example
The following command disables the timer that disconnects all sessions to the switch:
disable idletimeout

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

78

ExtremeWare XOS 11.3 Command Reference

enable cli space-completion

enable cli space-completion


enable cli space-completion

Description
Enables the ExtremeWare XOS feature that completes a command automatically with the spacebar. The [Tab] key can also be used for auto-completion.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
enable cli space-completion

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

79

Commands for Accessing the Switch

enable clipaging
enable clipaging

Description
Enables the pause mechanism and does not allow the display to print continuously to the screen.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
The command line interface (CLI) is designed for use in a VT100 environment. Most show command output will pause when the display reaches the end of a page. To view the status of CLI paging on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for CLI paging. If CLI paging is enabled and you use the show tech command to diagnose system technical problems, the CLI paging feature is disabled. CLI paging is only active on a per-shell session basis. In other words, when you enable or disable CLI paging from within the current configuration, it only affects that session. For new or existing sessions, paging is enabled by default. This setting cannot be saved.

Example
The following command enables clipaging and does not allow the display to print continuously to the screen:
enable clipaging

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

80

ExtremeWare XOS 11.3 Command Reference

enable idletimeout

enable idletimeout
enable idletimeout

Description
Enables a timer that disconnects Telnet, SSH2, and console sessions after a period of inactivity (20 minutes is default).

Syntax Description
This command has no arguments or variables.

Default
Enabled. Timeout 20 minutes.

Usage Guidelines
You can use this command to ensure that a Telnet, SSH2, or console session is disconnected if it has been idle for the required length of time. This ensures that there are no hanging connections. To change the period of inactivity that triggers the timeout for a Telnet, SSH2, or console session, use the configure timezone command. To view the status of idle timeouts on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for idle timeouts. You can configure the length of the timeout interval.

Example
The following command enables a timer that disconnects any Telnet, SSH2, and console sessions after 20 minutes of inactivity:
enable idletimeout

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

81

Commands for Accessing the Switch

enable license
enable license <key>

Description
Enables software license that allows you to use advanced features.

Syntax Description
key Specifies your hexadecimal license key in format xxxx-xxxx-xxxx-xxxx-xxxx.

Default
N/A

Usage Guidelines
The license levels that apply to ExtremeWare XOS version 11.3 are shown in Table 8.

Table 8: Licensing requirements for ExtremeWare XOS version 11.2


License level Advanced Edge Core Advanced Core BlackDiamond 10K switch Ships Ships MSM 1Requires license MSM1XLShips BlackDiamond 8800 family of switches Ships Requires license N/A Summit X450 switch Ships Requires license N/A

NOTE
With ExtremeWare XOS software version 11.2, BGP functionality moved from the Advanced Core license level to the Core license. You have BGP functionality with a Core license.

To obtain a license, specify the key in the format xxxx-xxxx-xxxx-xxxx-xxxx. You obtain the license key either by ordering it from the factory or by obtaining a license voucher from your Extreme Networks supplier. You can obtain a regular license; you cannot downgrade licenses. The voucher contains all the necessary information on the license level and on obtaining the software license key using the Extreme Network Support website at: http://www.extremenetworks.com After you enable the license by entering the software key, the system returns a message that you either successfully or unsuccessfully set the license.

82

ExtremeWare XOS 11.3 Command Reference

enable license Once you enable the license (or if you do not use the correct key, attempt to downgrade the license, or already installed the license) you see one of the following error messages:
Enabled license successfully. Error: Unable to set license using supplied key. Error: Unable to set license - downgrade of licenses is not supported. Error: Unable to set license - license is already enabled.

Once installed (or enabled), the license goes with the switch chassis itself (not with the MSM module on modular switches). The license information is stored in EEPROM and persists through reboots, software upgrades, power outages, and reconfigurations. If you attempt to execute a command and you do not either have the required license or have reached the limits defined by the current license level, the system returns one of the following messages:
Error: This command cannot be executed at the current license level. Error: You have reached the maximum limit for this feature at this license level.

To view the type of license you are currently running on the switch, use the show licenses command. The license key number is not displayed, but the type of license is displayed in the show licenses output.

Example
The following command enables a license on the switch:
enable license 2d5e-0e84-e87d-c3fe-bfff

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

83

Commands for Accessing the Switch

history
history

Description
Displays a list of all the commands entered on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
ExtremeWare XOS remembers all the commands you entered on the switch. Use the history command to display a list of these commands.

Example
The following command displays all the commands entered on the switch:
history

If you use a command more than once, consecutively, the history will only list the first instance.

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

84

ExtremeWare XOS 11.3 Command Reference

ping

ping
ping {count <count> {start-size <start-size>} | continuous {start-size <start-size>} | {start-size <start-size> {end-size <end-size>}}} {udp} {dont-fragment} {ttl <ttl>} {tos <tos>} {interval <interval>} {vr <vrid>} {ipv4 <host> | ipv6 <host>} {from} {with record-route}

Description
Enables you to send User Datagram Protocol (UDP) or Internet Control Message Protocol (ICMP) echo messages or to a remote IP device.

Syntax Description
count start-size continuous end-size udp dont-fragment ttl tos interval vr Specifies the number of ping requests to send. Specifies the size, in bytes, of the packet to be sent, or the starting size if incremental packets are to be sent. Specifies that UDP or ICMP echo messages to be sent continuously. This option can be interrupted by pressing [Ctrl} + C. Specifies an end size for packets to be sent. Specifies that the ping request should use UDP instead of ICMP. Sets the IP to not fragment the bit. Sets the TTL value. Sets the TOS value. Sets the time interval between sending out ping requests. Specifies the virtual route to use for sending out the echo message. If not specified, VR-Default is used. NOTE: User-created VRs are not available on the BlackDiamond 8800 family of switches (formerly known as Aspen) or the Summit X450 switch. ipv4 ipv6 Specifies IPv4 transport. Specifies IPv6 transport. NOTE: If you are contacting an IPv6 link local address, you must specify the VLAN you are sending the message from: ping <ipv6> <link-local address> %<vlan_name> <host>. host from with record-route Specifies a host name or IP address (either v4 or v6). Uses the specified source address. If not specified, the address of the transmitting interface is used. Sets the traceroute information.

Default
N/A.

ExtremeWare XOS 11.3 Command Reference

85

Commands for Accessing the Switch

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

The ping command is used to test for connectivity to a specific host. You use the ipv6 variable to ping an IPv6 host by generating an ICMPv6 echo request message and sending the message to the specified address. If you are contacting an IPv6 link local address, you must specify the VLAN you sending the message from, as shown in the following example (you must include the % sign): ping <ipv6> <link-local address> %<vlan_name> <host>.

NOTE
You must specify the targets IPv6 address to use this functionality. DNS for IPv6 is not supported, so the ping resolves to an IPv4 address if you specify a host name.

The ping command is available for both the user and administrator privilege level.

Example
The following command enables continuous ICMP echo messages to be sent to a remote host:
ping continuous 123.45.67.8

History
This command was first available in ExtremeWare XOS 10.1. The IPv6 variable was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

86

ExtremeWare XOS 11.3 Command Reference

reboot

reboot
reboot {time <month> <day> <year> <hour> <min> <sec>} {cancel} {warm} {msm <slot_id>}

Description
Reboots the switch or the module in the specified slot at a specified date and time.

Syntax Description
time cancel warm msm slot_id Specifies a reboot date in mm dd yyyy format and reboot time in hh mm ss format. Cancels a previously scheduled reboot. Restarts software only. Specifies rebooting the MSM module. NOTE: This variable is available only on modular switches. Specifies the slot--A or B--for an MSM module. NOTE: This variable is available only on modular switches.

Default
N/A.

Usage Guidelines
If you do not specify a reboot time, the switch will reboot immediately following the command, and any previously scheduled reboots are cancelled. Prior to rebooting, the switch returns the following message:
Do you want to save configuration changes to primary and reboot? (y - save and reboot, n - reboot without save, <cr> - cancel command)

To cancel a previously scheduled reboot, use the cancel option. Modular switches only. The modules that can be rebooted are switch fabric MSM modules. BlackDiamond 8800 family of switches only. On the BlackDiamond 8800 family of switches, if your default BootROM image becomes corrupted, you can force the MSM to boot from an alternate BootROM image by inserting a sharp object into the A and R holes on the MSM and applying slight pressure. Refer to Extreme Networks Consolidated XOS Hardware Installation Guide for information on the MSM. The reboot MSM option on the BlackDiamond 8800 family of switches affects the entire module.

Example
The following command reboots the switch at 8:00 AM on April 15, 2005:
reboot time 04 15 2005 08 00 00

ExtremeWare XOS 11.3 Command Reference

87

Commands for Accessing the Switch

History
This command was first available in ExtremeWare XOS 10.1. The alternate BootROM image was added in ExtremeWare XOS 11.1. The warm keyword was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms. The alternate BootROM is available only on the BlackDiamond 8800 family of switches.

88

ExtremeWare XOS 11.3 Command Reference

show accounts

show accounts
show accounts

Description
Displays user account information for all users on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
You need to create a user account using the create account command before you can display user account information. To view the accounts that have been created, you must have administrator privileges. The show accounts command displays the following information in a tabular format:

User NameThe name of the user. This list displays all of the users who have access to the switch. AccessThis may be listed as R/W for read/write or RO for read only. Login OKThe number of logins that are okay. FailedThe number of failed logins. Accounts locked outAccount configured to be locked out after 3 consecutive failed login attempts (using the configure account password-policy lockout-on-login-failures command).

Example
The following command displays user account information on the switch:
show accounts pppuser

Output from this command looks similar to the following:


User Name Access LoginOK Failed ---------------- ------ ------- -----admin R/W 3 1 user RO 0 0 dbackman R/W 0 0 ron* RO 0 0 nocteam RO 0 0 ---------------------------------------(*) - Account locked

ExtremeWare XOS 11.3 Command Reference

89

Commands for Accessing the Switch

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

90

ExtremeWare XOS 11.3 Command Reference

show accounts password-policy

show accounts password-policy


show accounts password-policy

Description
Displays password policy information for all users on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
To view the password management information, you must have administrator privileges. The show accounts password-policy command displays the following information in a tabular format:

Global password management parameters applied to new accounts upon creation:


Maximum ageThe maximum number of days for the passwords to remain valid. History limitThe number of previous password that the switch scans prior to validating a new password. Minimum lengthThe minimum number of characters in passwords. Character validationThe passwords must be in the specific format required by the configure account password-policy char-validation command. Lockout on login failuresIf enabled, the system locks out users after 3 failed login attempts. Accounts locked outNumber of accounts locked out.

User NameThe name of the user. This list displays all of the users who have access to the switch. Password Expiry DateDate the password for this account expires; may be blank. Password Max. ageThe number of days originally allowed to passwords on this account; may show None. Password Min. lengthThe minimum number of characters required for passwords on this account; may show None. Password History LimitThe number of previous passwords the system scans to disallow duplication on this account; may show None.

Example
The following command displays the password management parameters configured for each account on the switch:
show accounts password-policy

ExtremeWare XOS 11.3 Command Reference

91

Commands for Accessing the Switch Output from this command looks similar to the following:
--------------------------------------------------------------------------Accounts global configuration(applied to new accounts on creation) --------------------------------------------------------------------------Password Max. age : None Password History limit : None Password Min. length : None Password Character Validation : Disabled Accts. lockout on login failures: Disabled Accounts locked out : No --------------------------------------------------------------------------User Name Password Password Password Password Flags Expiry Max. age Min. len History Date Limit --------------------------------------------------------------------------admin None None None --user None None None --test Apr-17-2005 12 32 9 C---------------------------------------------------------------------------Flags: (C) Password character validation enabled, (L) Account locked out (l) Account lockout on login failures enabled

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

92

ExtremeWare XOS 11.3 Command Reference

show banner

show banner
show banner

Description
Displays the user-configured banner string.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to view the banner that is displayed before the login prompt.

Example
The following command displays the switch banner:
show banner

Output from this command looks similar to the following:


Extreme Networks Summit X450 Switch ######################################################### Unauthorized Access is strictly prohibited. Violators will be persecuted #########################################################

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

93

Commands for Accessing the Switch

show dns-client
show dns-client

Description
Displays the DNS configuration.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays the DNS configuration:
show dns-client

Output from this command looks similar to the following:


Number of domain suffixes: 2 Domain Suffix 1: njudah.local Domain Suffix 2: dbackman.com Number of name servers: 2 Name Server 1: 172.17.1.104 Name Server 2: 172.17.1.123

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

94

ExtremeWare XOS 11.3 Command Reference

show licenses

show licenses
show licenses

Description
Displays current license level on your switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
The license levels that apply to ExtremeWare XOS version 11.3 are shown in Table 9.

Table 9: Licensing requirements for ExtremeWare XOS version 11.2


License level Advanced Edge Core Advanced Core BlackDiamond 10K switch Ships (as part of Core license) Ships MSM 1N/A MSM1XLShips BlackDiamond 8800 family of switches Ships Requires license N/A Summit X450 switch Ships Requires license N/A

The command displays information on the license level and feature packs enabled on the switch. NOTE
Refer to the specific chapter that discusses each feature of the ExtremeWare XOS Concepts Guide to determine if a license is required for some functionality. If not noted, all functionality is available, and license is not required.

Example
The following command displays the license level configuration:
show licenses

Output from this command looks similar to the following:


Enabled License Level: Core

ExtremeWare XOS 11.3 Command Reference

95

Commands for Accessing the Switch

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

96

ExtremeWare XOS 11.3 Command Reference

show switch

show switch
show switch {detail}

Description
Displays the current switch information.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
The show switch command displays:

sysName, sysLocation, sysContact MAC address System health check Recovery mode Watchdog state Current date, time, system boot time, and time zone configuration Any scheduled reboot information MSM information (available only on modular switches) Current state (available only on stand-alone switches)

OPERATIONAL OPERATIONAL (OverHeat) FAILED

Software image information (primary/secondary image and version) Configuration information (primary/secondary configuration and version)

This information may be useful for your technical support representative if you have a problem. Depending on the software version running on your switch, additional or different switch information may be displayed.

Example
The following command displays current switch information:
show switch

ExtremeWare XOS 11.3 Command Reference

97

Commands for Accessing the Switch Output from this command on the BlackDiamons 10K switch looks similar to the following:
SysName: SysLocation: SysContact: System MAC: SysHealth check: Recovery Mode: System Watchdog: Current Time: Timezone: BD-10808 support@extremenetworks.com, +1 888 257 3000 00:30:48:41:ED:45 Enabled None Enabled Wed May 19 11:04:32 2004 [Auto DST Enabled] GMT Offset: -480 minutes, name is PST. DST of 0 minutes is currently in effect, name is PDT. DST begins every first Sunday April at 2:00 DST ends every last Sunday October at 2:00 Sat May 15 17:19:29 2004 None scheduled

Boot Time: Next Reboot:

MSM: Current State: Image Selected: Image Booted: Primary ver: Secondary ver: Config Selected: Config Booted: primary.cfg

MSM-A * -----------------------MASTER primary primary 11.1.0.14 11.1.0.14 primary.cfg primary.cfg

MSM-B -----------------------INIT

Created by ExtremeWare XOS version 10.2.0.14 223 bytes saved on Fri May 14 13:36:37 2004

Output from this command on the stand-alone Summit X450 switch looks similar to the following:
SysName: SysLocation: SysContact: System MAC: System Watchdog: Current Time: Timezone: Boot Time: Next Reboot: SummitX450-24x support@extremenetworks.com, +1 888 257 3000 00:04:96:1F:A5:3E Enabled Sat Feb 14 04:57:33 2004 [Auto DST Disabled] GMT Offset: 0 minutes, name is UTC. Fri Feb 13 23:57:48 2004 None scheduled

Current State: Image Selected: Image Booted: Primary ver: Secondary ver: Config Selected:

OPERATIONAL primary primary 11.2.0.16 11.2.0.10 primary.cfg

98

ExtremeWare XOS 11.3 Command Reference

show switch
Config Booted: primary.cfg primary.cfg Created by ExtremeWare XOS version 11.2.0.16 93463 bytes saved on Sat Feb 14 04:24:31 2004

The show switch detail command displays the same information shown above.

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

99

Commands for Accessing the Switch

traceroute
traceroute {vr <vrid>} {ipv4 <host>} {ipv6 <host>} {ttl <number>} {from <from>} {[port <port>] | icmp}

Description
Enables you to trace the routed path between the switch and a destination endstation.

Syntax Description
vr Specifies a virtual router. NOTE: User-created VRs are not available on the BlackDiamond 8800 family of switches or the Summit X450 switch. vrid Specifies which virtual router. NOTE: User-created VRs are not available on the BlackDiamond 8800 family of switches or the Summit X450 switch ipv4 ipv6 host ttl <number> from <from> port <port> icmp Specifies IPv4 transport. Specifies IPv6 transport. Specifies the host of the destination endstation. Configures the switch to trace up to the time-to-live number of the switch. Uses the specified source address in the ICMP packet. If not specified, the address of the transmitting interface is used. Specifies the UDP port number. Configures the switch to send ICMP echo messages to trace the routed path between the switch and a destination endstation.

Default
N/A.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created virtual routers.

Each router along the path is displayed. Beginning with ExtremeWare XOS 11.2, you can trace the routed path between the switch and the given IPv6 address.

100

ExtremeWare XOS 11.3 Command Reference

traceroute

NOTE
You must specify the targets IPv6 address to use this functionality. DNS for IPv6 is not supported, so the traceroute resolves to an IPv4 address if you specify a host name.

Example
The following command enables the traceroute function to a destination of 123.45.67.8:
traceroute 123.45.67.8

History
This command was first available in ExtremeWare XOS 10.1. The IPv6 variable was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

101

Commands for Accessing the Switch

102

ExtremeWare XOS 11.3 Command Reference

Commands for Managing the Switch

This chapter describes commands for:


Configuring Simple Network Management Protocol (SNMP) parameters on the switch Managing the switch using Telnet Transferring files using the Trivial File Transfer Protocol (TFTP) Configuring system redundancy Displaying power management statistics on the switch Configuring Simple Network Time Protocol (SNTP) parameters on the switch

SNMP
Any network manager running the Simple Network Management Protocol (SNMP) can manage the switch, if the Management Information Base (MIB) is installed correctly on the management station. Each network manager provides its own user interface to the management facilities. The following SNMP parameters can be configured on the switch:

Authorized trap receivers An authorized trap receiver can be one or more network management stations on your network. The switch sends SNMP traps to all trap receivers. Entries in this list can be created, modified, and deleted using the RMON2 trapDestTable MIB table, as described in RFC 2021, and the SNMPv3 tables. Authorized managersAn authorized manager can be either a single network management station, or a range of addresses (for example, a complete subnet) specified by a prefix and a mask. Community stringsThe community strings allow a simple method of authentication between the switch and the remote network manager. The default read-only community string is public. The default read-write community string is private. The community strings for all authorized trap receivers must be configured on the switch for the trap receiver to receive switch-generated traps. System contact (optional)The system contact is a text field that enables you to enter the name of the person(s) responsible for managing the switch. System name (optional)The system name enables you to enter a name that you have assigned to this switch. The default name is the model name of the switch (for example, BD-1.2). System location (optional)Using the system location field, you can the location of the switch. NOTE

If you specify volatile storage when configuring SNMP parameters, that configuration is not saved across a switch reboot.

ExtremeWare XOS 11.3 Command Reference

103

Commands for Managing the Switch

Telnet
Telnet allows you to access the switch remotely using TCP/IP through one of the switch ports or a workstation with a Telnet facility. If you access the switch via Telnet, you will use the command line interface (CLI) to manage the switch and modify switch configurations.

TFTP
ExtremeWare XOS supports the Trivial File Transfer Protocol (TFTP) based on RFC 1350. TFTP is a method used to transfer files from one network device to another. The ExtremeWare XOS TFTP client is a command line application used to contact an external TFTP server on the network. For example, ExtremeWare XOS uses TFTP to download software image files, switch configuration files, and access control lists (ACLs) from a server on the network to the switch.

System Redundancy with Dual MSMs Installed Modular Switches Only


If you install two MSMs in a modular switch, one assumes the role of primary (master) and the other assumes the role of backup. The primary MSM provides all of the switch management functions including bringing up and programming the I/O modules, running the bridging and routing protocols, and configuring the switch. The primary also keeps synchronized with the backup MSM in case the backup MSM needs to take over the management functions if the primary MSM fails.

Power Supply Management


On modular switches, ExtremeWare XOS monitors and manages power consumption on the switch by periodically checking the power supply units (PSUs) and testing them for failures. To determine the health of the PSU, ExtremeWare XOS checks the voltage, current, and temperature of the PSU. The power management capability of ExtremeWare XOS:

Protects the system from overload conditions Monitors all installed PSUs, even installed PSUs that are disabled Enables and disables PSUs as required Powers up or down I/O modules based on available power and required power resources Logs power resource changes, including power budget, total available power, redundancy, and so on Detects and isolates faulty PSUs

On the Summit X450 switch, ExtremeWare XOS reports when the PSU has power or has failed. The SummitX450 switch supports an internal power supply with a range of 90V to 240V AC power as well as an external redundant power supply. The Extreme Networks External Power System (EPS) allows you to add a redundant power supply to the Summit X450 switch to protect against a power supply failure. The EPS consists of a tray (EPS-T) that holds one or two EPS-160 power supplies. The EPS-160

104

ExtremeWare XOS 11.3 Command Reference

Simple Network Time Protocol provides 100V to 240V AC power. Each EPS-160 power supply provides one-to-one redundancy to an attached SummitX450 switch.

Simple Network Time Protocol


ExtremeWare XOS supports the client portion of the Simple Network Time Protocol (SNTP) Version 3 based on RFC1769. SNTP can be used by the switch to update and synchronize its internal clock from a Network Time Protocol (NTP) server. When enabled, the switch sends out a periodic query to the indicated NTP server, or the switch listens to broadcast NTP updates. In addition, the switch supports the configured setting for Greenwich Mean time (GMT) offset and the use of Daylight Saving Time.

ExtremeWare XOS 11.3 Command Reference

105

Commands for Managing the Switch

configure node priority


configure node slot <slot_id> priority <node_pri>

Description
Configures the priority of the node.

Syntax Description
slot_id node_pri Specifies the slot of the node. A is for the MSM installed in slot A. B is for the MSM installed in slot B. Specifies the priority of the node. The default 0 gives MSM-A a higher priority over MSM-B. The range is 1 to 100; 0 means you have not configured a node priority.

Default
Default node priority is 0.

Usage Guidelines
Use this command to configure the priority of the node. The lower the number, the higher the priority. The node priority is part of the selection criteria for the master node. The following list describes the parameters used to determine the master node:

Node stateThe node state must be STANDBY to participate in leader election and to be selected master. If the node is in the INIT, DOWN, or FAIL states, the node will not participate in leader election. Configuration priorityThis is a user assigned priority. The configured priority is compared only after the node meets the minimum thresholds in each category for it to be healthy. Required processes and devices must not fail. Software healthThis represents the percent of processes available. Health of secondary hardware componentsThis represents the health of switch components, such as the power supplies, fans, and so forth. Slot IDThe MSM slot where the node is installed (MSM-A or MSM-B).

If you do not configure any priorities, MSM-A has a higher priority than MSM-B.

Example
The following command configures a priority of 2 for MSM-B:
configure node slot B priority 2

106

ExtremeWare XOS 11.3 Command Reference

configure node priority

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches.

ExtremeWare XOS 11.3 Command Reference

107

Commands for Managing the Switch

configure power supply


configure power supply <ps_num> {auto | on}

Description
Configures a power supply for either automatic power management, or forced on, regardless of the impact to the total available system power.

Syntax Description
ps_num auto on Specifies the slot number of the installed power supply unit (PSU) to which this command applies. Specifies that ExtremeWare XOS determines the enabled or disabled state of the PSU to maximize total system power. This is the default. Specifies that the PSU be enabled even if ExtremeWare XOS determines it should be disabled. This action may reduce the total available system power and may result in one or more I/O modules powering down.

Default
The default setting is auto; ExtremeWare XOS either enables or disables the PSU in order to maximize total system power.

Usage Guidelines
If a switch has PSUs with a mix of both 220V AC and 110V AC inputs, ExtremeWare XOS maximizes system power by automatically taking one of two possible actions:

If all PSUs are enabled then all PSUs must be budgeted at 110V AC to prevent overload of PSUs with 110V AC inputs. OR If the PSUs with 110V AC inputs are disabled, then the PSUs with 220V AC inputs can be budgeted with a higher output per PSU.

ExtremeWare XOS computes the total available power using both methods and automatically uses the PSU configuration that provides the greatest amount of power to the switch. Table 10 lists combinations where ExtremeWare XOS maximizes system power by disabling the PSUs with 110V AC inputs.

Table 10: PSU combinations where 110V PSUs are disabled


Number of PSUs with 220V AC Inputs 2 3 3 4 4 Number of PSUs with 110V AC Inputs 1 1 2 1 2

108

ExtremeWare XOS 11.3 Command Reference

configure power supply

Table 10: PSU combinations where 110V PSUs are disabled (Continued)
Number of PSUs with 220V AC Inputs 5 Number of PSUs with 110V AC Inputs 1

For all other combinations of 220V AC and 110V AC PSUs, ExtremeWare XOS maximizes system power by enabling all PSUs and budgeting each PSU at 110V AC. In addition to the PSU, you can specify the following options:

autoSpecifies that ExtremeWare XOS determines the enabled or disabled state of the PSU to

maximize total system power. This is the default.

onSpecifies that the PSU be enabled even if ExtremeWare XOS determines it should be disabled. This action may reduce the total available system power and may result in one or more I/O modules powering down.

You can override automatic power supply management to enable a PSU with 110V AC inputs that ExtremeWare XOS disables if the need arises, such as for a planned maintenance of 220V AC circuits. If the combination of AC inputs represents one of those listed in Table 10, you can turn on a disabled PSU using the configure power supply <ps_num> on command.

NOTE
If you override automatic power supply management, you may reduce the available power and cause one or more I/O modules to power down.

To resume using automatic power supply management on a PSU, use the configure power supply <ps_num> auto command. The setting for each PSU is stored as part of the switch configuration. To display power supply status and power budget information use the show power and show power
budget commands.

Example
The following command configures the PSU in slot 1 to be forced on when either 110V AC or 220V AC power input is present, overriding automatic power management:
configure power supply 1 on

The switch displays the following message:


In a mixed environment of 110V and 220V AC inputs, power management may automatically disable 110V supplies to maximize the system power budget. By specifying 'on', you wish to override power management and enable the specified power supply. This may cause the system power budget to decrease and one or more I/O cards may be powered off as a result. Are you sure you want to continue? (y/n)

Enter y to continue.

ExtremeWare XOS 11.3 Command Reference

109

Commands for Managing the Switch

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available only on modular switches.

110

ExtremeWare XOS 11.3 Command Reference

configure snmp add community

configure snmp add community


configure snmp add community [readonly | readwrite] <alphanumeric_string>

Description
Adds an SNMP read or read/write community string.

Syntax Description
readonly readwrite alphanumeric_string Specifies read-only access to the system. Specifies read and write access to the system. Specifies an SNMP community string name. See Usage Guidelines for more information.

Default
The default read-only community string is public. The default read/write community string is private.

Usage Guidelines
Community strings provide a simple method of authentication between a switch and a remote network manager. Read community strings provide read-only access to the switch. The default read-only community string is public. Read-write community strings provide read and write access to the switch. The default read/write community string is private. Sixteen read-only and sixteen read/write community strings can be configured on the switch, including the defaults. An authorized trap receiver must be configured to use the correct community strings on the switch for the trap receiver to receive switch-generated traps. In some cases, it may be useful to allow multiple community strings so that all switches and trap receivers are not forced to use identical community strings. The configure snmp add community command allows you to add multiple community strings in addition to the default community string. An SNMP community string can contain up to 32 characters. Extreme Networks recommends that you change the defaults of the community strings. To change the value of the default read/write and read-only community strings, use the configure snmp delete community command.

Example
The following command adds a read/write community string with the value extreme:
configure snmp add community readwrite extreme

History
This command was first available in ExtremeWare XOS 10.1.

ExtremeWare XOS 11.3 Command Reference

111

Commands for Managing the Switch

Platform Availability
This command is available on all platforms.

112

ExtremeWare XOS 11.3 Command Reference

configure snmp add trapreceiver

configure snmp add trapreceiver


configure snmp add trapreceiver <ip_address> community [[hex <hex_community_name>] | <community_name>] {port <port_number>} {from <src_ip_address>} {mode <trap_mode> [enhanced | standard]}

Description
Adds the IP address of a trap receiver to the trap receiver list and specifies which SNMPv1/v2c traps are to be sent.

Syntax Description
ip_address hex_community_name community_name port_number src_ip_address trap_mode Specifies an SNMP trap receiver IP address. Specifies that the trap receiver is to be supplied as a colon separated string of hex octets. Specifies the community string of the trap receiver to be supplied in ASCII format. Specifies a UDP port to which the trap should be sent. Default is 162. Specifies the IP address of a VLAN to be used as the source address for the trap. Specifies the mode of the traps: enhancedContains extra varbinds at the end. standardDoes not contain extra varbinds.

Default
Trap receivers are in enhanced mode by default, and the version is SNMPv2c by default.

Usage Guidelines
The IP address can be unicast, multicast, or broadcast. An authorized trap receiver can be one or more network management stations on your network. Authorized trap receivers must be configured on the switch for the trap receiver to receive switchgenerated traps. The switch sends SNMP traps to all trap receivers configured to receive the specific trap group. To view the SNMP trap receivers configured on the switch, use the show management command. The show management command displays information about the switch including the destination and community of the SNMP trap receivers configured on the switch.

Example
The following command adds the IP address 10.101.0.100 as a trap receiver with community string purple:
configure snmp add trapreceiver 10.101.0.100 community purple

ExtremeWare XOS 11.3 Command Reference

113

Commands for Managing the Switch The following command adds the IP address 10.101.0.105 as a trap receiver with community string green, using port 3003:
configure snmp add trapreceiver 10.101.0.105 community green port 3003

The following command adds the IP address 10.101.0.105 as a trap receiver with community string blue, and IP address 10.101.0.25 as the source:
configure snmp add trapreceiver 10.101.0.105 community blue from 10.101.0.25

History
This command was first available in ExtremeWare XOS 10.1. The hex_community_name, from <src_ip_address>, and {mode <trap_mode> [enhanced | standard]} parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

114

ExtremeWare XOS 11.3 Command Reference

configure snmp delete community

configure snmp delete community


configure snmp delete community [readonly | readwrite] [all | <alphanumeric_string>]

Description
Deletes an SNMP read or read/write community string.

Syntax Description
readonly readwrite all alphanumeric_string Specifies read-only access to the system. Specifies read and write access to the system. Specifies all of the SNMP community stings. Specifies an SNMP community string name. See Usage Guidelines for more information.

Default
The default read-only community string is public. The default read/write community string is private.

Usage Guidelines
You must have at least one community string for SNMP access. If you delete all of the community strings on your system, you will no longer have SNMP access, even if you have SNMP enabled. The community strings allow a simple method of authentication between the switch and the remote network manager. There are two types of community strings on the switch. Read community strings provide read-only access to the switch. The default read-only community string is public. read/write community strings provide read and write access to the switch. The default read/write community string is private. Sixteen read-only and sixteen read-write community strings can be configured on the switch, including the defaults. The community string for all authorized trap receivers must be configured on the switch for the trap receiver to receive switch-generated traps. SNMP community strings can contain up to 32 characters. For increased security, Extreme Networks recommends that you change the defaults of the read/write and read-only community strings. Use the configure snmp add commands to configure an authorized SNMP management station.

Example
The following command deletes a read/write community string named extreme:
configure snmp delete community readwrite extreme

ExtremeWare XOS 11.3 Command Reference

115

Commands for Managing the Switch

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

116

ExtremeWare XOS 11.3 Command Reference

configure snmp delete trapreceiver

configure snmp delete trapreceiver


configure snmp delete trapreceiver [{<ip_address> {<port_number>}} | {all}]

Description
Deletes a specified trap receiver or all authorized trap receivers.

Syntax Description
ip_address port_number all Specifies an SNMP trap receiver IP address. Specifies the port associated with the receiver. Specifies all SNMP trap receiver IP addresses.

Default
The default port number is 162.

Usage Guidelines
Use this command to delete a trap receiver of the specified IP address, or all authorized trap receivers. This command deletes only the first SNMPv1/v2c trap receiver whose IP address and port number match the specified value.

Example
The following command deletes the trap receiver 10.101.0.100 from the trap receiver list:
configure snmp delete trapreceiver 10.101.0.100

The following command deletes entries in the trap receiver list for 10.101.0.100, port 9990:
configure snmp delete trapreceiver 10.101.0.100 9990

Any entries for this IP address with a different community string will not be affected.

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

117

Commands for Managing the Switch

configure snmp sysContact


configure snmp syscontact <sysContact>

Description
Configures the name of the system contact.

Syntax Description
sysContact An alphanumeric string that specifies a system contact name.

Default
N/A.

Usage Guidelines
The system contact is a text field that enables you to enter the name of the person(s) responsible for managing the switch. A maximum of 255 characters is allowed. To view the name of the system contact listed on the switch, use the show switch command. The show switch command displays switch statistics including the name of the system contact.

Example
The following command defines FredJ as the system contact:
configure snmp syscontact fredj

The following output from the show switch command displays FredJ as the system contact:
SysName: SysLocation: SysContact: engineeringlab englab FredJ

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

118

ExtremeWare XOS 11.3 Command Reference

configure snmp sysLocation

configure snmp sysLocation


configure snmp syslocation <sysLocation>

Description
Configures the location of the switch.

Syntax Description
sysLocation An alphanumeric string that specifies the switch location.

Default
N/A.

Usage Guidelines
Use this command to indicate the location of the switch. A maximum of 255 characters is allowed. To view the location of the switch on the switch, use the show switch command. The show switch command displays switch statistics including the location of the switch.

Example
The following command configures a switch location name on the system:
configure snmp syslocation englab

The following output from the show switch command displays englab as the location of the switch:
SysName: SysLocation: SysContact: engineeringlab englab FredJ

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

119

Commands for Managing the Switch

configure snmp sysName


configure snmp sysname <sysName>

Description
Configures the name of the switch.

Syntax Description
sysName An alphanumeric string that specifies a device name.

Default
The default sysname is the model name of the device (for example, BlackDiamond10808).

Usage Guidelines
You can use this command to change the name of the switch. A maximum of 32 characters is allowed. The sysname appears in the switch prompt. To view the name of the system listed on the switch, use the show switch command. The show switch command displays switch statistics including the name of the system.

Example
The following command names the switch:
configure snmp sysname engineeringlab

The following output from the show switch command displays engineeringlab as the name of the switch:
SysName: SysLocation: SysContact: engineeringlab englab FredJ

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

120

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 add access

configure snmpv3 add access


configure snmpv3 add access [[hex <hex_group_name>] | <group_name>] {secmodel [snmpv1 | snmpv2c | usm]} {sec-level [noauth | authnopriv | priv]} {read-view [[hex <hex_read_view_name>] | <read_view_name>]} {write-view [[hex <hex_write_view_name>]] | <write_view_name>]} {notify-view [[hex <hex_notify_view_name]] | <notify_view_name>]} {volatile}

Description
Creates (and modifies) a group and its access rights.

Syntax Description
hex_group_name group_name sec-model snmpv1 snmpv2c usm sec-level noauth authnopriv priv read-view Specifies the group name to add or modify. The value is to be supplied as a colon separated string of hex octets. Specifies the group name to add or modify. The value is to be supplied in ASCII format. Specifies the security model to use. Specifies the SNMPv1 security model. Specifies the SNMPv2c security model. Specifies the SNMPv3 User-based Security Model (USM). Specifies the security level for the group. Specifies no authentication (and implies no privacy) for the security level. Specifies authentication and no privacy for the security level. Specifies authentication and privacy for the security level. Specifies the read view name: hex_read_view_nameSpecifies a hex value supplied as a colon separated string of hex octets read_view_nameSpecifies an ASCII value write-view Specifies the write view name: hex_write_view_nameSpecifies a hex value supplied as a colon separated string of hex octets write_view_nameSpecifies an ASCII value notify-view Specifies the notify view name: hex_notify_view_nameSpecifies a hex value supplied as a colon separated string of hex octets notify_view_nameSpecifies an ASCII value volatile Specifies volatile storage.

Default
The default values are:

sec-modelUSM sec-levelnoauth

ExtremeWare XOS 11.3 Command Reference

121

Commands for Managing the Switch


read view namedefaultUserView write view name notify view namedefaultNotifyView non-volatile storage

Usage Guidelines
Use this command to configure access rights for a group. All access groups are created with a unique default context, , as that is the only supported context. Use more than one character when creating unique community strings and access group names. A number of default (permanent) groups are already defined. These groups are: admin, initial, v1v2c_ro, v1v2c_rw.

The default groups defined (permanent) are v1v2c_ro for security name v1v2c_ro, v1v2c_rw for security name v1v2c_rw, admin for security name admin, and initial for security names initial, initialmd5, initialsha, initialmd5Priv and initialshaPriv. The default access defined (permanent) are admin, initial, v1v2c_ro, v1v2c_rw, and v1v2cNotifyGroup.

Example
In the following command, access for the group defaultROGroup is created with all the default values: security model usm, security level noauth, read view defaultUserView, no write view, notify view defaultNotifyView, and storage nonvolatile.
configure snmpv3 add access defaultROGroup

In the following command, access for the group defaultROGroup is created with the values: security model USM, security level authnopriv, read view defaultAdminView, write view defaultAdminView, notify view defaultAdminView, and storage nonvolatile.
configure snmpv3 add access defaultROGroup sec-model usm sec-level authnopriv readview defaultAdminView write-view defaultAdminView notify-view defaultAdminView

History
This command was first available in ExtremeWare XOS 10.1. The hex_read_view_name, hex_write_view_name, and hex_notify_view_name parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

122

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 add community

configure snmpv3 add community


configure snmpv3 add community [[hex <hex_community_index>] | <community_index>] name [[hex <hex_community_name>] |<community_name>] user [[hex <hex_user_name>] | <user_name>] {tag [[hex <hex_transport_tag>] | <transport_tag>]} {volatile}

Description
Adds an SNMPv3 community entry.

Syntax Description
hex_community_index community_index hex_community_name community_name hex_user_name user_name tag Specifies the row index in the snmpCommunity table as a hex value supplied as a colon separated string of hex octets. Specifies the row index in the snmpCommunity Table as an ASCII value. Specifies the community name as a hex value supplied as a colon separated string of hex octets Specifies the community name as an ASCII value. Specifies the USM user name as a hex value supplied as a colon separated string of hex octets. Specifies the USM user name as an ASCII value. Specifies the tag used to locate transport endpoints in SnmpTargetAddrTable. When this community entry is used to authenticate v1/v2c messages, this tag is used to verify the authenticity of the remote entity. hex_transport_tagSpecifies a hex value supplied as a colon separated string of hex octets transport_tagSpecifies an ASCII value volatile Specifies volatile storage.

Default
N/A.

Usage Guidelines
Use this command to create or modify an SMMPv3 community in the community MIB.

Example
The following command creates an entry with the community index comm_index, community name comm_public, and user (security) name v1v2c_user:
configure snmpv3 add community comm_index name comm_public user v1v2c_user

ExtremeWare XOS 11.3 Command Reference

123

Commands for Managing the Switch The following command creates an entry with the community index (hex) of 12:0E, community name (hex) of EA:12:CD:CF:AB:11:3C, user (security) name v1v2c_user, using transport tag 34872 and volatile storage:
configure snmpv3 add community hex 12:0E name hex EA:12:CD:CF:AB:11:3C user v1v2c_user tag 34872 volatile

History
This command was first available in ExtremeWare XOS. 10.1. The hex_community_index, hex_community_name, hex_user_name, and hex_transport_tag parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

124

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 add filter

configure snmpv3 add filter


configure snmpv3 add filter [[hex <hex_profile_name>] | <profile_name>] subtree <object_identifier> {/<subtree_mask>} type [included | excluded] {volatile}

Description
Adds a filter to a filter profile.

Syntax Description
hex_profile_name profile_name object identifier subtree_mask included excluded volatile Specifies the filter profile that the current filter is added to. The value is to be supplied as a colon separated string of hex octets. Specifies the filter profile that the current filter is added to in ASCII format. Specifies a MIB subtree. Specifies a hex octet string used to mask the subtree. For example, f7a indicates 1.1.1.1.0.1.1.1.1.0.1.0. Specifies that the MIB subtree defined by <object identifier>/<mask> is to be included. Specifies that the MIB subtree defined by <object identifier>/<mask> is to be excluded. Specifies volatile storage.

Default
The default values are:

mask valueempty string (all 1s) typeincluded storagenon-volatile

Usage Guidelines
Use this command to create a filter entry in the snmpNotifyFilterTable. Each filter includes or excludes a portion of the MIB. Multiple filter entries comprise a filter profile that can eventually be associated with a target address. Other commands are used to associate a filter profile with a parameter name, and the parameter name with a target address. This command can be used multiple times to configure the exact filter profile desired.

Example
The following command adds a filter to the filter profile prof1 that includes the MIB subtree 1.3.6.1.4.1/ f0:
configure snmpv3 add filter prof1 subtree 1.3.6.1.4.1/f0 type included

ExtremeWare XOS 11.3 Command Reference

125

Commands for Managing the Switch

History
This command was first available in ExtremeWare XOS 10.1. The hex_profile_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

126

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 add filter-profile

configure snmpv3 add filter-profile


configure snmpv3 add filter-profile [[hex <hex_profile_name>] | <profile_name>] param [[hex <hex_param_name>]] | <param_name>] {volatile}

Description
Associates a filter profile with a parameter name.

Syntax Description
hex_profile_name profile_name hex_param_name param_name volatile Specifies the filter profile name. The value is to be supplied as a colon separated string of hex octets. Specifies the filter profile name in ASCII format. Specifies a parameter name to associate with the filter profile. The value to follow is to be supplies as a colon separated string of hex octets. Specifies a parameter name to associate with the filter profile in ASCII format. Specifies volatile storage.

Default
The default storage type is non-volatile.

Usage Guidelines
Use this command to add an entry to the snmpNotifyFilterProfileTable. This table associates a filter profile with a parameter name. The parameter name is associated with target addresses, and the filter profile is associated with a series of filters, so, in effect, you are associating a series of filters with a target address.

Example
The following command associates the filter profile prof1 with the parameter name P1:
configure snmpv3 add filter-profile prof1 param P1

History
This command was first available in ExtremeWare XOS 10.1. The hex_profile_name and hex_param_name parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

127

Commands for Managing the Switch

configure snmpv3 add group user


configure snmpv3 add group [[hex <hex_group_name>] | <group_name>] user [[hex <hex_user_name>] | <user_name>] {sec-model [snmpv1| snmpv2c | usm]} {volatile}

Description
Adds a user name (security name) to a group.

Syntax Description
hex_group_name group_name hex_user_name user_name sec-model snmpv1 snmpv2c usm volatile Specifies the group name to add or modify. The value is to be supplied as a colon separated string of hex octets. Specifies the group name to add or modify in ASCII format. Specifies the user name to add or modify. The value to follow is to be supplies as a colon separated string of hex octets. Specifies the user name to add or modify in ASCII format. Specifies the security model to use. Specifies the SNMPv1 security model. Specifies the SNMPv2c security model. Specifies the SNMPv3 User-based Security Model (USM). Specifies volatile storage.

Default
The default values are:

sec-modelUSM non-volatile storage

Usage Guidelines
Use this command to associate a user name with a group. As per the SNMPv3 RFC, a security name is model independent while a username is model dependent. For simplicity, both are assumed to be same here. User names and security names are handled the same. In other words, if a user is created with the user name username, the security name value is the same, username. Every group is uniquely identified by a security name and security model. So the same security name can be associated to a group name but with different security models.

Example
The following command associates the user userV1 to the group defaultRoGroup with SNMPv1 security:
configure snmpv3 add group defaultRoGroup user userV1 sec-model snmpv1

128

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 add group user The following command associates the user userv3 with security model USM and storage type volatile to the access group defaultRoGroup:
configure snmpv3 add group defaultRoGroup user userV3 volatile

History
This command was first available in ExtremeWare XOS 10.1. The hex_group_name and hex_user_name parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

129

Commands for Managing the Switch

configure snmpv3 add mib-view


configure snmpv3 add mib-view [[hex <hex_view_name>] | <view_name>] subtree <object_identifier> {/<subtree_mask>} {type [included | excluded]} {volatile}

Description
Adds (and modifies) a MIB view.

Syntax Description
hex_view_name view_name object_identifier subtree_mask included excluded volatile Specifies the MIB view name to add or modify. The value is to be supplies as a colon separated string of hex octets. Specifies the MIB view name to add or modify in ASCII format. Specifies a MIB subtree. Specifies a hex octet string used to mask the subtree. For example, f7a indicates 1.1.1.1.0.1.1.1.1.0.1.0. Specifies that the MIB subtree defined by <subtree>/<mask> is to be included. Specifies that the MIB subtree defined by <subtree>/<mask> is to be excluded. Specifies volatile storage.

Default
The default mask value is an empty string (all 1s). The other default values are included and nonvolatile.

Usage Guidelines
Use this command to create a MIB view into a subtree of the MIB. If the view already exists, this command modifies the view to additionally include or exclude the specified subtree. In addition to the created MIB views, there are three default views. They are of storage type permanent and cannot be deleted, but they can be modified. The default views are: defaultUserView, defaultAdminView, and defaultNotifyView.

Example
The following command creates the MIB view allMIB with the subtree 1.3 included as non-volatile:
configure snmpv3 add mib-view allMIB subtree 1.3

The following command creates the view extremeMib with the subtree 1.3.6.1.4.1.1916 included as nonvolatile:
configure snmpv3 add mib-view extremeMib subtree 1.3.6.1.4.1.1916

130

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 add mib-view The following command creates a view vrrpTrapNewMaster which excludes VRRP notification .1 and the entry is volatile:
configure snmpv3 add mib-view vrrpTrapNewMaster 1.3.6.1.2.1.68.0.1/ff8 type excluded volatile

History
This command was first available in ExtremeWare XOS 10.1. The hex_view_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

131

Commands for Managing the Switch

configure snmpv3 add notify


configure snmpv3 add notify [[hex <hex_notify_name>] | <notify_name>] tag [[hex <hex_tag>] | <tag>] {volatile}

Description
Adds an entry to the snmpNotifyTable.

Syntax Description
hex_notify_name notify_name hex_tag tag volatile Specifies the notify name to add. The value is to be supplied as a colon separated string of hex octets. Specifies the notify name to add in ASCII format. Specifies a string identifier for the notifications to be sent to the target. The value is supplied as a colon separated string of octets. Specifies a string identifier for the notifications to be sent to the target in ASCII format. Specifies volatile storage. By specifying volatile storage, the configuration is not saved across a switch reboot.

Default
The default storage type is non-volatile.

Usage Guidelines
Use this command to add an entry to the snmpNotifyTable. When a notification is to be sent, this table is examined. For the target addresses that have been associated with the tags present in the table, notifications are sent based on the filters also associated with the target addresses.

Example
The following command sends notifications to addresses associated with the tag type1:
configure snmpv3 add notify N1 tag type1

History
This command was first available in ExtremeWare XOS 10.1. The hex_notify_name and hex_tag parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

132

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 add target-addr

configure snmpv3 add target-addr


configure snmpv3 add target-addr [[hex <hex_addr_name] | <addr_name>] param [[hex <hex_param_name] | <param_name>] ipaddress [[<ip_address> {<netmask>}] | <ip_address>] {transport-port <port_number> {from <src_ip_address>} {tag-list <tag_list>} {volatile}

Description
Adds and configures an SNMPv3 target address and associates filtering, security, and notifications with that address.

Syntax Description
hex_addr_name addr_name hex_param_name param_name ip_address port_number src_ip_address tag-list volatile Specifies a string identifier for the target address. The value is to be supplied as a colon separated string of hex octets. Specifies a string identifier for the target address in ASCII format. Specifies the parameter name associated with the target. The value is to be supplied as a colon separated string of hex octets. Specifies the parameter name associated with the target in ASCII format. Specifies an SNMPv3 target IP address. Specifies a UDP port. Default is 162. Specifies the IP address of a VLAN to be used as the source address for the trap. Specifies a list of comma separated string identifiers for the notifications to be sent to the target. Specifies volatile storage. By specifying volatile storage, the configuration is not saved across a switch reboot.

Default
The default values are:

transport-portport 162 non-volatile storage

If you do not specify tag-list the single tag defaultNotify, a pre-defined value in the snmpNotifyTable, is used.

Usage Guidelines
Use this command to create an entry in the SNMPv3 snmpTargetAddressTable. The param parameter associates the target address with an entry in the snmpTargetParamsTable, which specifies security and storage parameters for messages to the target address, and an entry in the snmpNotifyFilterProfileTable, which specifies filter profiles to use for notifications to the target address. The filter profiles are associated with the filters in the snmpNotifyFilterTable. The list of tag-lists must match one or more of the tags in the snmpNotifyTable for the trap to be sent out.

ExtremeWare XOS 11.3 Command Reference

133

Commands for Managing the Switch

Example
The following command specifies a target address of 10.203.0.22 with the name A1, and associates it with the security parameters and target address parameter P1:
configure snmpv3 add target-addr A1 param P1 ipaddress 10.203.0.22

The following command specifies a target address of 10.203.0.22 with the name A1, and associates it with the security parameters and target address parameter P1, and the notification tags type1 and type2:
configure snmpv3 add target-addr A1 param P1 ipaddress 10.203.0.22 from 10.203.0.23 tag-list type1,type2

History
This command was first available in ExtremeWare XOS 10.1. The hex_addr_name, hex_param_name, from <src_ip_address>, and tag-list <tag_list> parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

134

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 add target-params

configure snmpv3 add target-params


configure snmpv3 add target-params [[hex <hex_param_name>] | <param_name>] user [[hex <hex_user_name>] | <user_name>] mp-model [snmpv1 | snmpv2c | snmpv3] sec-model [snmpv1 | snmpv2c | usm] {sec-level [noauth | authnopriv | priv]} {volatile}

Description
Adds and configures SNMPv3 target parameters.

Syntax Description
hex_param_name param_name hex_user_name user_name mp-model sec-model snmpv1 snmpv2c usm sec-level noauth authnopriv priv volatile Specifies the parameter name associated with the target. The value is to be supplied as a colon separated string of hex octets. Specifies the parameter name associated with the target in ASCII format. Specifies a user name. The value is to be supplied as a colon separated string of hex octets. Specifies a user name in ASCII format. Specifies a message processing model; choose from SNMPv1, SNMPv2, or SNMPv3. Specifies the security model to use. Specifies the SNMPv1 security model. Specifies the SNMPv2c security model. Specifies the SNMPv3 User-based Security Model (USM). Specifies the security level for the group. Specifies no authentication (and implies no privacy) for the security level. Specifies authentication and no privacy for the security level. Specifies authentication and privacy for the security level. Specifies volatile storage. By specifying volatile storage, the configuration is not saved across a switch reboot.

Default
The default values are:

sec-levelnoauth non-volatile storage

Usage Guidelines
Use this command to create an entry in the SNMPv3 snmpTargetParamsTable. This table specifies the message processing model, security level, security model, and the storage parameters for messages to any target addresses associated with a particular parameter name. To associate a target address with a parameter name, see the command configure snmpv3 add
target-addr.

ExtremeWare XOS 11.3 Command Reference

135

Commands for Managing the Switch

Example
The following command specifies a target parameters entry named P1, a user name of guest, message processing and security model of SNMPv2c, and a security level of no authentication:
configure snmpv3 add target-params P1 user guest mp-model snmpv2c sec-model snmpv2c sec-level noauth

History
This command was first available in ExtremeWare XOS 10.1. The hex_param_name and hex_user_name parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

136

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 add user

configure snmpv3 add user


configure snmpv3 add user [[hex <hex_user_name>] | <user_name>] {authentication [md5 | sha] [hex <hex_auth_password> | <auth_password>]} {privacy [hex <hex_priv_password> | <priv_password>]} {volatile}

Description
Adds (and modifies) an SNMPv3 user.

Syntax Description
hex_user_name user_name MD5 SHA authentication privacy volatile Specifies the user name to add or modify. The value is to be supplied as a colon separated string of hex octets. Specifies the user name to add or modify in ASCII format. Specifies MD5 authentication. Specifies SHA authentication. Specifies the authentication password or hex string to use for generating the authentication key for this user. Specifies the privacy password or hex string to use for generating the privacy key for this user. Specifies volatile storage. By specifying volatile storage, the configuration is not saved across a switch reboot.

Default
The default values are:

authenticationno authentication privacyno privacy non-volatile storage

Usage Guidelines
Use this command to create or modify an SNMPv3 user configuration. If hex is specified, supply a 16 octet hex string for MD5, or a 20 octet hex string for SHA. You must specify authentication if you want to specify privacy. There is no support for privacy without authentication. The default user names are: admin, initial, initialmd5, initialsha, initialmd5Priv, initialshaPriv. The initial password for admin is password. For the other default users, the initial password is the user name.

ExtremeWare XOS 11.3 Command Reference

137

Commands for Managing the Switch

Example
The following command configures the user guest on the local SNMP Engine with security level noauth (no authentication and no privacy):
configure snmpv3 add user guest

The following command configures the user authMD5 to use MD5 authentication with the password palertyu:
configure snmpv3 add user authMD5 authentication md5 palertyu

The following command configures the user authShapriv to use SHA authentication with the hex key shown below, the privacy password palertyu, and volatile storage:
configure snmpv3 add user authShapriv authentication sha hex 01:03:04:05:01:05:02:ff:ef:cd:12:99:34:23:ed:ad:ff:ea:cb:11 privacy palertyu volatile

History
This command was first available in ExtremeWare XOS 10.1. The hex_user_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

138

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 add user clone-from

configure snmpv3 add user clone-from


configure snmpv3 add user [[hex <hex_user_name>] | <user_name>] clone-from [[hex <hex_user_name>] | <user_name>]

Description
Creates a new user by cloning from an existing SNMPv3 user.

Syntax Description
hex_user_name user_name Specifies the user name to add or to clone from. The value is to be supplies as a colon separated string of hex octets. Specifies the user name to add or to clone from in ASCII format.

Default
N/A.

Usage Guidelines
Use this command to create a new user by cloning an existing one. After you have successfully cloned the new user, you can modify its parameters using the following command:
configure snmpv3 add user [[hex <hex_user_name>] | <user_name>] {authentication [md5 | sha] [hex <hex_auth_password> | <auth_password>]} {privacy [hex <hex_priv_password> | <priv_password>]} {volatile}

Users cloned from the default users will have the storage type of non-volatile. The default names are: admin, initial, initialmd5, initialsha, initialmd5Priv, initialshaPriv.

Example
The following command creates a user cloneMD5 with same properties as the default user initalmd5. All authorization and privacy keys will initially be the same as with the default user initialmd5.
configure snmpv3 add user cloneMD5 clone-from initialmd5

History
This command was first available in ExtremeWare XOS 10.1. The hex_user_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

139

Commands for Managing the Switch

configure snmpv3 delete access


configure snmpv3 delete access [all-non-defaults | {[[hex <hex_group_name>] | <group_name>] {sec-model [snmpv1 | snmpv2c | usm] sec-level [noauth | authnopriv | priv]}}]

Description
Deletes access rights for a group.

Syntax Description
all-non-defaults hex_group_name group_name sec-model snmpv1 snmpv2c usm sec-level noauth authnopriv priv Specifies that all non-default (non-permanent) security groups are to be deleted. Specifies the group name to be deleted. The value is to be supplies as a colon separated string of hex octets. Specifies the group name to be deleted in ASCII format. Specifies the security model to use. Specifies the SNMPv1 security model. Specifies the SNMPv2c security model. Specifies the SNMPv3 User-based Security Model (USM). Specifies the security level for the group. Specifies no authentication (and implies no privacy) for the security level. Specifies authentication and no privacy for the security level. Specifies authentication and privacy for the security level.

Default
The default values are:

sec-modelUSM sec-levelnoauth

Usage Guidelines
Use this command to remove access rights for a group. Use the all-non-defaults keyword to delete all the security groups, except for the default groups. The default groups are: admin, initial, v1v2c_ro, v1v2c_rw. Deleting an access will not implicitly remove the related group to user association from the VACMSecurityToGroupTable. To remove the association, use the following command:
configure snmpv3 delete group {[[hex <hex_group_name>] | <group_name>]} user [all-nondefaults | {[[hex <hex_user_name>] | <user_name>] {sec-model [snmpv1|snmpv2c|usm]}}]

140

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 delete access

Example
The following command deletes all entries with the group name userGroup:
configure snmpv3 delete access userGroup

The following command deletes the group userGroup with the security model snmpv1 and security level of authentication and no privacy (authnopriv):
configure snmpv3 delete access userGroup sec-model snmpv1 sec-level authnopriv

History
This command was first available in ExtremeWare XOS 10.1. The hex_group_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

141

Commands for Managing the Switch

configure snmpv3 delete community


configure snmpv3 delete community [all-non-defaults | {[[hex <hex_community_index>] | <community_index>} | {name [[hex <hex_community_name>] | <community_name>}]

Description
Deletes an SNMPv3 community entry.

Syntax Description
all-non-defaults hex_community_index community_index hex_community_name community_name Specifies that all non-default community entries are to be removed. Specifies the row index in the snmpCommunityTable. The value is to be supplied as a colon separated string of hex octets. Specifies the row index in the snmpCommunityTable in ASCII format. Specifies the community name. The value is to be supplied as a colon separated string of hex octets. Specifies the community name in ASCII format.

Default
The default entries are public and private.

Usage Guidelines
Use this command to delete an SMMPv3 community in the community MIB.

Example
The following command deletes an entry with the community index comm_index:
configure snmpv3 delete community comm_index

The following command creates an entry with the community name (hex) of EA:12:CD:CF:AB:11:3C:
configure snmpv3 delete community name hex EA:12:CD:CF:AB:11:3C

History
This command was first available in ExtremeWare XOS 10.1. The hex_community_index and hex_community_name parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

142

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 delete filter

configure snmpv3 delete filter


configure snmpv3 delete filter [all | [[hex <hex_profile_name>] | <profile_name>] {subtree <object_identifier>}]]

Description
Deletes a filter from a filter profile.

Syntax Description
all hex_profile_name profile_name object_identifier Specifies all filters. Specifies the filter profile of the filter to delete. The value is to be supplied as a colon separated string of hex octets. Specifies the filter profile of the filter to delete in ASCII format. Specifies the MIB subtree of the filter to delete.

Default
N/A.

Usage Guidelines
Use this command to delete a filter entry from the snmpNotifyFilterTable. Specify all to remove all entries. Specify a profile name to delete all entries for that profile name. Specify a profile name and a subtree to delete just those entries for that filter profile and subtree.

Example
The following command deletes the filters from the filter profile prof1 that reference the MIB subtree 1.3.6.1.4.1:
configure snmpv3 delete filter prof1 subtree 1.3.6.1.4.1

History
This command was first available in ExtremeWare XOS 10.1. The hex_profile_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

143

Commands for Managing the Switch

configure snmpv3 delete filter-profile


configure snmpv3 delete filter-profile [all |[[hex <hex_profile_name>] | <profile_name>] {param [[hex <hex_param_name>] | <param_name>}]]

Description
Removes the association of a filter profile with a parameter name.

Syntax Description
all hex_profile_name profile_name hex_param_name Specifies all filter profiles. Specifies the filter profile name to delete. The value is to be supplied as a colon separated string of hex octets. Specifies the filter profile name to delete in ASCII format. Specifies to delete the filter profile with the specified profile name and parameter name. The value is to be supplied as a colon separated string of hex octets. Specifies to delete the filter profile with the specified profile name and parameter name in ASCII format.

param_name

Default
The default storage type is non-volatile.

Usage Guidelines
Use this command to delete entries from the snmpNotifyFilterProfileTable. This table associates a filter profile with a parameter name. Specify all to remove all entries. Specify a profile name to delete all entries for that profile name. Specify a profile name and a parameter name to delete just those entries for that filter profile and parameter name.

Example
The following command deletes the filter profile prof1 with the parameter name P1:
configure snmpv3 delete filter-profile prof1 param P1

History
This command was first available in ExtremeWare XOS 10.1. The hex_profile_name and hex_param_name parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

144

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 delete group user

configure snmpv3 delete group user


configure snmpv3 delete group {[[hex <hex_group_name>] | <group_name>]} user [all-non-defaults | {[[hex <hex_user_name>] | <user_name>] {sec-model [snmpv1|snmpv2c|usm]}}]

Description
Deletes a user name (security name) from a group.

Syntax Description
hex_group_name group_name all-non-defaults hex_user_name user_name sec-model snmpv1 snmpv2c usm Specifies the group name to delete or modify. The value is to be supplied as a colon separated string of hex octets. Specifies the group name to delete or modify in ASCII format. Specifies that all non-default (non-permanent) users are to be deleted from the group. Specifies the user name to delete or modify. The value is to be supplied as a colon separated string of hex octets. Specifies the user name to delete or modify in ASCII format. Specifies the security model to use. Specifies the SNMPv1 security model. Specifies the SNMPv2c security model. Specifies the SNMPv3 User-based Security Model (USM).

Default
The default value for sec-model is USM.

Usage Guidelines
Use this command to remove the associate of a user name with a group. As per the SNMPv3 RFC, a security name is model independent while a username is model dependent. For simplicity, both are assumed to be same here. User names and security names are handled the same. In other words, if a user is created with the user name username, the security name value is the same, username. Every group is uniquely identified by a security name and security model. So the same security name can be associated to a group name but with different security models. The default groups are: admin, initial, v1v2c_ro, v1v2c_rw. The default users are: admin, initial, initialmd5, initialsha, initialmd5Priv, initialshaPriv.

ExtremeWare XOS 11.3 Command Reference

145

Commands for Managing the Switch

Example
The following command deletes the user guest from the group UserGroup for the security model snmpv2c:
configure snmpv3 delete group UserGroup user guest sec-model snmpv2c

The following command deletes the user guest from the group userGroup with the security model USM:
configure snmpv3 delete group userGroup user guest

History
This command was first available in ExtremeWare XOS 10.1. The hex_group_name and the hex_user_name parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

146

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 delete mib-view

configure snmpv3 delete mib-view


configure snmpv3 delete mib-view [all-non-defaults | {[[hex <hex_view_name>] | <view_name>] {subtree <object_identifier>}}]

Description
Deletes a MIB view.

Syntax Description
all-non-defaults hex_view_name view_name object_identifier Specifies that all non-default (non-permanent) MIB views are to be deleted. Specifies the MIB view to delete. The value is to be supplied as a colon separated string of hex octets. Specifies the MIB view name to delete in ASCII format. Specifies a MIB subtree.

Default
N/A.

Usage Guidelines
Use this command to delete a MIB view. Views which are being used by security groups cannot be deleted. Use the all-non-defaults keyword to delete all the MIB views (not being used by security groups) except for the default views. The default views are: defaultUserView, defaultAdminView, and defaultNotifyView. Use the configure snmpv3 add mib-view command to remove a MIB view from its security group, by specifying a different view.

Example
The following command deletes all views (only the permanent views will not be deleted):
configure snmpv3 delete mib-view all-non-defaults

The following command deletes all subtrees with the view name AdminView:
configure snmpv3 delete mib-view AdminView

The following command deletes the view AdminView with subtree 1.3.6.1.2.1.2
configure snmpv3 delete mib-view AdminView subtree 1.3.6.1.2.1.2

ExtremeWare XOS 11.3 Command Reference

147

Commands for Managing the Switch

History
This command was first available in ExtremeWare XOS 10.1. The hex_view_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

148

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 delete notify

configure snmpv3 delete notify


configure snmpv3 delete notify [{[[hex <hex_notify_name>] | <notify_name>]} | all-non-defaults]

Description
Deletes an entry from the snmpNotifyTable.

Syntax Description
hex_notify_name notify_name all-non-defaults Specifies the notify name to add. The value is to be supplied as a colon separated string of hex octets. Specifies the notify name to add in ASCII format. Specifies that all non-default (non-permanent) notifications are to be deleted.

Default
N/A.

Usage Guidelines
Use this command to delete an entry from the snmpNotifyTable. When a notification is to be sent, this table is examined. For the target addresses that have been associated with the tags present in the table, notifications will be sent, based on the filters also associated with the target addresses. The one default notification that cannot be deleted is defaultNotify.

Example
The following command removes the N1 entry from the table:
configure snmpv3 delete notify N1

History
This command was first available in ExtremeWare XOS 10.1. The hex_notify_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

149

Commands for Managing the Switch

configure snmpv3 delete target-addr


configure snmpv3 delete target-addr [{[[hex <hex_addr_name>] | <addr_name>]} | all]

Description
Deletes SNMPv3 target addresses.

Syntax Description
hex_addr_name addr_name all Specifies an identifier for the target address. The value is to be supplied as a colon separated string of hex octets. Specifies a string identifier for the target address. Specifies all target addresses.

Default
N/A.

Usage Guidelines
Use this command to delete an entry in the SNMPv3 snmpTargetAddressTable.

Example
The following command deletes target address named A1:
configure snmpv3 delete target-addr A1

History
This command was first available in ExtremeWare XOS 10.1. The hex_addr_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

150

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 delete target-params

configure snmpv3 delete target-params


configure snmpv3 delete target-params [{[[hex <hex_param_name>] | <param_name>]} | all]

Description
Deletes SNMPv3 target parameters.

Syntax Description
hex_param_name param_name Specifies the parameter name associated with the target. The value is to be supplied as a colon separated string of hex octets. Specifies the parameter name associated with the target in ASCII format.

Default
N/A.

Usage Guidelines
Use this command to delete an entry in the SNMPv3 snmpTargetParamsTable. This table specifies the message processing model, security level, security model, and the storage parameters for messages to any target addresses associated with a particular parameter name.

Example
The following command deletes a target parameters entry named P1:
configure snmpv3 delete target-params P1

History
This command was first available in ExtremeWare XOS 10.1. The hex_param_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

151

Commands for Managing the Switch

configure snmpv3 delete user


configure snmpv3 delete user [all-non-defaults | [[hex <hex_user_name>] | <user_name>]]

Description
Deletes an existing SNMPv3 user.

Syntax Description
all-non-defaults hex_user_name user_name Specifies that all non-default (non-permanent) users are to be deleted. Specifies the user name to delete. The value is to be supplied as a colon separated string of hex octets. Specifies the user name to delete.

Default
N/A.

Usage Guidelines
Use this command to delete an existing user. Use the all-non-defaults keyword to delete all users, except for the default (permanent) users. The default user names are: admin, initial, initialmd5, initialsha, initialmd5Priv, initialshaPriv. Deleting a user will not implicitly remove the related group to user association from the VACMSecurityToGroupTable. To remove the association, use the following command:
configure snmpv3 delete group {[[hex <hex_group_name>] | <group_name>]} user [all-nondefaults | {[[hex <hex_user_name>] | <user_name>] {sec-model [snmpv1|snmpv2c|usm]}}]

Example
The following command deletes all non-default users:
configure snmpv3 delete user all-non-defaults

The following command deletes the user guest:


configure snmpv3 delete user guest

History
This command was first available in ExtremeWare XOS 10.1. The hex_user_name parameter was added in ExtremeWare XOS 11.0.

152

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 delete user

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

153

Commands for Managing the Switch

configure snmpv3 engine-boots


configure snmpv3 engine-boots <(1-2147483647)>

Description
Configures the SNMPv3 Engine Boots value.

Syntax Description
(1-2147483647) Specifies the value of engine boots.

Default
N/A.

Usage Guidelines
Use this command if the Engine Boots value needs to be explicitly configured. Engine Boots and Engine Time will be reset to zero if the Engine ID is changed. Engine Boots can be set to any desired value but will latch on its maximum, 2147483647.

Example
The following command configures Engine Boots to 4096:
configure snmpv3 engine-boots 4096

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

154

ExtremeWare XOS 11.3 Command Reference

configure snmpv3 engine-id

configure snmpv3 engine-id


configure snmpv3 engine-id <hex_engine_id>

Description
Configures the SNMPv3 snmpEngineID.

Syntax Description
hex_engine_id Specifies the colon delimited hex octet that serves as part of the snmpEngineID (5-32 octets).

Default
The default snmpEngineID is the device MAC address.

Usage Guidelines
Use this command if the snmpEngineID needs to be explicitly configured. The first four octets of the ID are fixed to 80:00:07:7C,which represents Extreme Networks Vendor ID. Once the snmpEngineID is changed, default users will be reverted back to their original passwords/keys, while non-default users will be reset to the security level of no authorization, no privacy. In a chassis, the snmpEngineID will be generated using the MAC address of the MSM with which the switch boots first. For MSM hitless failover, the same snmpEngineID will be propagated to both of the MSMs.

Example
The following command configures the snmpEngineID to be 80:00:07:7C:00:0a:1c:3e:11:
configure snmpv3 engine-id 00:0a:1c:3e:11

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

155

Commands for Managing the Switch

configure sntp-client
configure sntp-client [primary | secondary] <host-name-or-ip> {vr <vr_name>}

Description
Configures an NTP server for the switch to obtain time information.

Syntax Description
primary secondary host-name-or-ip vr Specifies a primary server name. Specifies a secondary server name. Specifies a host name or IP address. Specifies use of a virtual router. NOTE: The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch do not support user-created VRs. vr_name Specifies the name of a virtual router.

Default
N/A.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Queries are first sent to the primary server. If the primary server does not respond within 1 second, or if it is not synchronized, the switch queries the second server. If the switch cannot obtain the time, it restarts the query process. Otherwise, the switch waits for the sntp-client update interval before querying again.

Example
The following command configures a primary NTP server:
configure sntp-client primary 10.1.2.2

The following command configures the primary NTP server to use the management virtual router VRMgmt
configure sntp-client primary 10.1.2.2 vr VR-Mgmt

156

ExtremeWare XOS 11.3 Command Reference

configure sntp-client

History
This command was first available in ExtremeWare XOS 10.1. The vr <vr_name> option was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

157

Commands for Managing the Switch

configure sntp-client update-interval


configure sntp-client update-interval <update-interval>

Description
Configures the interval between polls for time information from SNTP servers.

Syntax Description
update-interval Specifies an interval in seconds.

Default
64 seconds.

Usage Guidelines
None.

Example
The following command configures the interval timer:
configure sntp-client update-interval 30

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

158

ExtremeWare XOS 11.3 Command Reference

configure telnet access-profile

configure telnet access-profile


configure telnet access-profile [<access_profile> | none]

Description
Configures Telnet to use an ACL policy for access control.

Syntax Description
access_profile none Specifies an ACL policy. Cancels a previously configured ACL policy.

Default
Telnet is enabled with no ACL policies and uses TCP port 23.

Usage Guidelines
You must be logged in as administrator to configure Telnet parameters. You can restrict Telnet access by using an ACL and implementing an ACL policy. You create an ACL policy file that permits or denies a specific list of IP addresses and subnet masks for the Telnet port. You must create the ACL policy file before you can use this command. If the ACL policy file does not exist on the switch, the switch returns an error message indicating that the file does not exist. Use the none option to remove a previously configured ACL. Creating an ACL Policy File. To create an ACL policy file, use the edit policy command. For more information about creating and implementing ACL policy files, see Chapter 12, Policy Manager and Chapter 13, Access Lists (ACLs), in the ExtremeWare XOS Concepts Guide. If you attempt to implement a policy that does not exist on the switch, an error message similar to the following appears:
Error: Policy /config/MyAccessProfile.pol does not exist on file system

If this occurs, make sure the policy you want to implement exists on the switch. To confirm the policies on the switch, use the ls command. If the policy does not exist, create the ACL policy file. Viewing Telnet Information. To display the status of Telnet, including the current TCP port, the virtual router used to establish a Telnet session, and whether ACLs are controlling Telnet access, use the following command:
show management

ExtremeWare XOS 11.3 Command Reference

159

Commands for Managing the Switch

Example
This example assumes that you already created an ACL to apply to Telnet. The following command applies the ACL MyAccessProfile_2 to Telnet:
configure telnet access-profile MyAccessProfile_2

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

160

ExtremeWare XOS 11.3 Command Reference

configure telnet port

configure telnet port


configure telnet port [<portno> | default]

Description
Configures the TCP port used by Telnet for communication.

Syntax Description
portno Specifies a TCP port number. The default is 23. The range is 1 through 65535. The following TCP port numbers are reserved and cannot be used for Telnet connections: 22, 80, and 1023. Specifies the default Telnet TCP port number. The default is 23.

default

Default
The switch listens for Telnet connections on Port 23.

Usage Guidelines
You must be logged in as administrator to configure the Telnet port. The portno range is 1 through 65535. The following TCP port numbers are reserved and cannot be used for Telnet connections: 22, 80, and 1023. If you attempt to configure a reserved port, the switch displays an error message similar to the following:
configure telnet port 22 Error: port number is a reserved port

If this occurs, select a port number that is not a reserved port. Beginning with ExtremeWare XOS 11.2, the switch accepts IPv6 connections.

Example
The following command changes the port used for Telnet to port 85:
configure telnet port 85

The following command returns the port used for Telnet to the default port of 23:
configure telnet port default

History
This command was first available in ExtremeWare XOS 10.1. Support for IPv6 was added in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

161

Commands for Managing the Switch

Platform Availability
This command is available on all platforms.

162

ExtremeWare XOS 11.3 Command Reference

configure telnet vr

configure telnet vr
configure telnet vr [all | default | <vr_name>]

Description
Configures the virtual router used on the switch for listening for Telnet connections.

Syntax Description
all default vr_name Specifies to use all virtual routers for Telnet connections. Specifies to use the default virtual router for Telnet connections. The default router is VR-Mgmt. Specifies the name of the virtual router to use for Telnet connections. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Default
If you specify default, the virtual router VR-Mgmt is used.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

You must be logged in as administrator to configure the virtual router. Beginning with ExtremeWare XOS 11.2, the switch accepts IPv6 connections. If you specify all, the switch listens on all of the available virtual routers for Telnet connections. The vr_name specifies the name of the virtual router to use for Telnet connections. If you specify a virtual router name that does not exist, the switch displays an error message similar to the following:
configure telnet vr vr-ttt ^ %% Invalid input detected at '^' marker.

Example
The following command configures the switch to listen for and receive Telnet requests on all virtual routers:
configure telnet vr all

ExtremeWare XOS 11.3 Command Reference

163

Commands for Managing the Switch

History
This command was first available in ExtremeWare XOS 11.0. Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

164

ExtremeWare XOS 11.3 Command Reference

disable dhcp vlan

disable dhcp vlan


disable dhcp vlan [<vlan_name> | all]

Description
Disables the generation and processing of DHCP packets on a VLAN to obtain an IP address for the VLAN from a DHCP server.

Syntax Description
vlan_name all Specifies a VLAN name. Specifies all VLANs

Default
Disabled for all VLANs.

Usage Guidelines
None.

Example
The following command disables the generation and processing of DHCP packets on a VLAN named accounting:
disable dhcp vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

165

Commands for Managing the Switch

disable snmp access


disable snmp access {snmp-v1v2c}

Description
Selectively disables SNMP on the switch.

Syntax Description
snmp-v1v2c Disables SNMPv1/v2c access only; does not affect SNMPv3 access.

Default
Enabled.

Usage Guidelines
Disabling SNMP access does not affect the SNMP configuration (for example, community strings). However, if you disable SNMP access, you will be unable to access the switch using SNMP. To allow access, use the following command:
enable snmp access

By using the enable and disable commands you can enable all SNMP access, no SNMP access, or only SNMPv3 access. You cannot enable only SNMPv1/v2c access. To enable SNMPv3 only access on the switch, use the following commands:
enable snmp access disable snmp access snmp-v1v2c

Example
The following command disables all SNMP access on the switch:
disable snmp access

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

166

ExtremeWare XOS 11.3 Command Reference

disable snmp traps

disable snmp traps


disable snmp traps

Description
Prevents SNMP traps from being sent from the switch.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
This command does not clear the SNMP trap receivers that have been configured. The command prevents SNMP traps from being sent from the switch even if trap receivers are configured. To view if SNMP traps are being sent from the switch, use the show management command. The show management command displays information about the switch including the enabled/disabled state of SNMP traps being sent.

Example
The following command prevents SNMP traps from being sent from the switch to the trap receivers:
disable snmp traps

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

167

Commands for Managing the Switch

disable sntp-client
disable sntp-client

Description
Disables the SNTP client.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
SNTP can be used by the switch to update and synchronize its internal clock from a Network Time Protocol (NTP) server. After the SNTP client has been enabled, the switch sends out a periodic query to the indicated NTP server, or the switch listens to broadcast NTP updates. In addition, the switch supports the configured setting for Greenwich Mean Time (GMT) offset and the use of Daylight Savings Time (DST).

Example
The following command disables the SNTP client:
disable sntp-client

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

168

ExtremeWare XOS 11.3 Command Reference

disable telnet

disable telnet
disable telnet

Description
Disables Telnet services on the system.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
You must be logged in as an administrator to enable or disable Telnet.

Example
With administrator privilege, the following command disables Telnet services on the switch:
disable telnet

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

169

Commands for Managing the Switch

disable watchdog
disable watchdog

Description
Disables the system watchdog timer.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
The watchdog timer monitors the health of the switch hardware and software events. For example, the watchdog timer reboots the switch if the system cannot reset the watchdog timer. This can be caused by a long CPU processing loop, any unhandled exception, or a hardware problem with the communication channel to the watchdog. In most cases, if the watchdog timer expires, the switch captures the current CPU status and posts it to the console and the system log. In some cases, if the problem is so severe that the switch is unable to perform any action, the switch reboots without logging any system status information prior to reboot. This command takes affect immediately. The watchdog settings are saved in the configuration file. To display the watchdog state of your system, use the show switch command.

Example
The following command disables the watchdog timer:
disable watchdog

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

170

ExtremeWare XOS 11.3 Command Reference

enable dhcp vlan

enable dhcp vlan


enable dhcp vlan [<vlan_name> | all]

Description
Enables the generation and processing of DHCP packets on a VLAN to obtain an IP address for the VLAN from a DHCP server.

Syntax Description
vlan_name all Specifies a VLAN name. Specifies all VLANs.

Default
Disabled for all VLANs.

Usage Guidelines
None.

Example
The following command enables the generation and processing of DHCP packets on a VLAN named accounting:
enable dhcp vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

171

Commands for Managing the Switch

enable snmp access


enable snmp access

Description
Turns on SNMP support for SNMPv3 and v1/v2c on the switch.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
To have access to the SNMP agent residing in the switch, at least one VLAN must have an IP address assigned to it. Any network manager running SNMP can manage the switch (for v1/v2c), provided the MIB is installed correctly on the management station. Each network manager provides its own user interface to the management facilities. For SNMPv3, additional security keys are used to control access, so an SNMPv3 manager is required for this type of access. This command enables both v1/v2c and v3 access, so the switch can be accessed with either method. Use the following commands to allow only v3 access:
enable snmp access disable snmp access snmp-v1v2c

Use the following command to prevent any SNMP access:


disable snmp access

There is no way to disable v3 access and allow v1/v2c access. ExtremeWare XOS 11.2 introduces the concept of safe defaults mode. Safe defaults mode runs an interactive script that allows you to enable or disable SNMP, Telnet, and switch ports. When you set up your switch for the first time, you must connect to the console port to access the switch. After logging in to the switch, you enter safe defaults mode. Although SNMP, Telnet, and switch ports are enabled by default, the script prompts you to confirm those settings. If you choose to keep the default setting for SNMPthe default setting is enabledthe switch returns the following interactive script:
Since you have chosen less secure management methods, please remember to increase the security of your network by taking the following actions: * change your admin password

172

ExtremeWare XOS 11.3 Command Reference

enable snmp access


* change your SNMP public and private strings * consider using SNMPv3 to secure network management traffic

In addition, you can return to safe defaults mode by issuing the following commands:

unconfigure switch all configure safe-default-script

If you return to safe defaults mode, you must answer the questions presented during the interactive script. For more detailed information about safe defaults mode, see Safe Defaults Setup Method on page 47 in the ExtremeWare XOS Concepts Guide.

Example
The following command enables all SNMP access for the switch:
enable snmp access

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

173

Commands for Managing the Switch

enable snmp traps


enable snmp traps

Description
Turns on SNMP trap support.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
An authorized trap receiver can be one or more network management stations on your network. The switch sends SNMP traps to all trap receivers. To view if SNMP traps are being sent from the switch, use the show management command. The show management command displays information about the switch including the enabled/disabled state of SNMP traps being sent.

Example
The following command enables SNMP trap support on the switch:
enable snmp traps

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

174

ExtremeWare XOS 11.3 Command Reference

enable sntp-client

enable sntp-client
enable sntp-client

Description
Enables the SNTP client.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
SNTP can be used by the switch to update and synchronize its internal clock from a Network Time Protocol (NTP) server. After the SNTP client has been enabled, the switch sends out a periodic query to the indicated NTP server, or the switch listens to broadcast NTP updates. In addition, the switch supports the configured setting for Greenwich Mean Time (GMT) offset and the use of Daylight Savings Time (DST).

Example
The following command enables the SNTP client:
enable sntp-client

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

175

Commands for Managing the Switch

enable telnet
enable telnet

Description
Enables Telnet services on the system.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
You must be logged in as an administrator to enable or disable Telnet. ExtremeWare XOS 11.2 introduces the concept of safe defaults mode. Safe defaults mode runs an interactive script that allows you to enable or disable SNMP, Telnet, and switch ports. When you set up your switch for the first time, you must connect to the console port to access the switch. After logging in to the switch, you enter safe defaults mode. Although SNMP, Telnet, and switch ports are enabled by default, the script prompts you to confirm those settings. If you choose to keep the default setting for Telnetthe default setting is enabledthe switch returns the following interactive script:
Since you have chosen less secure management methods, please remember to increase the security of your network by taking the following actions: * change your admin password * change your SNMP public and private strings * consider using SNMPv3 to secure network management traffic

In addition, you can return to safe defaults mode by issuing the following commands:

unconfigure switch all configure safe-default-script

If you return to safe defaults mode, you must answer the questions presented during the interactive script. For more detailed information about safe defaults mode, see Safe Defaults Setup Method on page 47 in the ExtremeWare XOS Concepts Guide.

Example
With administrator privilege, the following command enables Telnet services on the switch:
enable telnet

176

ExtremeWare XOS 11.3 Command Reference

enable telnet

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

177

Commands for Managing the Switch

enable watchdog
enable watchdog

Description
Enables the system watchdog timer.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
The watchdog timer monitors the health of the switch hardware and software events. For example, the watchdog timer reboots the switch if the system cannot reset the watchdog timer. This is caused by a long CPU processing loop, any unhandled exception, or a hardware problem with the communication channel to the watchdog. In most cases, if the watchdog timer expires, the switch captures the current CPU status and posts it to the console and the system log. In some cases, if the problem is so severe that the switch is unable to perform any action, the switch reboots without logging any system status information prior to reboot. This command takes affect immediately. The watchdog settings are saved in the configuration file. To display the watchdog state of your system, use the show switch command.

Example
The following command enables the watchdog timer:
enable watchdog

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

178

ExtremeWare XOS 11.3 Command Reference

exit

exit
exit

Description
Logs out the session of a current user for CLI or Telnet.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to log out of a CLI or Telnet session. When you issue this command, you are asked to save your configuration changes to the current, active configuration. Enter y if you want to save your changes. Enter n if you do not want to save your changes.

Example
The following command logs out the session of a current user for CLI or Telnet:
exit

A message similar to the following is displayed:


Do you wish to save your configuration changes to primary.cfg? (y or n)

Enter y if you want to save your changes. Enter n if you do not want to save your changes.

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

179

Commands for Managing the Switch

logout
logout

Description
Logs out the session of a current user for CLI or Telnet.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to log out of a CLI or Telnet session. When you issue this command, you are asked to save your configuration changes to the current, active configuration. Enter y if you want to save your changes. Enter n if you do not want to save your changes.

Example
The following command logs out the session of a current user for CLI or Telnet:
logout

A message similar to the following is displayed:


Do you wish to save your configuration changes to primary.cfg? (y or n)

Enter y if you want to save your changes. Enter n if you do not want to save your changes.

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

180

ExtremeWare XOS 11.3 Command Reference

quit

quit
quit

Description
Logs out the session of a current user for CLI or Telnet.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to log out of a CLI or Telnet session. When you issue this command, you are asked to save your configuration changes to the current, active configuration. Enter y if you want to save your changes. Enter n if you do not want to save your changes.

Example
The following command logs out the session of a current user for CLI or Telnet:
quit

A message similar to the following is displayed:


Do you wish to save your configuration changes to primary.cfg? (y or n)

Enter y if you want to save your changes. Enter n if you do not want to save your changes.

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

181

Commands for Managing the Switch

show dhcp-client state


show dhcp-client state

Description
Displays the current DHCP/BOOTP client state for each vlan.

Syntax Description
This command has no arguments or variables.

Default
Displays the client state for all existing VLANs.

Usage Guidelines
None.

Example
The following command displays the DHCP/BOOTP status for all VLANs:
show dhcp-client state

Depending on your configurations, output from this command is similar to the following:
Client VLAN Protocol Server --------------- -------- --------------Default BOOTP 10.1.2.3 accounting DHCP 10.2.3.4 Mgmt None 0.0.0.0 A total of 3 vlan(s) where displayed Current State --------------------------------------Received IP address configured on vlan DHCP state; Requesting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

182

ExtremeWare XOS 11.3 Command Reference

show checkpoint-data

show checkpoint-data
show checkpoint-data {<process>}

Description
Displays the status of one or more processes being copied from the master MSM to the backup MSM.

Syntax Description
process Specifies the name of the processes being copied.

Default
N/A.

Usage Guidelines
This command displays, in percentages, the amount of internal state copying completed by each process and the traffic statistics between the process on both the master and the backup MSMs. This command is also helpful in debugging synchronization problems that occur at run-time. To check the status of synchronizing the MSMs, use the show switch command. Depending on the software version running on your switch and the type of switch you have, additional or different checkpoint status information may be displayed.

Example
The following command displays the checkpointing status and the traffic statics of all of the processes between the master and the backup MSM:
show checkpoint-data

The following is sample output from this command:


Process Tx Rx Errors Sent Total % Chkpt Debug-info ---------------------------------------------------------------------------devmgr 3812 1731 0 3 3 100% ON OK 1 (00008853) dirser 0 0 0 0 0 0% ON OK 1 (000008D3) ems 5 0 0 0 0 100% ON OK 1 (000008D3) nodemgr 0 0 0 0 0 0% ON OK 1 (000008D3) snmpSubagent 0 0 0 0 0 0% ON OK 1 (000018D3) snmpMaster 0 0 0 0 0 0% ON OK 1 (000008D3) cli 0 0 0 0 0 0% ON OK 1 (000018D3) edp 0 0 0 0 0 0% ON OK 1 (000008D3) cfgmgr 82 82 0 1 1 100% ON OK 1 (000018D3) elrp 0 0 0 0 0 0% ON OK 1 (000008D3) vlan 1047 1 0 0 0 100% ON OK 1 (000008D3) aaa 0 0 0 0 0 0% ON OK 1 (000008D3)

ExtremeWare XOS 11.3 Command Reference

183

Commands for Managing the Switch


fdb msgsrv eaps stp esrp polMgr mcmgr acl netLogin ospf netTools telnetd rtmgr vrrp tftpd thttpd rip dosprotect epm hal bgp pim etmon 957 0 0 1 1 0 2 0 0 0 1 0 4 378 0 0 0 0 0 0 0 0 185 2 0 0 0 0 0 2 0 0 0 0 0 4 0 0 0 0 0 0 0 0 0 185 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 100% 100% 0% 0% 100% 0% 100% 100% 0% 0% 100% 0% 100% 0% 0% 0% 0% 0% 0% 0% 0% 0% 100% ON ON ON ON ON ON ON ON ON ON ON ON ON ON ON ON ON ON ON ON ON ON ON OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3) (000008D3)

To view the output for a specific process, use the process option. The following command displays detailed information for the STP process:
show checkpoint-data stp

The following is sample output from this command:


Process Tx Rx Errors Sent Total % Chkpt Debug-info ---------------------------------------------------------------------------stp 1 0 0 0 0 0% ON OK 1 (000008D3)

History
This command was first available in ExtremeWare XOS 10.1. An error count was added to the output in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on modular switches.

184

ExtremeWare XOS 11.3 Command Reference

show management

show management
show management

Description
Displays the SNMP settings configured on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines:
The following management output is displayed:

Enable/disable state for Telnet, and SNMP access Login statistics


Enable/disable state for idle timeouts Maximum number of CLI sessions

SNMP community strings SNMP trap receiver list

For ExtremeWare XOS 11.0 and later, the following management output is also displayed:

SNMP trap receiver source IP address SNMP statistics counter SSH access states of enabled, disabled, and module not loaded CLI configuration logging SNMP access states of v1, v2c disabled and v3 enabled If all three types of SNMP access are enabled or disabled, SNMP access is displayed as either Enabled or Disabled.

For ExtremeWare XOS 11.1 and later, the following management output is also displayed:

Enable/disable state for RMON

For ExtremeWare XOS 11.2 and later, the following management output is also displayed:

Access-profile usage configured via Access Control Lists (ACLs) for additional Telnet and SSH2 security

ExtremeWare XOS 11.3 Command Reference

185

Commands for Managing the Switch

Example
The following command displays configured SNMP settings on the switch:
show management

The following is sample output from this command:


CLI idle timeout CLI max number of login attempts CLI max number of sessions CLI paging CLI space-completion CLI configuration logging Telnet access SSH access SNMP access Total Read Only Communities Total Read Write Communities RMON SNMP Traps SNMP v1/v2c TrapReceivers SNMP stats: SNMP traps: InPkts 8619 Gets 8619 Sent 0 : : : : : : : : : : : : : : : : Disabled 3 8 Enabled (this session only) Disabled (this session only) Disabled Enabled (tcp port 23 vr all) Access Profile : not set Enabled (Key valid, tcp port 22 vr all) Access Profile : not set Enabled 1 1 Disabled Enabled None AuthErrors 0

OutPkts 8619 Errors 0 GetNexts 0 Sets 0 AuthTraps Enabled

History
This command was first available in ExtremeWare XOS 10.1. The trap receiver source IP address, SNMP counter statistics, SSH access, CLI logging, and SNMP access states was added to the show management output in ExtremeWare XOS 11.0. The enabled/disabled state for RMON was added to the show management output in ExtremeWare XOS 11.1. Additional Telnet and SSH2 information about ACL usage was added to the show management output in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

186

ExtremeWare XOS 11.3 Command Reference

show node

show node
show node {detail}

Description
Displays the status of the nodes in the system as well as the general health of the system.

Syntax Description
detail Displays the information on a per-node basis rather than in a tabular format.

Default
N/A.

Usage Guidelines
Use this command to display the current status of the nodes and the health of the system. The information displayed shows the node configurations (such as node priority) and the system and hardware health computations. You can use this information to determine which node will be elected master in case of a failover. Table 11 lists the node statistic information collected by the switch.

Table 11: Node states


Node State BACKUP DOWN Description In the backup state, this node becomes the master node if the master fails or enters the DOWN state. The backup node also receives the checkpoint state data from the master. In the down state, the node is not available to participate in leader election. The node enters this state during any user action, other than a failure, that makes the node unavailable for management. Examples of user actions are: Upgrading the software Rebooting the system using the reboot command Initiating an MSM failover using the run msm-failover command Synchronizing the MSMs software and configuration in non-volatile storage using the synchronize command FAIL INIT In the fail state, the node has failed and needs to be restarted or repaired. The node reaches this state if the system has a hardware or software failure. In the initial state, the node is being initialized. A node stays in this state when it is coming up and remains in this state until it has been fully initialized. Being fully initialized means that all of the hardware has been initialized correctly and there are no diagnostic faults. In the master state, the node is responsible for all switch management functions. In the standby state, leader election occursthe master and backup nodes are elected. The priority of the node is only significant in the standby state.

MASTER STANDBY

ExtremeWare XOS 11.3 Command Reference

187

Commands for Managing the Switch

Example
The following command displays the status of the node, the priority of the node, and the general health of the system:
show node

The following is sample output from this command:


Node State Priority SwHealth HwHealth ----------------------------------------------MSM-A MASTER 0 49 7 MSM-B BACKUP 0 49 7

If you specify the detail option, the same information is displayed on a per node basis rather than in a tabular format.
Node MSM-A information: Node State: MASTER Node Priority: 0 Sw Health: 49 Hw Health: 7 Node MSM-B information: Node State: BACKUP Node Priority: 0 Sw Health: 49 Hw Health: 7

History
This command was first available in an ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches.

188

ExtremeWare XOS 11.3 Command Reference

show odometers

show odometers
show odometers

Description
Displays a counter for each component of a switch that shows how long it has been functioning since it was manufactured.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
The output from this command displays how long individual components in the switch have been functioning since it was manufactured. This odometer counter is kept in the EEPROM of each monitored component. On a modular switch, this means that even if you plug in the component into a different chassis, the odometer counter is available in the new switch chassis. Monitored Components. On a modular switch, the odometer monitors the following components:

Chassis MSMs I/O modules Power controllers

On the Summit X450 switch, the odometer monitors the following components:

Switch XGM-2xn card

Recorded Statistics. The following odometer statistics are collected by the switch:

Service DaysThe amount of days that the component has been running First Recorded Start DateThe date that the component was powered-up and began running

Depending on the software version running on your switch, the modules installed in your switch, and the type of switch you have, additional or different odometer information may be displayed.

ExtremeWare XOS 11.3 Command Reference

189

Commands for Managing the Switch

Example
The following command displays how long each component of a switch has been functioning since its manufacture date:
show odometers

The following is sample output from a BlackDiamond 10K switch:


Field Replaceable Units ----------------------Chassis : BD-10808 Slot-1 : G60X Slot-2 : G60X Slot-3 : G60X Slot-4 : Slot-5 : 10G6X Slot-6 : Slot-7 : G60T Slot-8 : 10G6X MSM-A : MSM-1XL MSM-B : MSM-1XL PSUCTRL-1 : PSUCTRL-2 : Service Days ------107 99 74 151 49 184 146 62 172 152 First Recorded Start Date -------------Feb-23-2004 Dec-10-2003 Mar-22-2004 Jan-12-2004 Apr-09-2004 Dec-03-2003 Jan-12-2004 Apr-21-2004 Dec-14-2003 Mar-17-2004

The following is sample output from the BlackDiamond 8800 family of switches:
Field Replaceable Units ------------------------Chassis : BD-8810 Slot-1 : G48T Slot-2 : 10G4X Slot-3 : G48T Slot-4 : G24X Slot-5 : G8X Slot-6 : Slot-7 : 10G4X Slot-8 : 10G4X Slot-9 : G48P Slot-10 : MSM-A : MSM-G8X MSM-B : PSUCTRL-1 : PSUCTRL-2 : Service Days ------209 208 219 228 226 139 160 133 111 137 209 208 First Recorded Start Date -------------Dec-07-2004 Dec-07-2004 Nov-02-2004 Oct-26-2004 Oct-19-2004 Dec-07-2004 Dec-16-2004 Dec-14-2004 Nov-04-2004 Dec-07-2004 Dec-07-2004 Dec-07-2004

The following is sample output from a Summit X450 switch:


Field Replaceable Units ------------------------Switch : SummitX450-24t XGM-2xn-1 : Service Days ------7 First Recorded Start Date -------------Dec-08-2004

190

ExtremeWare XOS 11.3 Command Reference

show odometers

History
This command was first available in ExtremeWare XOS 10.1. Information about the power controller(s) for modular switches was added to the show odometers output in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

191

Commands for Managing the Switch

show power
show power {<ps_num>} {detail}

Description
Displays the current status of the installed power supplies.

Command Syntax
ps_num detail Specifies the slot number of the installed power supply. The detail option is reserved for future use.

Default
N/A.

Usage Guidelines
Use this command to view detailed information about the health of the power supplies. This status information may be useful for your technical support representative if you have a network problem. The switch collects the following power supply information:

StateIndicates the current state of the power supply. Options are:


EmptyThere is no power supply installed. Power FailedThe power supply has failed. Powered OffThe power supply is off. Powered OnThe power supply is on and working normally.

Modular switches only: Located next to the State of the power supply, the following information provides more detailed status information. Options are:

Disabled for net power gainIndicates that the power supply is disabled in order to maximize the total available system power Configured ONIndicates that the user requested to enable a disabled power supply regardless of the affect on the total available system power Configured ON when presentIndicates that the power supply slot is currently empty, but the user requested to enable the power supply regardless of the affect on the total available system power

PartInfoProvides information about the power supply. Depending on your switch, options include: Modular switches only:

Serial numberA collection of numbers and letters, that make up the serial number of the power supply.

192

ExtremeWare XOS 11.3 Command Reference

show power

Part numberA collection of numbers and letters that make up the part number of the power supply. Internal Power Supply (PowerSupply 1 information)The Summit X450 switch comes with one power supply pre-installed at the factory. The Summit X450 power supply is not user-replaceable; therefore, the part information display indicates internal power supply. External Power Supply (PowerSupply 2 information)Displays information about the optional External Power System (EPS) that allows you to add a redundant power supply to the Summit X450 switch to protect against a power supply failure.

Summit X450 switch only:

On modular switches, the output also includes the following information:


RevisionDisplays the revision number of the power supply. OdometerSpecifies the date and how long the power supply has been operating. TemperatureSpecifies, in celsius, the current temperature of the power supply. InputSpecifies the input voltage and the current requirements of the power supply and whether the input is AC or DC. Output 1 and Output 2Specifies the output voltage and the current supplied by the power supply. The values are only displayed if known for the platform.

In ExtremeWare XOS 10.1 and earlier, use the show powersupplies {detail} command to view detailed health information about the power supplies.

Example
Modular switch example: The following command displays the status of the power supply installed in slot 1 in a modular switch:
show power 1

The following is sample output from this command:


PowerSupply 1 information: State: Powered On PartInfo: PS 2336 5003J-00479 4300-00137 Revision: 2.0 Odometer: 90 days 5 hours Temperature: 29.0 deg C Fan 1: 6473 RPM Fan 2: 6233 RPM Input: 230.00 V AC Output 1: 48.50 V, 7.25 A (48V/1104W Max) Output 2: 12.44 V, 0.62 A (12V/48W Max)

If power management needs to disable a power supply to maximize the total available power, you see Disabled for net power gain next to the state of the power supply, as shown in the sample truncated output:
PowerSupply 1 information: State: Powered Off (Disabled for net power gain) PartInfo: PS 2336 0413J-00732 4300-00137 ...

ExtremeWare XOS 11.3 Command Reference

193

Commands for Managing the Switch If you choose to always enable a power supply, regardless of the affect on the total available power, you see Configured ON next to the state of the power supply, as shown in the sample truncated output:
PowerSupply 1 information: State: Powered On (Configured ON) PartInfo: PS 2336 0413J-00732 4300-00137

Summit X450 switch example: The following command displays the status of the power supplies installed in a Summit X450 switch:
show power

The following sample output assumes that you have not installed an EPS:
PowerSupply 1 information: State: Powered On PartInfo: Internal Power Supply

PowerSupply 2 information: State: Empty

The following sample output assumes that you have installed an EPS:
PowerSupply 1 information: State: Powered On PartInfo: Internal Power Supply

PowerSupply 2 information: State: Powered On PartInfo: External Power Supply

History
This command was first available in an ExtremeWare XOS 10.1. The syntax for this command was modified in ExtremeWare XOS 11.0 from show powersupplies to show power {<ps_num>} {detail}. The output was modified to include power management details for modular switches in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all available platforms.

194

ExtremeWare XOS 11.3 Command Reference

show power budget

show power budget


show power budget

Description
Displays the power status and the amount of available and required power on a modular switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to view detailed information about the amount of power available on the switch. This status information may be useful if the show slot command displays a state of Powered OFF for any I/O module, for monitoring power, or for power planning purposes. The first table of the show power budget command displays:

Slot number of the power supply. Current state of the power supply. Options are:

EmptyThere is no power supply installed. Power FailedThe power supply has failed. Power OffThe power supply is off. Power OnThe power supply is on.

Watts and voltage amounts of the power supply. Redundant power information. Redundant power is the amount of power available if power to one PSU is lost. If a switch has PSUs with a mix of both 220V AC and 110V AC inputs, the amount of redundant power shown is based on the worst-case assumption that power to a PSU with 220V AC input is lost.

The second table of the show power budget command displays:

Slot number and name of the component installed in the slot. Options include:

I/O modules MSM modules Fan trays Empty: There is no component installed. Operational: The component is installed and operational. Present: The component is installed but not operational.

Current state of the module. Options include, among others:


ExtremeWare XOS 11.3 Command Reference

195

Commands for Managing the Switch


Down: The module is installed, but the administrator has taken the module offline. Power ON: There is sufficient system power to power up the module. Powered OFF: There is insufficient system power to keep the module up and running, or there is a mismatch between the module configured for the slot and the actual module installed in the slot. Booting: The module has completed downloading the software image and is now booting. Initializing: The module is initializing.

Watts and voltage amounts of the modules. Power Surplus or Power Shortfall.

If the amount of available power meets or exceeds the required port, the excess is displayed as the Power Surplus. If the available power is insufficient to meet the required power, the deficit is displayed as Power Shortfall.

Redundant power information. If the amount of redundant power meets or exceeds the required power, the system has (N+1) power.

YesThe system has redundant (N+1) power. NoThe system does not have redundant (N+1) power.

The information contained in this display is for planning purposes since the system operates without redundant power as long as a power surplus is shown. However, if power is lost to a single PSU when the system is not redundant, I/O modules are powered down. Please refer to the section "Understanding Power Supply Management" in Chapter 3 of the ExtremeWare XOS Concepts Guide. Depending on the software version running on your switch, the modules installed in your switch, and the type of switch you have, additional or different power information may be displayed.

Example
The following command displays the distribution of power and the available power on the switch:
show power budget

The following is sample output of this command from a BlackDiamond 10K switch:
PS State Watts 48V 12V --------------------------------------------------------------------------1 Powered On 656.00 608.00 48.00 2 Powered On 656.00 608.00 48.00 3 Empty 4 Empty 5 Powered On 656.00 608.00 48.00 6 Empty --------------------------------------------------------------------------Power Available: 1968.00 1824.00 144.00 Redundant (N+1) Power Available: 1344.00 1248.00 96.00 Slots Type State Watts 48V 12V --------------------------------------------------------------------------Slot-1 Empty Slot-2 Empty Slot-3 Empty Slot-4 Empty

196

ExtremeWare XOS 11.3 Command Reference

show power budget


Slot-5 Empty Slot-6 Empty Slot-7 G60T Operational 225.00 220.00 5.00 Slot-8 Empty MSM-A MSM-1XL Operational 444.00 444.00 0.00 MSM-B MSM-1XL Operational 444.00 444.00 0.00 FanTray-1 Operational 126.00 126.00 0.00 FanTray-2 Operational 126.00 126.00 0.00 --------------------------------------------------------------------------Power Required: 1365.00 1360.00 5.00 Power Allocated: 1365.00 1360.00 5.00 Power Surplus: 603.00 464.00 139.00 Redundant Power Supply(s) Present?: NO

The following is sample output of this command from the BlackDiamond 8800 family of switches:
PS State Watts 48V 12V --------------------------------------------------------------------------1 Powered On 1152.00 1104.00 48.00 2 Powered On 1152.00 1104.00 48.00 3 Empty 4 Empty 5 Empty 6 Empty --------------------------------------------------------------------------Power Available: 2304.00 2208.00 96.00 Redundant (N+1) Power Available: 1200.00 1152.00 48.00 Slots Type State Watts 48V 12V --------------------------------------------------------------------------Slot-1 Empty Slot-2 Empty Slot-3 G48P Operational 111.00 110.00 1.00 Inline Power (budgeted + 2% loss) 51.00 51.00 0.00 Slot-4 G48P Empty Slot-5 G8X Operational 0.00 0.00 0.00 Slot-6 G48T Operational 0.00 0.00 0.00 Slot-7 G48P Operational 111.00 110.00 1.00 Inline Power (budgeted + 2% loss) 51.00 51.00 0.00 Slot-8 Empty Slot-9 Empty Slot-10 Empty MSM-A MSM-G8X Operational 151.00 150.00 1.00 MSM-B Empty 151.00 150.00 1.00 FanTray Operational 55.00 55.00 0.00 --------------------------------------------------------------------------Power Required: 681.00 677.00 4.00 Power Allocated: 681.00 677.00 4.00 Power Surplus: 1623.00 1531.00 92.00 Redundant Power Supply(s) Present?: yes

History
This command was first available in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

197

Commands for Managing the Switch Power over Ethernet (PoE) data (inline power) was added to the show power budget output in ExtremeWare XOS 11.1. PoE data is displayed when you install a G48P module in the BlackDiamond 8800 family of switches. Redundant (N+1) power information was added to the show power budget output in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on modular switches.

198

ExtremeWare XOS 11.3 Command Reference

show power controller

show power controller


show power controller {<num>}

Description
Displays the current status of the installed power supply controllers.

Command Syntax
num Specifies the slot number of the installed power supply controller.

Default
N/A.

Usage Guidelines
Use this command to view detailed information about the health of the power supply controllers. Power controllers collect data about the installed power supplies and report the results to the MSM This status information may be useful for your technical support representative if you have a network problem. The switch collects the following power supply controller information:

StateIndicates the current state of the power supply controller. Options are:

Empty: There is no power supply controller installed. Operational: The power supply controller is installed and operational. Present: The power supply controller is installed. Slot number where the power supply controller is installed. Serial number, a collection of numbers and letters, that make up the serial number of the power supply controller. Part number, a collection of numbers and letters that make up the part number of the power supply controller.

PartInfoProvides information about the power supply controller including the:


RevisionDisplays the revision number of the power supply controller. FailureCodeSpecifies the failure code of the power supply controller. OdometerSpecifies the date and how long the power supply controller has been operating. TemperatureSpecifies, in celsius, the current temperature of the power supply controller. StatusSpecifies the status of the power supply controller.

ExtremeWare XOS 11.3 Command Reference

199

Commands for Managing the Switch

Example
The following command displays the status of the installed power supply controllers:
show power controller

The following is sample output from this command:


PSUCTRL-1 information: State: Present PartInfo: Mead 1 0410F-01217 7040255-00-05 Revision: 5.0 FailureCode: 0 Odometer: 3 days 8 minutes 10 seconds since May-21-2004 Temperature: 25.0 deg C Status: PSU CTRL Mode: Master PSUCTRL-2 information: State: Empty

If you have two power supply controllers installed, the switch displays output about both of the power supply controllers:
PSUCTRL-1 information: State: Operational PartInfo: PSUCTRL-1 04334-00021 450117-00-01 Revision: 1.0 FailureCode: 0 Odometer: 17 days 5 hours 30 minutes since Oct-19-2004 Temperature: 35.1 deg C Status: PSU CTRL Mode: Master PSUCTRL-2 information: State: Operational PartInfo: PSUCTRL-2 04334-00068 450117-00-01 Revision: 1.0 FailureCode: 0 Odometer: 4 days 13 hours since Sep-21-2004 Temperature: 33.56 deg C Status: PSU CTRL Mode: Backup

History
This command was first available in an ExtremeWare XOS 11.0.

Platform Availability
This command is available only on modular switches.

200

ExtremeWare XOS 11.3 Command Reference

show session

show session
show session {{detail} {<sessID>}} {history}

Description
Displays the currently active Telnet and console sessions communicating with the switch.

Syntax Description
detail sessID history Specifies more detailed session information. Specifies a session ID number. Displays a list of all sessions.

Default
N/A.

Usage Guidelines
The show session command displays the username and IP address of the incoming Telnet session, whether a console session is currently active, and the login time. Each session is numbered. Beginning with ExtremeWare XOS 11.2, the switch accepts IPv6 connections. If the incoming session is from an IPv6 address, the show session output indicates IPv6. You can specify the following options to alter the session output:

detailThe output for all current sessions is displayed in a list format. sessIDThe output for the specified session is displayed in a list format. historyDisplays a list of current and previous sessions, including the user, type of session, location, and start and end time of the session.

The show session command fields are defined in Table 12.

Table 12: Show command field definitions


Field # Login Time User Type Auth CLI Auth Location Definition Indicates session number. Indicates login time of session. Indicates the user logged in for each session. Indicates the type of session, for example: console, telnet, http, https. Indicates how the user is logged in. Indicates the type of authentication (RADIUS and TACAS) if enabled. Indicates the location (IP address) from which the user logged in. The output also indicates if the location is an IPv6 address.

ExtremeWare XOS 11.3 Command Reference

201

Commands for Managing the Switch

Example
The following command displays the active sessions on the switch:
show session

The following is sample output from this command:


CLI # Login Time User Type Auth Auth Location ================================================================================ 1 Thu Apr 28 20:16:56 2005 admin console local dis serial *2 Thu Apr 28 23:36:20 2005 admin ssh2 local dis 3001::20d:88ff:fec5:ad40 3 Fri Apr 29 11:14:27 2005 admin telnet local dis 10.255.44.55

The following command displays a list of current and previous sessions on the switch:
show session history

The following is sample output from this command:


Session History: admin console 00 2004 Mon Jun 21 10:00:16 2004 admin console 11 2004 Tue Jun 22 11:46:48 2004 admin console 44 2004 Wed Jun 23 14:11:47 2004 admin console 25 2004 Thu Jun 24 07:08:55 2004 admin console 07 2004 Active serial serial serial serial serial Mon Jun 21 09:19: Tue Jun 22 07:28: Wed Jun 23 10:05: Thu Jun 24 07:07: Thu Jun 24 13:30:

History
This command was first available in ExtremeWare XOS 10.1. Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

202

ExtremeWare XOS 11.3 Command Reference

show snmpv3 access

show snmpv3 access


show snmpv3 access {[[hex <hex_group_name>] | <group_name>]}

Description
Displays SNMPv3 access rights.

Syntax Description
hex group_name Specifies that the value to follow is to be supplied as a colon separated string of hex octets. Specifies the name of the group to display.

Default
N/A.

Usage Guidelines
The show snmpv3 access command displays the access rights of a group. If you do not specify a group name, the command will display details for all the groups. This command displays the SNMPv3 vacmAccessTable entries.

Example
The following command displays all the access details:
show snmpv3 access

The following is sample output from this command:


Group Name Context Prefix Security Model Security Level Context Match Read View Write View Notify View Storage Type Row Status Group Name Context Prefix Security Model Security Level Context Match Read View : : : : : : : : : : : : : : : : admin USM Authentication Privacy Exact defaultAdminView defaultAdminView defaultNotifyView Permanent Active initial USM No-Authentication No-Privacy Exact defaultUserView

ExtremeWare XOS 11.3 Command Reference

203

Commands for Managing the Switch


Write View Notify View Storage Type Row Status Group Name Context Prefix Security Model Security Level Context Match Read View Write View Notify View Storage Type Row Status Group Name Context Prefix Security Model Security Level Context Match Read View Write View Notify View Storage Type Row Status Group Name Context Prefix Security Model Security Level Context Match Read View Write View Notify View Storage Type Row Status Group Name Context Prefix Security Model Security Level Context Match Read View Write View Notify View Storage Type Row Status : : defaultNotifyView : Permanent : Active : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : v1v2c_ro snmpv1 No-Authentication No-Privacy Exact defaultUserView defaultNotifyView Permanent Active v1v2c_rw snmpv1 No-Authentication No-Privacy Exact defaultUserView defaultUserView defaultNotifyView Permanent Active v1v2cNotifyroup snmpv2c No-Authentication No-Privacy Exact

defaultNotifyView Permanent Active v1v2cNotifyGroup snmpv1 No-Authentication No-Privacy Exact

defaultNotifyView Permanent Active

Total num. of entries in vacmAccessTable : 6

The following command displays the access rights for the group group1:
show snmpv3 access group1

204

ExtremeWare XOS 11.3 Command Reference

show snmpv3 access

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

205

Commands for Managing the Switch

show snmpv3 context


show snmpv3 context

Description
Displays information about the SNMPv3 contexts on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines:
This command displays the entries in the View-based Access Control Model (VACM) context table (VACMContextTable).

Example
The following command displays information about the SNMPv3 contexts on the switch:
show snmpv3 context

The following is sample output from this command:


VACM Context Name : Note : This Version Supports one global context ("")

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

206

ExtremeWare XOS 11.3 Command Reference

show snmpv3 counters

show snmpv3 counters


show snmpv3 counters

Description
Displays SNMPv3 counters.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
The show snmpv3 counters command displays the following SNMPv3 counters:

snmpUnknownSecurityModels snmpInvalidMessages snmpUnknownPDUHandlers usmStatsUnsupportedSecLevels usmStatsNotInTimeWindows usmStatsUnknownUserNames usmStatsUnknownEngineIDs usmStatsWrongDigests usmStatsDecryptionErrors

Issuing the command clear counters resets all counters to zero.

Example
The following command displays all the SNMPv3 counters.
show snmpv3 counters

The following is sample output from this command:


snmpUnknownSecurityModels snmpInvalidMessages snmpUnknownPDUHandlers usmStatsUnsupportedSecLevels usmStatsNotInTimeWindows usmStatsUnknownUserNames usmStatsUnknownEngineIDs : : : : : : : 0 0 0 0 0 0 0

ExtremeWare XOS 11.3 Command Reference

207

Commands for Managing the Switch


usmStatsWrongDigests usmStatsDecryptionErrors : 0 : 0

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

208

ExtremeWare XOS 11.3 Command Reference

show snmpv3 engine-info

show snmpv3 engine-info


show snmpv3 engine-info

Description
Displays information about the SNMPv3 engine on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines:
The following show engine-info output is displayed:

Engine-IDEither the ID auto generated from MAC address of switch, or the ID manually configured. Engine BootsNumber of times the agent has been rebooted. Engine TimeTime since agent last rebooted, in centiseconds. Max. Message SizeMaximum SNMP Message size supported by the Engine (8192).

Example
The following command displays information about the SNMPv3 engine on the switch:
show snmpv3 engine-info

The following is sample output from this command:


SNMP SNMP SNMP SNMP Engine-ID Engine Boots Engine Time Max. Message Size : : : : 80:0:7:7c:3:0:30:48:41:ed:97 'H' 1 866896 8192

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

209

Commands for Managing the Switch

show snmpv3 filter


show snmpv3 filter {[[hex <hex_profile_name>] | <profile_name>] {{subtree} <object_identifier>}

Description
Displays the filters that belong a filter profile.

Syntax Description
hex_profile_name profile_name object_identifier Specifies the filter profile to display. The value is to be supplied as a colon separated string of hex octets. Specifies the filter profile to display in ASCII format. Specifies a MIB subtree.

Default
N/A.

Usage Guidelines
Use this command to display entries from the snmpNotifyFilterTable. If you specify a profile name and subtree, you will display only the entries with that profile name and subtree. If you specify only the profile name, you will display all entries for that profile name. If you do not specify a profile name, then all the entries are displayed.

Example
The following command displays the part of filter profile prof1 that includes the MIB subtree 1.3.6.1.4.1:
show snmpv3 filter prof1 subtree 1.3.6.1.4.1

The following is sample output from this command:


Profile Name Subtree Mask Type Storage Type Row Status : : : : : : prof1 1.3.6.1.4.1 Included NonVolatile Active

History
This command was first available in ExtremeWare XOS 10.1. The hex_profile_name parameter was added in ExtremeWare XOS 11.0.

210

ExtremeWare XOS 11.3 Command Reference

show snmpv3 filter

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

211

Commands for Managing the Switch

show snmpv3 filter-profile


show snmpv3 filter-profile {[[hex <hex_profile_name>] | <profile_name>]} {param [[hex <hex_param_name>] | <param_name>]}

Description
Displays the association between parameter names and filter profiles.

Syntax Description
hex_profile_name profile_name hex_param_name param_name Specifies the filter profile name. The value is to be supplied as a colon separated string of hex octets. Specifies the filter profile name in ASCII format. Specifies the parameter name. The values is to be supplied as a colon separated string of hex octets. Specifies the parameter name in ASCII format.

Default
N/A.

Usage Guidelines
Use this command to display the snmpNotifyFilterProfileTable. This table associates a filter profile with a parameter name. The parameter name is associated with target addresses, and the filter profile is associated with a series of filters, so, in effect, you are associating a series of filters with a target address.

Example
The following command displays the entry with filter profile prof1 with the parameter name P1:
show snmpv3 filter-profile prof1 param P1

The following is sample output of this command:


Filter Profile Params Name : p1 Name : prof1 Storage Type : NonVolatile Row Status : Active

History
This command was first available in ExtremeWare XOS 10.1. The hex_profile_name and hex_param_name parameters were added in ExtremeWare XOS 11.0.

212

ExtremeWare XOS 11.3 Command Reference

show snmpv3 filter-profile

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

213

Commands for Managing the Switch

show snmpv3 group


show snmpv3 group {[[hex <hex_group_name>] | <group_name>] {user [[hex <hex_user_name>] | <user_name>]}}

Description
Displays the user name (security name) and security model association with a group name.

Syntax Description
hex_group_name group_name hex_user_name user_name Specifies the group name to display. The value is to be supplied as a colon separated string of hex octets. Specifies the group name to display. The value is to be supplied in ASCII format. Specifies the user name to display. The value is to be supplied as a colon separated string of hex octets. Specifies the user name to display. The value is to be supplied in ASCII format.

Default
N/A.

Usage Guidelines
The show snmpv3 group command displays the details of a group with the given group name. If you do not specify a group name, the command will display details for all the groups. This command displays the SNMPv3 vacmSecurityToGroupTable.

Example
The following command displays information about all groups for every security model and user name:
show snmpv3 group

The following is sample output from this command:


Group Name Security Name Security Model Storage Type Row Status Group Name Security Name Security Model Storage Type Row Status : : : : : : : : : : v1v2c_ro v1v2c_ro snmpv1 Permanent Active v1v2c_rw v1v2c_rw snmpv1 Permanent Active

214

ExtremeWare XOS 11.3 Command Reference

show snmpv3 group

Group Name Security Name Security Model Storage Type Row Status Group Name Security Name Security Model Storage Type Row Status Group Name Security Name Security Model Storage Type Row Status Group Name Security Name Security Model Storage Type Row Status Group Name Security Name Security Model Storage Type Row Status Group Name Security Name Security Model Storage Type Row Status Group Name Security Name Security Model Storage Type Row Status Group Name Security Name Security Model Storage Type Row Status

: : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : :

v1v2c_ro v1v2c_ro snmpv2c Permanent Active v1v2c_rw v1v2c_rw snmpv2c Permanent Active admin admin USM Permanent Active initial initial USM Permanent Active initial initialmd5 USM Permanent Active initial initialsha USM Permanent Active initial initialmd5Priv USM Permanent Active initial initialshaPriv USM Permanent Active

Total num. of entries in vacmSecurityToGroupTable : 10

ExtremeWare XOS 11.3 Command Reference

215

Commands for Managing the Switch The following command shows information about the group testgroup and user name testuser:
show snmpv3 group testgroup user testuser

The following is sample output from this command:


Group Name Security Name Security Model Storage Type Row Status : : : : : testgroup testuser USM NonVolatile Active

History
This command was first available in ExtremeWare XOS 10.1. The hex_group_name and hex_user_name parameters were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

216

ExtremeWare XOS 11.3 Command Reference

show snmpv3 mib-view

show snmpv3 mib-view


show snmpv3 mib-view {[[hex <hex_view_name>] | <view_name>] {subtree <object_identifier>}}

Description
Displays a MIB view.

Syntax Description
hex_view_name view_name object_identifier Specifies the name of the MIB view to display. The value is to be supplied as a colon separated string of hex octets. Specifies the name of the MIB view to display. The value is to be supplied in ASCII format. Specifies the object identifier of the view to display.

Default
N/A.

Usage Guidelines
The show snmpv3 mib-view command displays a MIB view. If you do not specify a view name, the command will display details for all the MIB views. If a subtree is not specified, then all subtrees belonging to the view name will be displayed. This command displays the SNMPv3 vacmViewTreeFamilyTable.

Example
The following command displays all the view details:
show snmpv3 mib-view

The following is sample output from this command:


View Name MIB Subtree View Type Storage Type Row Status View Name MIB Subtree View Type Storage Type Row Status : : : : : : : : : : defaultUserView 1 Included Permanent Active defaultUserView 1.3.6.1.6.3.16 Excluded Permanent Active

ExtremeWare XOS 11.3 Command Reference

217

Commands for Managing the Switch


View Name MIB Subtree View Type Storage Type Row Status View Name MIB Subtree View Type Storage Type Row Status View Name MIB Subtree View Type Storage Type Row Status View Name MIB Subtree View Type Storage Type Row Status View Name MIB Subtree View Type Storage Type Row Status View Name MIB Subtree View Type Storage Type Row Status : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : defaultUserView 1.3.6.1.6.3.18 Excluded Permanent Active defaultUserView 1.3.6.1.6.3.15.1.2.2.1.4 Excluded Permanent Active defaultUserView 1.3.6.1.6.3.15.1.2.2.1.6 Excluded Permanent Active defaultUserView 1.3.6.1.6.3.15.1.2.2.1.9 Excluded Permanent Active defaultAdminView 1 Included Permanent Active defaultNotifyView 1 Included Permanent Active

Total num. of entries in vacmViewTreeFamilyTable : 8

The following command displays a view with the view name Roview and subtree 1.3.6.1.2.1.1:
show snmpv3 mib-view Roview subtree 1.3.6.1.2.1.1

History
This command was first available in ExtremeWare XOS 10.1. The hex_view_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

218

ExtremeWare XOS 11.3 Command Reference

show snmpv3 notify

show snmpv3 notify


show snmpv3 notify {[[hex <hex_notify_name>] | <notify_name>]}

Description
Displays the notifications that are set. This command displays the snmpNotifyTable.

Syntax Description
hex_notify_name notify_name Specifies the parameter name associated with the target. The value is to be supplied as a colon separated string of hex octets. Specifies the parameter name associated with the target. The value is to be supplied in ASCII format.

Default
N/A.

Usage Guidelines
Use this command to display entries from the SNMPv3 snmpNotifyTable. This table lists the notify tags that the agent will use to send notifications (traps). If no notify name is specified, all the entries are displayed.

Example
The following command displays the notify table entry for N1:
show snmpv3 notify N1

The following is sample output from this command:


Notify Name Tag Type Storage Type Row Status : : : : : N1 type1 Trap NonVolatile Active

History
This command was first available in ExtremeWare XOS 10.1. The hex_notify_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

219

Commands for Managing the Switch

show snmpv3 target-addr


show snmpv3 target-addr {[[hex <hex_addr_name>] | <addr_name>]}

Description
Displays information about SNMPv3 target addresses.

Syntax Description
hex_addr_name addr_name Specifies an identifier for the target address. The value is to be supplied as a colon separated string of hex octets. Specifies a string identifier for the target address.

Default
N/A.

Usage Guidelines
Use this command to display entries in the SNMPv3 snmpTargetAddressTable. If no target address is specified, the entries for all the target addresses will be displayed. To view the source IP address, use the show management command.

Example
The following command displays the entry for the target address named A1:
show snmpv3 target-addr A1

The following is sample output from this command:


Target Addr Name TDomain TAddress TMask Timeout Retry Count Tag List Params Storage Type Row Status Storage Type Row Status : : : : : : : : : : : : A1 1.3.6.1.6.1.1 10.201.31.234, 162 1500 0 defaultNotify v1v2cNotifyParam1 NonVolatile Active NonVolatile Active

220

ExtremeWare XOS 11.3 Command Reference

show snmpv3 target-addr

History
This command was first available in ExtremeWare XOS 10.1. This command was modified in ExtremeWare XOS 11.0 to display a list of tags if more than one was configured and to display the timeout value for the entry in the snmpTargetAddrTable. This command was also modified to support the hex_addr_name parameter.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

221

Commands for Managing the Switch

show snmpv3 extreme-target-addr-ext


show snmpv3 extreme-target-addr-ext [[hex <hex_addr_name>] | <addr_name>]

Description
Displays information about SNMPv3 target addresses enhanced or standard mode.

Syntax Description
hex_addr_name addr_name Specifies an identifier for the target address. The value is to be supplied as a colon separated string of hex octets. Specifies a string identifier for the target address.

Default
N/A.

Usage Guidelines
Use this command to display entries in the SNMPv3 extremeTargetAddressExtTable.

Example
The following command displays the entry for the target address named A1:
show snmpv3 extreme-target-addr-ext A1

The following is sample output from this command:


Target Addr Name Mode IgnoreMPModel UseEventComm : : : : A1 Enhanced No Yes

History
This command was first available in ExtremeWare XOS 10.1. The hex_addr_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

222

ExtremeWare XOS 11.3 Command Reference

show snmpv3 target-params

show snmpv3 target-params


show snmpv3 target-params {[[hex <hex_target_params>] | <target_params>]}

Description
Displays the information about the options associated with the parameter name.

Syntax Description
hex_target_params target_params Specifies the parameter to display. The value is to be supplied as a colon separated string of hex octets. Specifies the parameter name to display. The value is to be supplied in ASCII format.

Default
N/A.

Usage Guidelines
Use this command to display entries from the SNMPv3 snmpTargetParamsTable. This table specifies the message processing model, security level, security model, and the storage parameters for messages to any target addresses associated with a particular parameter name. If no parameter name is specified, all the entries are displayed.

Example
The following command displays the target parameter entry named P1:
show snmpv3 target-params P1

The following is sample output from this command:


Target Params Name MP Model Security Model User Name Security Level Storage Type Row Status : : : : : : : p1 snmpv2c snmpv2c testuser No-Authentication No-Privacy NonVolatile Active

History
This command was first available in ExtremeWare XOS 10.1. The hex_target_params parameter was added in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

223

Commands for Managing the Switch

Platform Availability
This command is available on all platforms.

224

ExtremeWare XOS 11.3 Command Reference

show snmpv3 user

show snmpv3 user


show snmpv3 user {[[hex <hex_user_name>] | <user_name>]}

Description
Displays detailed information about the user.

Syntax Description
hex_user_name user_name Specifies the user name to display. The value is to be supplied as a colon separated string of hex octets. Specifies the user name to display. The value is to be supplied in ASCII format.

Default
N/A.

Usage Guidelines
The show snmpv3 user command displays the details of a user. If you do not specify a user name, the command will display details for all the users. The authentication and privacy passwords and keys will not be displayed. The user entries in SNMPv3 are stored in the USMUserTable, so the entries are indexed by EngineID and user name.

Example
The following command lists all user entries:
show snmpv3 user

The following is sample output from this command:


Engine-ID User Name Security Name Authentication Privacy Storage Type Row Status Engine-ID User Name Security Name Authentication Privacy Storage Type : : : : : : : : : : : : : 80:00:07:7c:03:00:04:96:1f:a2:60 'H' admin admin HMAC-MD5 DES Permanent Active 80:00:07:7c:03:00:04:96:1f:a2:60 'H' initial initial No-Authentication No-Privacy Permanent

ExtremeWare XOS 11.3 Command Reference

225

Commands for Managing the Switch


Row Status Engine-ID User Name Security Name Authentication Privacy Storage Type Row Status Engine-ID User Name Security Name Authentication Privacy Storage Type Row Status Engine-ID User Name Security Name Authentication Privacy Storage Type Row Status Engine-ID User Name Security Name Authentication Privacy Storage Type Row Status : Active : : : : : : : : : : : : : : : : : : : : : : : : : : : : 80:00:07:7c:03:00:04:96:1f:a2:60 'H' initialmd5 initialmd5 HMAC-MD5 No-Privacy Permanent Active 80:00:07:7c:03:00:04:96:1f:a2:60 'H' initialsha initialsha HMAC-SHA No-Privacy Permanent Active 80:00:07:7c:03:00:04:96:1f:a2:60 'H' initialmd5Priv initialmd5Priv HMAC-MD5 DES Permanent Active 80:00:07:7c:03:00:04:96:1f:a2:60 'H' initialshaPriv initialshaPriv HMAC-SHA DES Permanent Active

Total num. of entries in usmUserTable : 6

The following command lists details for the specified user, testuser:
show snmpv3 user testuser

History
This command was first available in ExtremeWare XOS 10.1. The hex_user_name parameter was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

226

ExtremeWare XOS 11.3 Command Reference

show sntp-client

show sntp-client
show sntp-client

Description
Displays the DNS configuration.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Displays configuration and statistics information of SNTP client.

Example
The following command displays the SNTP configuration:
show sntp-client

The following is sample output from this command:


SNTP client is enabled SNTP time is valid Primary server: 172.17.1.104 Secondary server: 172.17.1.104 Query interval: 64 Last valid SNTP update: From server 172.17.1.104, on Wed Oct 30 22:46:03 2003 SNTPC Statistics: Packets transmitted: to primary server: 1 to secondary server: 0 Packets received with valid time: from Primary server: 1 from Secondary server: 0 from Broadcast server: 0 Packets received without valid time: from Primary server: 0 from Secondary server: 0 from Broadcast server: 0 Replies not received to requests: from Primary server: 0 from Secondary server: 0

ExtremeWare XOS 11.3 Command Reference

227

Commands for Managing the Switch

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

228

ExtremeWare XOS 11.3 Command Reference

telnet

telnet
telnet {vr <vr_name>} [<host_name> | <remote_ip>] {<port>}

Description
Allows you to Telnet from the current command-line interface session to another host.

Syntax Description
vr Specifies use of a virtual router. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created virtual routers. vr_name host_name remote_ip port Specifies the name of the virtual router. Specifies the name of the host. Specifies the IP address of the host. Specifies a TCP port number. The default is port 23.

Default

Telnetenabled Virtual routerUses all virtual routers on the switch for outgoing Telnet requests Port23

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created virtual routers.

Only VT100 emulation is supported. Before you can start an outgoing Telnet session, you need to configure the switch IP parameters. To open a Telnet connection, you must specify the host IP address or the host name of the device you want to connect to. Check the user manual supplied with the Telnet facility if you are unsure of how to do this. Although the switch accepts IPv6 connections, you can only Telnet from the switch to another device with an IPv4 address. You must configure DNS in order to use the host_name option. Host Name and Remote IP Address Character Restrictions. This section provides information about the characters supported by the switch for host names and remote IP addresses. When specifying a host name or remote IP address, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z)

ExtremeWare XOS 11.3 Command Reference

229

Commands for Managing the Switch


Numerals (0-9) Period ( . ) Dash ( - ) Permitted only for host names Underscore ( _ ) Permitted only for host names Colon ( : )

When naming or configuring an IP address for your network server, remember the requirements listed above. Virtual Router Requirements. The vr_name option specifies the name of the virtual router. The valid virtual router names at system boot-up are VR-Mgmt, VR-Control, and VR-Default; however, you can only Telnet on VR-Mgmt and VR-Default. On the BlackDiamond 10K switch, you can also create and configure your own virtual routers. In ExtremeWare XOS 10.1, the valid virtual routers are VR-0, VR-1, and VR-2 respectively, and Telnet used VR-0 by default. For more information about virtual routers, see Virtual Routers in the ExtremeWare XOS Concepts Guide.

Example
The following command starts a Telnet client communication to the host at IP address 123.45.67.8:
telnet 123.45.67.8

The following command starts a Telnet client communication with a host named sales:
telnet sales

History
This command was first available in ExtremeWare XOS 10.1. Support for the following virtual routers was added in ExtremeWare XOS 11.0: VR-Mgmt and VR-Default.

Platform Availability
This command is available on all platforms.

230

ExtremeWare XOS 11.3 Command Reference

telnet msm

telnet msm
telnet msm [a | b]

Description
Allows you to Telnet to either the primary or the backup MSM regardless of which console port you are connected to.

Syntax Description
a b Specifies the MSM installed in slot A. Specifies the MSM installed in slot B.

Default
N/A.

Usage Guidelines
Use this command to access either the primary or the backup MSM regardless of which console port you are connected to. For example, if MSM A is the primary MSM and you are connected to MSM A via its console port, you can access the backup MSM installed in slot B by issuing the telnet msm b command. You must have a console connection to the MSM and Telnet must be enabled on the system to Telnet into the other installed MSM. If Telnet is disabled, the MSM you are attempting to access will time-out. For example, if you connect to MSM A and attempt to Telnet to MSM B, MSM B will time-out. If you have an active Telnet session to the other MSM and subsequently disable Telnet, that MSM disconnects your session. For example, if you connect to MSM A, Telnet to MSM B, then from a different connection to MSM A issue the the disable telnet command, MSM B returns an error message and disconnects your Telnet session.

Example
The following example makes the following assumptions:

Telnet is enabled on the system The MSM installed in slot A is the primary The MSM installed in slot B is the backup You have a console connection to MSM B

The following command accesses the primary MSM installed in slot A from the backup MSM installed in slot B:
telnet msm a

ExtremeWare XOS 11.3 Command Reference

231

Commands for Managing the Switch

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available only on modular switches.

232

ExtremeWare XOS 11.3 Command Reference

tftp

tftp
tftp [<host_name> | <ip_address>] {-v <vr_name>} [-g | -p] [{-l [<local_file> | memorycard <local-file-memcard>]} {-r <remote_file>} | {-r <remote_file>} {-l [<local_file> | memorycard <local-file-memcard]}]

Description
Allows you to TFTP from the current command line interface session to a TFTP server.

Syntax Description
host_name ip_address vr_name Specifies the name of the remote host. Specifies the IP address of the TFTP server. Specifies the name of the virtual router. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. -g -p local_file memorycard remote_file Gets the specified file from the TFTP server and copies it to the local host. Puts the specified file from the local host and copies it to the TFTP server. Specifies the name of the file (configuration file, policy file) on the local host. Specifies the removable external compact flash card. NOTE: This parameter is available only on modular switches. Specifies the name of the file on the remote host.

Default
If you do not specify a virtual router, VR-Mgmt is used.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

NetASCII and mail file type formats are not supported. TFTP Server Requirements. Extreme Networks recommends using a TFTP server that supports blocksize negotiation (as described in RFC 2348, TFTP Blocksize Option), to enable faster file downloads and larger file downloads. If the TFTP server does not support blocksize negotiation, the file size is limited to 32 MB. Older TFTP servers that do not support blocksize negotiation have additional implementation limits that may decrease the maximum file size to only 16 MB, which may be too small to install ExtremeWare XOS images.

ExtremeWare XOS 11.3 Command Reference

233

Commands for Managing the Switch If your TFTP server does not support blocksize negotiation, the switch displays a message similar to the following when you attempt a get (-g) or put (-p) operation:
Note: The blocksize option is not supported by the remote TFTP server. Without this option, the maximum file transfer size is limted to 32MB. Some older TFTP servers may be limited to 16MB file.

Using TFTP. Use TFTP to download a previously saved configuration file or policy file from the TFTP server to the switch. When you download a file, this command does not automatically apply it to the switch. You must specify that the downloaded file be applied to the switch. For example, if you download a configuration file, issue the use configuration command to apply the saved configuration on the next reboot. You must use the reboot command to activate the new configuration. If you download a policy file, use the refresh policy command to reprocess the text file and update the policy database. You also use TFTP to upload a saved configuration file or policy file from the switch to the TFTP server. If your download from the TFTP server to the switch is successful, the switch displays a message similar to the following:
Downloading megtest2.cfg to switch... done!

If your upload from the switch to the TFTP server is successful, the switch displays a message similar to the following:
Uploading megtest1.cfg to TFTPhost ... done!

Up to eight active TFTP sessions can run on the switch concurrently. You must configure DNS in order to use the host_name option. Host Name and Remote IP Address Character Restrictions. This section provides information about the characters supported by the switch for host names and remote IP addresses. When specifying a host name or remote IP address, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Permitted only for host names Underscore ( _ ) Permitted only for host names Colon ( : )

When naming or configuring an IP address for your network server, remember the requirements listed above. Local and Remote Filename Character Restrictions. This section provides information about the characters supported by the switch for local and remote filenames. When specifying a local or remote filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . )

234

ExtremeWare XOS 11.3 Command Reference

tftp

Dash ( - ) Underscore ( _ ) Slash ( / ) Permitted only for remote files

When naming a local or remote file, remember the requirements listed above. Virtual Router Requirements. The vr_name option specifies the name of the virtual router. The valid virtual router names at system boot-up are VR-Mgmt, VR-Control, and VR-Default; however, you can only TFTP on VR-Mgmt and VR-Default. On the BlackDiamond 10K switch, you can also create and configure your own virtual routers. In ExtremeWare XOS 10.1, the valid virtual routers are VR-0, VR-1, and VR-2 respectively. For more information about virtual routers, see Virtual Routers in the ExtremeWare XOS Concepts Guide. Modular Switches Only. If you specify the memorycard option, you can copy and transfer files to and from the external memory card using TFTP. Other Useful Commands. On the Summit X450 switch and the BlackDiamond 10K switch, use the download bootrom command to upgrade the BootROM. This command utilizes TFTP to transfer the BootROM image file from your TFTP server to the switch. Only upgrade the BootROM when asked to do so by an Extreme Networks technical representative. For more information about this command, see download bootrom on page 1617. To upgrade the image, use the download image command. This command utilizes TFTP to transfer the software image file from your TFTP server to the switch. For more information about this command, see download image on page 1620.

Example
The following command downloads the configuration file named XOS1.cfg from the TFTP server with an IP address of 10.123.45.67:
tftp 10.123.45.67 -g -r XOS1.cfg

The following command retrieves and transfer files from the external memory card installed in a modular switch:
tftp 10.1.2.3. -g -l memorycard test.pol -r august23.pol

History
This command was first available in ExtremeWare XOS 10.1. Support for the memorycard option was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

235

Commands for Managing the Switch

236

ExtremeWare XOS 11.3 Command Reference

Commands for Managing the ExtremeWare XOS Software


Working with the configuration and policy files used by the switch Starting, stopping, and displaying information about processes on the switch Viewing system memory resources Monitoring CPU utilization NOTE

This chapter describes commands for:


For information about downloading and upgrading a new software image, saving configuration changes, and upgrading the BootROM, see Appendix A, Software Upgrade and Boot Options.

Like any advanced operating system, ExtremeWare XOS gives you the tools to manage your switch and create your network configurations. With the introduction of ExtremeWare XOS, the following enhancements and functionality have been added to the switch operating system:

File system administrationYou can move, copy, and delete files from the switch. The file system structure allows you to keep, save, rename, and maintain multiple copies of configuration files on the switch. In addition, you can manage other entities of the switch such as policies and access control lists (ACLs). Configuration file managementYou can oversee and manage multiple configuration files on your switch. In addition, you can upload, download, modify, and name configuration files used by the switch. Process controlYou can stop and start processes, restart failed processes, and update the software for a specific process or set of processes. Memory protectionWith memory protection, ExtremeWare XOS protects each process from every other process in the system. If one process experiences a memory fault, that process cannot affect the memory space of another process. CPU monitoringYou can monitor CPU utilization for Management Switch Fabric Modules (MSMs) and the individual processes running on the switch. Monitoring the workload of the CPU allows you to troubleshoot and identify suspect processes. NOTE

Filenames are case-sensitive. For information on filename restrictions, please refer to the specific command in the ExtremeWare XOS Command Reference Guide.

ExtremeWare XOS 11.3 Command Reference

237

Commands for Managing the ExtremeWare XOS Software

clear cpu-monitoring
clear cpu-monitoring {process <name>} {slot <slotid>}

Description
Clears, resets the CPU utilization history and statistics stored in the switch.

Syntax Description
name slotid Specifies the name of the process. Specifies the slot number of the MSM module: A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
If you do not specify any keywords, this command clears the CPU utilization history for the entire switch, including processes, and resets the statistics to zero (0). On modular switches, this command also clears the CPU utilization history of the installed MSMs. If you specify process, the switch clears and resets the CPU utilization history for the specified process. Modular Switches Only. If you specify slot, the switch clears and resets the CPU utilization history for the specified MSM.

Example
The following command resets the CPU history and resets the statistics to 0 for the TFTP process running on the MSM installed in slot A of a modular switch:
clear cpu-monitoring process tftpd slot A

The following command resets the CPU history and resets statistics to 0 for the TFTP process running on the Summit X450 switch:
clear cpu-monitoring process tftpd

History
This command was first available in ExtremeWare XOS 11.2.

238

ExtremeWare XOS 11.3 Command Reference

clear cpu-monitoring

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

239

Commands for Managing the ExtremeWare XOS Software

cp
cp {memorycard} <old-name> {memorycard} <new-name>

Description
Copies an existing configuration or policy file in the system.

Syntax Description
memorycard old-name new-name Specifies the removable external compact flash memory card. NOTE: This parameter is available only on modular switches. Specifies the name of the configuration or policy file that you want to copy. Specifies the name of the copied configuration or policy file.

Default
N/A.

Usage Guidelines
Use this command to make a copy of an existing file before you alter or edit the file. By making a copy, you can easily go back to the original file if needed. Configuration files have a .cfg file extension; policy files have a .pol file extension. When you copy a configuration or policy file from the system, make sure you specify the appropriate file extension. For example, if you want to copy a policy file, specify the filename and .pol. When you copy a file on the switch, the switch displays a message similar to the following:
Copy config test.cfg to config test1.cfg on switch? (y/n)

Enter y to copy the file. Enter n to cancel this process and not copy the file. If you enter y, the switch copies the file with the new name and keeps a backup of the original file with the original name. After the switch copies the file, use the ls command to display a complete list of files. In this example, the switch displays the original file named test.cfg and the copied file named test_rev2.cfg. The following is sample output from the ls command:
... -rw-r--r--rw-r--r-... 1 root 1 root root root 100980 Sep 23 09:16 test.cfg 100980 Oct 13 08:47 test_rev2.cfg

If you enter n, the switch displays a message similar to the following:


Copy cancelled.

240

ExtremeWare XOS 11.3 Command Reference

cp Case-sensitive Filenames. Filenames are case-sensitive. In this example, you have a configuration file named Test.cfg. If you attempt to copy the file with the incorrect case, for example test.cfg, the switch displays a message similar to the following:
Error: cp: /config/test.cfg: No such file or directory

Since the switch is unable to locate test.cfg, the file is not copied. Local Filename Character Restrictions. This section provides information about the characters supported by the switch for local filenames. When specifying a local filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ )

When naming a local file, remember the requirements listed above. Modular Switches Only. This command also replicates the action from the primary MSM to the backup MSM. For example, if you copy a file on the primary MSM, the same file is copied to the backup MSM. For the memorycard option, the source and/or destination is the memorycard. You must mount the memory card for this operation to succeed. The cp command copies a file from the switch to the external memory card or a file already on the card. If you copy a file from the switch to the external memory card, and the new filename is identical to the source file, you do not need to re-enter the filename.

Example
The following command makes a copy of a configuration file named test.cfg and gives the copied file a new name of test_rev2.cfg:
cp test.cfg test_rev2.cfg

The following command makes a copy of a configuration file named primary.cfg from a modular switch to the external memory card with the same name, primary.cfg:
cp primary.cfg memorycard

The above command performs the same action as entering the following command:
cp primary.cfg memorycard primary.cfg

History
This command was first available in ExtremeWare XOS 11.0. The memorycard option was added in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

241

Commands for Managing the ExtremeWare XOS Software

Platform Availability
This command is available on all platforms.

242

ExtremeWare XOS 11.3 Command Reference

disable cpu-monitoring

disable cpu-monitoring
disable cpu-monitoring

Description
Disables CPU monitoring on the switch.

Command Syntax
This command has no arguments or variables.

Default
CPU monitoring is enabled and occurs every 20 seconds.

Usage Guidelines
Use this command to disable CPU monitoring on the switch. This command does not clear the monitoring interval. Therefore, if you altered the CPU monitoring interval, this command does not return the CPU monitoring interval to 20 seconds. To return to the default frequency level, use the enable cpu-monitoring {interval <seconds>} {threshold <percent>} and specify 20 for the interval.

Example
The following command disables CPU monitoring on the switch:
disable cpu-monitoring

History
This command was first available in an ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

243

Commands for Managing the ExtremeWare XOS Software

disable xml-mode
disable xml-mode

Description
Disables XML configuration mode on the switch.

Command Syntax
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Use this command to disable the XML configuration mode on the switch. XML configuration mode is not supported for end users. See the command:
enable xml-mode

Example
The following command disables XML configuration mode on the switch:
disable xml-mode

History
This command was first available in an ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

244

ExtremeWare XOS 11.3 Command Reference

enable cpu-monitoring

enable cpu-monitoring
enable cpu-monitoring {interval <seconds>} {threshold <percent>}

Description
Enables CPU monitoring on the switch.

Command Syntax
seconds threshold Specifies the monitoring interval, in seconds. The default is 20 seconds, and the range is 5 to 60 seconds. Specifies the CPU threshold value. CPU usage is measured in percentages. The default is 60%, and the range is 0% to 100%.

Default
CPU monitoring is enabled and occurs every 20 seconds. The default CPU threshold value is 60%.

Usage Guidelines
CPU monitoring allows you to monitor the CPU utilization and history for all of the processes running on the switch. By viewing this history on a regular basis, you can see trends emerging and identify processes with peak utilization. Monitoring the workload of the CPU allows you to troubleshoot and identify suspect processes before they become a problem. To specify the frequency of CPU monitoring, use the interval keyword. Extreme Networks recommends the default setting for most network environments. If you enter a number lower than 20 seconds, CPU utilization may increase. CPU usage is measured in percentages. By default, the CPU threshold value is 60%. If CPU utilization of a process exceeds 60% of the regular operating basis, the switch logs an error message specifying the process name and the current CPU utilization for the process. In addition, if configured with the guidance of Extreme Networks Customer Support, the switch can save this information in a coredump or tracefile. To modify the CPU threshold level, use the threshold keyword. The range is 0% to 100%.

Example
The following command enables CPU monitoring every 30 seconds:
enable cpu-monitoring interval 30

History
This command was first available in an ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

245

Commands for Managing the ExtremeWare XOS Software

Platform Availability
This command is available on all platforms.

246

ExtremeWare XOS 11.3 Command Reference

enable xml-mode

enable xml-mode
enable xml-mode

Description
Enables XML configuration mode on the switch.

Command Syntax
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
This command enables the XML configuration mode on the switch, however XML configuration mode is not supported for end users, and Extreme Networks strongly cautions you not to enable this mode. Use this command only under the direction of Extreme Networks. If you inadvertently issue this command, the switch prompt will be changed by adding the text (xml) to the front of the prompt. If you see this mode indicator, please disable XML configuration mode by using the following command:
disable xml-mode

Example
The following command enables XML configuration mode on the switch:
enable xml-mode

History
This command was first available in an ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

247

Commands for Managing the ExtremeWare XOS Software

ls
ls {memorycard}

Description
Lists all current configuration and policy files in the system.

Syntax Description
memorycard Lists files on the removable compact flash memory card. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
Use this command to display a list of the current configuration and policy files in the system. Output from this command includes the following:

The first column displays the file permission using the following ten place holders:

The first place holder displays - for a file. The next three place holders display r for read access and w for write access permission for the file owner. The following three place holders display r for read access permission for members of the file owners group. The last three place holders display r for read access for every user that is not a member of the file owners group.

The second column displays how many links the file has to other files or directories. The third column displays the file owner. The remaining columns display the file size, date and time the file was last modified, and the file name.

Modular Switches Only. For the memorycard option, this command lists all the files on the external memory card. BlackDiamond 10K Switch Only. In ExtremeWare 10.1, this command was available only on the primary Management Switch Fabric Module (MSM). You were unable to display a list of configuration and policy files on the backup MSM.

248

ExtremeWare XOS 11.3 Command Reference

ls

Example
The following command displays a list of all current configuration and policy files in the system:
ls

The following is sample output from this command:


total 424 -rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r-1 1 1 1 1 1 root root root root root root root root root root root root 50 94256 100980 35 100980 94256 Jul Jul Sep Jun Sep Jun 30 23 23 29 23 30 14:19 14:26 09:16 06:42 09:17 17:10 hugh.pol hughtest.cfg megtest.cfg newpolicy.pol primary.cfg roytest.cfg

On a modular switch, the following command displays a list of all current configuration and policy files in the external memory card:
ls memorycard

The following is sample output from this command:


-rwxr-xr-x -rwxr-xr-x -rwxr-xr-x -rwxr-xr-x -rwxr-xr-x 1 1 1 1 1 root root root root root 0 0 0 0 0 15401865 10 10 10 223599 Mar Mar Apr Mar Mar 30 31 4 31 31 00:03 09:41 09:15 09:41 10:02 bd10K-11.2.0.13.xos test-1.pol test.pol test_1.pol v11_1_3.cfg

History
This command was first available in ExtremeWare XOS 10.1. The memorycard option was added in ExtremeWare XOS 11.0. This command was available on the backup MSM in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

249

Commands for Managing the ExtremeWare XOS Software

mv
mv {memorycard} <old-name> {memorycard} <new-name>

Description
Moves or renames an existing configuration or policy file in the system.

Syntax Description
memorycard old-name new-name Specifies the removable external compact flash card. NOTE: This parameter is available only on modular switches. Specifies the current name of the configuration or policy file. Specifies the new name of the configuration or policy file.

Default
N/A.

Usage Guidelines
If you rename a file with a given extension, remember the following:

Configuration files use the .cfg file extension Policy files use the .pol file extension

Make sure the renamed file uses the same file extension as the original file. If you change the file extensions, the file may be unrecognized by the system. For example, if you have an existing configuration file named test.cfg, the new filename must include the .cfg file extension. You cannot rename an active configuration file (the configuration currently selected to boot the switch). To verify the configuration that you are currently using, issue the show switch {detail} command. If you attempt to rename the active configuration file, the switch displays a message similar to the following:
Error: Cannot rename current selected active configuration file.

When you rename a file, the switch displays a message similar to the following:
Rename config test.cfg to config megtest.cfg on switch? (y/n)

Enter y to rename the file on your system. Enter n to cancel this process and keep the existing filename. Case-sensitive Filenames. Filenames are case-sensitive. In this example, you have a configuration file named Test.cfg. If you attempt to rename the file with the incorrect case, for example test.cfg, the switch displays a message similar to the following:
Error: mv: unable to rename `/config/test.cfg': No such file or directory

Since the switch is unable to locate test.cfg, the file is not renamed.

250

ExtremeWare XOS 11.3 Command Reference

mv Local Filename Character Restrictions. This section provides information about the characters supported by the switch for local filenames. When specifying a local filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ )

When naming a local or remote file, remember the requirements listed above. Modular Switches Only. This command also replicates the action from the primary MSM to the backup MSM. For example, if you rename a file on the primary MSM, the same file on the backup MSM is renamed. For the memorycard option, this command can now move files between the external memory card and the switch. If you use the memorycard option for both the old-name and the new-name, this command just renames a file on the external memory card. BlackDiamond 10K Switch Only. In ExtremeWare 10.1, this command was available only on the primary MSM. For example, if you renamed a file on the primary MSM, the same file on the backup MSM was not renamed.

Example
The following command renames the configuration file named Testb91.cfg to Activeb91.cfg:
mv Testb91.cfg Activeb91.cfg

On a modular switch with an external memory card installed, the following command moves the configuration file named test1.cfg from the switch to the external memory card:
mv test1.cfg memorycard test1.cfg

On a modular switch, if you do not change the name of the configuration file, you can also use the following command to move the configuration file test1.cfg from the switch to the external memory card:
mv test1.cfg memorycard

On a modular switch with an external memory card installed, the following command moves the policy file named bgp.pol from the memorycard to the switch:
mv memorycard bgp.pol bgp.pol

History
This command was first available in ExtremeWare XOS 10.1. Support for replicating information from the primary MSM to the backup MSM was introduced in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

251

Commands for Managing the ExtremeWare XOS Software The memorycard option was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

252

ExtremeWare XOS 11.3 Command Reference

restart process

restart process
restart process [class <cname> | <name> {msm <slot>}]

Description
Terminates and restarts the specified process during a software upgrade on the switch.

Syntax Description
cname Specifies the name process to restart. With this parameter, you can terminate and restart all instances of the process associated with a specific routing protocol on all VRs. You can restart the OSPF routing protocol and associated processes. name Specifies the name of the process to terminate and restart. You can use this command with the following processes: exsshd (only available if you have installed the SSH module) lldp netLogin ospf snmpMaster snmpSubagent telentd thttpd tftpd slot Specifies the MSM where the process should be terminated and restarted. A specifies the MSM installed in slot A, and B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
Use this command to terminate and restart a process during a software upgrade on the switch. You have the following options:

cnameSpecifies that the software terminates and restarts all instances of the process associated with

a specific routing protocol on all VRs.

nameSpecifies the name of the process.

Depending on the software version running on your switch and the type of switch you have, you can terminate and restart different or additional processes. To see which processes you can restart during a software upgrade, enter restart process followed by [Tab]. The switch displays a list of available processes.

ExtremeWare XOS 11.3 Command Reference

253

Commands for Managing the ExtremeWare XOS Software To display the status of ExtremeWare XOS processes on the switch, including how many times a process has been restarted, use the show process {<name>} {detail} {description} {slot <slotid>} command. The following is a truncated sample of the show process command on the Summit X450 switch:
Process Name Version Restart State Start Time ------------------------------------------------------------------------aaa 3.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 acl 3.0.0.2 0 Ready Thu Sep 1 17:00:54 2005 bgp Not Started 0 No license Not Started cfgmgr 3.0.0.21 0 Ready Thu Sep 1 17:00:52 2005 cli 3.0.0.22 0 Ready Thu Sep 1 17:00:52 2005 devmgr 3.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 dirser 3.0.0.2 0 Ready Thu Sep 1 17:00:51 2005 dosprotect 3.0.0.1 0 Ready Thu Sep 1 17:00:56 2005 eaps 3.0.0.8 0 Ready Thu Sep 1 17:00:53 2005 ...

You can also use the restart process command when upgrading a software modular package. For more information, see the section Upgrading a Modular Software Package in Appendix A, Software Upgrade and Boot Options of the ExtremeWare XOS Concepts Guide.

Example
The following command stops and restarts the process tftpd during a software upgrade:
restart process tftpd

The following command stops and restarts all instances of the OSPF routing protocol for all VRs during a software upgrade:
restart process class ospf

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

254

ExtremeWare XOS 11.3 Command Reference

rm

rm
rm {memorycard} <file-name>

Description
Removes/deletes an existing configuration or policy file from the system.

Syntax Description
memorycard file-name Specifies the removable external compact flash card. NOTE: This parameter is available only on modular switches. Specifies the name of the configuration or policy file.

Default
N/A.

Usage Guidelines
After you remove a configuration or policy file from the system, that file is unavailable to the system. You cannot remove an active configuration file (the configuration currently selected to boot the switch). To verify the configuration that you are currently using, issue the show switch {detail} command. If you attempt to remove the active configuration file, the switch displays a message similar to the following:
Error: Cannot remove current selected active configuration file.

When you delete a file from the switch, a message similar to the following appears:
Remove testpolicy.pol from switch? (y/n)

Enter y to remove the file from your system. Enter n to cancel the process and keep the file on your system. Case-sensitive Filenames. Filenames are case-sensitive. In this example, you have a configuration file named Test.cfg. If you attempt to remove a file with the incorrect case, for example test.cfg, the system is unable to remove the file. The switch does not display an error message; however, the ls command continues to display the file Test.cfg. To remove the file, make sure you use the appropriate case. Local Filename Character Restrictions. This section provides information about the characters supported by the switch for local filenames. When specifying a local filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . )

ExtremeWare XOS 11.3 Command Reference

255

Commands for Managing the ExtremeWare XOS Software


Dash ( - ) Underscore ( _ )

When naming a local or remote file, remember the requirements listed above. Modular Switches Only. This command also replicates the action from the primary MSM to the backup MSM. For example, if you delete a file on the primary MSM, the same file on the backup MSM is deleted. For the memorycard option, this command removes/deletes an existing file on the card. You can use the * wildcard to delete all of a particular file type from the external memory card. BlackDiamond 10K Switch Only. In ExtremeWare 10.1, this command was available only on the primary MSM. For example, if you deleted a file on the primary MSM, the same file on the backup MSM was not deleted.

Example
The following command removes the configuration file named Activeb91.cfg from the system:
rm Activeb91.cfg

On a modular switch with an external memory card installed, the following command removes the policy file named test.pol from the external memory card:
rm memorycard test.pol

On a modular switch with an external memory card installed, the following command removes all of the configuration files from the external memory card:
rm memorycard *.cfg

History
This command was first available in ExtremeWare XOS 10.1. Support for replicating information from the primary MSM to the backup MSM was introduced in ExtremeWare XOS 11.0. The memorycard option was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

256

ExtremeWare XOS 11.3 Command Reference

show cpu-monitoring

show cpu-monitoring
show cpu-monitoring {process <name>} {slot <slotid>}

Description
Displays the CPU utilization history of one or more processes.

Command Syntax
name slotid Specifies the name of the process. Specifies the slot number of the MSM module: A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
Viewing statistics on a regular basis allows you to see how well your network is performing. If you keep simple daily records, you will see trends emerging and notice problems arising before they cause major network faults. This way, statistics can help you get the best out of your network. By default, CPU monitoring is enabled and occurs every 20 seconds. The default CPU threshold value is 60%. This information may be useful for your technical support representative if you experience a problem. Depending on the software version running on your switch or your switch model, additional or different CPU and process information might be displayed. Modular Switches Only. If you issue the command without any parameters, the switch displays CPU utilization history for all of the processes running on the MSMs installed in your system. Reading the Output. The show cpu-monitoring command displays the following information in a tabular format:

CardThe location (MSM) where the process is running on a modular switch. ProcessThe name of the process. Range of time (5 seconds, 10 seconds, and so forth)The CPU utilization history of the process or the system. Total User/System CPU UsageThe CPU usage of the process or the system.

ExtremeWare XOS 11.3 Command Reference

257

Commands for Managing the ExtremeWare XOS Software

Example
The following command displays CPU utilization on the switch:
show cpu-monitoring

The following is sample truncated output from a modular switch:


CPU Utilization Statistics - Monitored every 5 seconds ------------------------------------------------------------------------------Card 5 10 30 1 5 30 1 Max Total secs secs secs min mins mins hour User/System util util util util util util util util CPU Usage (%) (%) (%) (%) (%) (%) (%) (%) (secs) ------------------------------------------------------------------------------MSM-A MSM-B MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A ... System System GNSS_cpuif GNSS_ctrlif GNSS_esmi GNSS_fabric GNSS_mac_10g GNSS_pbusmux GNSS_pktengine GNSS_pktif GNSS_switch aaa acl bgp cfgmgr cli devmgr dirser dosprotect eaps edp elrp ems epm esrp etmon 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 1.9 0.0 0.0 0.0 0.0 0.0 0.9 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.9 0.0 0.0 0.0 0.0 0.9 0.0 0.0 0.0 0.0 0.0 0.4 0.1 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.3 0.0 0.0 0.0 0.0 0.4 0.0 0.0 0.0 0.0 0.0 0.6 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 3.7 48.3 0.9 0.0 0.0 0.0 0.0 0.0 0.0 0.9 0.0 1.2 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 1.2 9.6 0.3 0.0 0.0 0.0 0.0 0.0 0.0 0.1 0.0 1.1 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 1.2 2.5 0.2 0.0 0.0 0.0 0.0 0.0 0.0 0.2 0.0 1.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 1.3 2.1 0.2 0.0 0.0 0.0 0.0 0.0 0.0 0.2 0.0 1.0 0.9 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 8.4 7.5 5.2 27.3 48.3 17.1 9.5 3.8 8.4 10.2 8.4 12.2 4.7 7.5 23.3 Process

0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.82 0.37 0.27 7.70 0.51 2.22 0.0 0.20 2.40 0.99 0.44 1.1 2.6 0.44 21.84

0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.56 0.33 0.42 7.84 0.37 2.50 0.0 0.26 1.40 0.47 0.28 1.16 4.18 0.36 7.24

The following is sample output from a Summit X450 switch:


CPU Utilization Statistics - Monitored every 25 seconds ----------------------------------------------------------------------Process 5 10 30 1 5 30 1 Max Total secs secs secs min mins mins hour User/System util util util util util util util util CPU Usage (%) (%) (%) (%) (%) (%) (%) (%) (secs) ----------------------------------------------------------------------System n/a n/a 0.0 0.9 0.1 0.2 0.5 34.6

258

ExtremeWare XOS 11.3 Command Reference

show cpu-monitoring
aaa acl bgp cfgmgr cli devmgr dirser dosprotect eaps edp elrp ems epm esrp etmon ... n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.8 0.0 0.0 0.0 0.0 0.1 0.0 0.0 0.0 0.0 0.0 0.5 1.8 0.0 12.6 39.8 0.0 19.5 0.0 0.0 5.5 11.1 0.0 0.0 30.7 2.7 30.5 1.72 0.40 11.18 4743.92 0.59 74.44 0.0 0.8 36.40 10.92 0.49 1.19 48.74 0.82 4865.78 0.78 0.24 2.21 3575.79 0.42 24.52 0.0 0.12 15.41 3.97 0.44 1.29 32.93 0.45 873.87

History
This command was first available in an ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

259

Commands for Managing the ExtremeWare XOS Software

show heartbeat process


show heartbeat process {<name>}

Description
Displays the health of the ExtremeWare XOS processes.

Command Syntax
name Specifies the name of the process.

Default
N/A.

Usage Guidelines
The software monitors all of the XOS processes running on the switch. This process monitor creates and terminates XOS processes on demand (for example, when you log in or log out of the switch) and restarts processes if an abnormal termination occurs (for example, if your system crashes). The process monitor also ensures that only version-compatible processes and processes with proper licenses are started. The show heartbeat process command is a resource for providing background system health information because you can view the health of ExtremeWare XOS processes on the switch. Use this command to monitor the health of the XOS processes. The switch uses two algorithms to collect process health information: polling and reporting. Both polling and reporting measure the heartbeat of the process. Polling occurs when a HELLO message is sent and a HELLO_ACK message is received. The two counts are the same. Reporting occurs when a HELLO_ACK message is sent only. Therefore, no HELLO messages are sent and the HELLO count remains at zero. The show heartbeat process command displays the following information in a tabular format:

CardThe name of the module where the process is running (modular switches only). Process NameThe name of the process. HelloThe number of hello messages sent to the process. HelloAckThe number of hello acknowledgement messages received by the process manager. Last Heartbeat TimeThe timestamp of the last health check received by the process manager. (Unknown specifies kernel modules and they do not participate in heartbeat monitoring.)

This status information may be useful for your technical support representative if you have a network problem. You may find it useful to capture the process information under normal operating conditions to establish a baseline. By having a baseline, if you experience a problem, you and your technical support representative can more easily identify the problem.

260

ExtremeWare XOS 11.3 Command Reference

show heartbeat process

Example
To display the health of all processes on your system, use the following command:
show heartbeat process

The following is sample output from a modular switch:


Card Process Name Hello HelloAck Last Heartbeat Time --------------------------------------------------------------------------MSM-A aaa 0 180324 Wed Dec 10 15:06:04 2003 MSM-A acl 36069 36069 Wed Dec 10 15:05:57 2003 MSM-A bgp 0 180348 Wed Dec 10 15:06:05 2003 MSM-A cfgmgr 72139 72139 Wed Dec 10 15:06:02 2003 MSM-A cli 60116 60116 Wed Dec 10 15:06:03 2003 MSM-A devmgr 0 180339 Wed Dec 10 15:06:03 2003 MSM-A dirser 0 180324 Wed Dec 10 15:06:03 2003 MSM-A edp 36069 36069 Wed Dec 10 15:05:57 2003 MSM-A ems 45087 45087 Wed Dec 10 15:06:03 2003 MSM-A epm 0 0 Unknown MSM-A exacl 0 0 Unknown ....

The following is sample output from a SummitX450 switch:


Process Name Hello HelloAck Last Heartbeat Time ---------------------------------------------------------------------aaa 0 254328 Tue Feb 10 05:21:46 2004 acl 50867 50867 Tue Feb 10 05:21:43 2004 bgp 0 0 Wed Feb 4 08:03:18 2004 cfgmgr 25433 25433 Tue Feb 10 05:21:33 2004 cli 84779 84779 Tue Feb 10 05:21:47 2004 cna 20234 20234 Mon Feb 9 00:28:35 2004 devmgr 0 250507 Tue Feb 10 05:21:47 2004 dirser 0 254336 Wed Feb 4 08:03:18 2004 dosprotect 0 254335 Tue Feb 10 05:21:47 2004 eaps 0 254336 Tue Feb 10 05:21:48 2004 edp 50867 50867 Tue Feb 10 05:21:44 2004 elrp 50867 50867 Tue Feb 10 05:21:43 2004 ems 63584 63584 Tue Feb 10 05:21:44 2004 epm 0 0 Wed Feb 4 08:03:18 2004 esrp 50867 50867 Tue Feb 10 05:21:46 2004 ...

To display the health of the STP process on your system, use the following command:
show heartbeat process stp

The following is sample output from a modular switch:


Card Process Name Hello HelloAck Last Heartbeat Time --------------------------------------------------------------------------MSM-A stp 34921 34921 Wed Dec 10 11:54:37 2003

ExtremeWare XOS 11.3 Command Reference

261

Commands for Managing the ExtremeWare XOS Software The following is sample output from the Summit X450 switch:
Process Name Hello HelloAck Last Heartbeat Time ---------------------------------------------------------------------stp 50870 50870 Tue Feb 10 05:22:13 2004

History
This command was first available in an ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

262

ExtremeWare XOS 11.3 Command Reference

show memory

show memory
show memory {slot [a | b]}

Description
Displays the current system memory information.

Syntax Description
slot a slot b Specifies the MSM module installed in slot A. NOTE: This parameter is available only on modular switches. Specifies the MSM module installed in slot B. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
Viewing statistics on a regular basis allows you to see how well your network is performing. If you keep simple daily records, you will see trends emerging and notice problems arising before they cause major network faults. This way, statistics can help you get the best out of your network. This information may be useful for your technical support representative if you experience a problem. Depending on the software version running on your switch or your switch model, additional or different memory information might be displayed. You can also use the show memory process <name> {slot <slotid>} command to view the system memory and the memory used by the individual processes. Modular Switches Only. If you issue the command without any parameters, the switch displays information about all of the MSMs installed in your system. Reading the Output. The show memory command displays the following information in a tabular format:

System memory information (both total and free). Current memory used by the individual processes.

The current memory statistics for the individual process also includes the following:

The module (MSM A or MSM B) and the slot number of the MSM (modular switches only). The name of the process.

In general, the free memory count for an MSM or Summit X450 switch decreases when one or more running processes experiences an increase in memory usage.

ExtremeWare XOS 11.3 Command Reference

263

Commands for Managing the ExtremeWare XOS Software If you observe a continuous decrease in the free memory over an extended period of time, and you have not altered your switch configuration, please contact Extreme Networks Technical Support.

Example
The following command displays current system memory information for the MSM installed in slot A of a modular switch:
show memory slot a

The following is sample output from this command:


System Memory Information ------------------------MSM-A Total DRAM (KB): MSM-A System (KB): MSM-A User (KB): MSM-A Free (KB):

524288 45912 102264 376112

Memory Utilization Statistics ----------------------------Card Slot Process Name Memory (KB) --------------------------------------MSM-A 9 aaa 7772 MSM-A 9 acl 6716 MSM-A 9 bgp 16708 MSM-A 9 cfgmgr 3484 MSM-A 9 cli 33964 MSM-A 9 devmgr 3656 MSM-A 9 dirser 3072 MSM-A 9 eaps 9136 MSM-A 9 edp 4644 MSM-A 9 elrp 4608 MSM-A 9 ems 5832 MSM-A 9 epm 8084 MSM-A 9 esrp 11004 MSM-A 9 etmon 11356 MSM-A 9 exacl 13 MSM-A 9 exosmc 22 MSM-A 9 exosq 29 MSM-A 9 exsflow 8 MSM-A 9 exsnoop 15 MSM-A 9 exvlan 252 MSM-A 9 fdb 8760 MSM-A 9 hal 22624 MSM-A 9 mcmgr 13128 MSM-A 9 msgsrv 2972 MSM-A 9 netLogin 4564 MSM-A 9 netTools 4696 MSM-A 9 nettx 56 MSM-A 9 nodemgr 5388 MSM-A 9 ospf 12476 MSM-A 9 pim 10012 MSM-A 9 polMgr 3272 MSM-A 9 rip 10392

264

ExtremeWare XOS 11.3 Command Reference

show memory
MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A 9 9 9 9 9 9 9 9 rtmgr snmpMaster snmpSubagent stp telnetd tftpd vlan vrrp 9748 6400 8104 6896 3236 3080 5816 6584

The following command displays current system memory information for the Summit X450 switch:
show memory

The following is sample output from this command:


System Memory Information ------------------------Total DRAM (KB): 262144 System (KB): 25852 User (KB): 96608 Free (KB): 139684 Memory Utilization Statistics ----------------------------Process Name Memory (KB) ----------------------------aaa 13468 acl 11420 bgp 0 cfgmgr 8336 cli 41040 cna 0 devmgr 8452 dirser 7068 dosprotect 8264 eaps 18784 edp 9780 elrp 10040 ems 10672 epm 15520 esrp 16728 etmon 18924 exacl 30 exdos 8 exfib 3 exosmc 29 exosnvram 4 exosq 36 exsflow 10 exsnoop 20 exsshd 9272 exvlan 290 fdb 12908 hal 64768 lldp 8816 mcmgr 17836

ExtremeWare XOS 11.3 Command Reference

265

Commands for Managing the ExtremeWare XOS Software


msgsrv netLogin netTools nettx nodemgr ospf ospfv3 pim poe polMgr rip ripng rtmgr snmpMaster snmpSubagent stp telnetd tftpd thttpd vlan vrrp xmld 6960 8924 11524 70 9636 18124 0 15996 8936 7576 17736 0 16016 15416 26428 10768 8464 7584 11344 9660 11184 9148

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

266

ExtremeWare XOS 11.3 Command Reference

show memory process

show memory process


show memory process <name> {slot <slotid>}

Description
Displays the current system memory and that of the specified process.

Command Syntax
name slotid Specifies the name of the process. Specifies the slot number of the MSM module: A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
Viewing statistics on a regular basis allows you to see how well your network is performing. If you keep simple daily records, you will see trends emerging and notice problems arising before they cause major network faults. This way, statistics can help you get the best out of your network. This information may be useful for your technical support representative if you experience a problem. Depending on the software version running on your switch or your switch model, additional or different memory information might be displayed. You can also use the show memory {slot [a | b]} command to view the system memory and the memory used by the individual processes, even for all processes on all MSMs installed in modular switches. Reading the Output. The show memory process command displays the following information in a tabular format:

System memory information (both total and free). Current memory used by the individual processes.

The current memory statistics for the individual process also includes the following:

The module (MSM A or MSM B) and the slot number of the MSM (modular switches only). The name of the process.

ExtremeWare XOS 11.3 Command Reference

267

Commands for Managing the ExtremeWare XOS Software

Example
The following command displays system memory and VRRP memory usage:
show memory process vrrp

The following is sample output from a modular switch:


System Memory Information ------------------------MSM-A Total (KB): 512508 KB MSM-A Free (KB): 395796 KB Memory Utilization Statistics ----------------------------Card Slot Process Name Memory (KB) --------------------------------------MSM-A 9 vrrp 6596

The following is sample output from a Summit X450 switch:


System Memory Information ------------------------Total DRAM (KB): 262144 System (KB): 25852 User (KB): 96608 Free (KB): 139684 Memory Utilization Statistics ----------------------------Process Name Memory (KB) ----------------------------vrrp 11184

History
This command was first available in an ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

268

ExtremeWare XOS 11.3 Command Reference

show process

show process
show process {<name>} {detail} {description} {slot <slotid>}

Description
Displays the status of the ExtremeWare XOS processes.

Command Syntax
name detail description slotid Specifies the name of the process. Specifies more detailed process information. Describes the name of all of the processes or the specified process running on the switch. Specifies the slot number of the MSM module: A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
The ExtremeWare XOS process manager monitors all of the XOS processes. The process manager also ensures that only version-compatible processes are started. Using this command without the optional keywords displays summary process information. If you specify the slot keyword, summary information is displayed for that particular slot only. The show process and show process slot <slotid> commands display the following information in a tabular format:

CardThe name of the module where the process is running (modular switches only). Process NameThe name of the process. VersionThe version number of the process. Options are:

Version numberA series of numbers that identify the version number of the process. This is helpful to ensure that you have version-compativle processes and if you experience a problem. Not StartedThe process has not been started. This can be caused by not having the appropriate license or for not starting the process.

RestartThe number of times the process has been restarted. This number increments by one each time a process stops and restarts. StateThe current state of the process. Options are:

No LicenseThe process requires a license level that you do not have. For example, you have not upgraded to that license, or the license is not available for your platform.

ExtremeWare XOS 11.3 Command Reference

269

Commands for Managing the ExtremeWare XOS Software


ReadyThe process is running. StoppedThe process has been stopped. Day/Month/Date/Time/YearThe date and time the process began. If a process terminates and restarts, the start time is also updated. Not StartedThe process has not been started. This can be caused by not having the appropriate license or for not starting the process.

Start TimeThe current start time of the process. Options are:

If you specify the detail keyword, more specific and detailed process information is displayed. The show process detail and show process slot <slotid> detail commands display the following information in a multi-tabular format:

Detailed process information Memory usage configurations Recovery policies Process statistics Resource usage

This status information may be useful for your technical support representative if you have a network problem. Depending on the software version running on your switch or your switch model, additional or different process information might be displayed. You may find it useful to capture the process information under normal operating conditions to establish a baseline. By having a baseline, if you experience a problem, you and your technical support representative can more easily identify the problem.

Example
To display the processes on your system, use the following command:
show process

The following is sample output from a modular switch:


Card Process Name Version Restart State Start Time -----------------------------------------------------------------------------MSM-A aaa 3.0.0.2 0 Ready Sat Dec 6 10:54:24 2003 MSM-A acl 3.0.0.2 0 Ready Sat Dec 6 10:54:25 2003 MSM-A bgp 3.0.0.2 0 Ready Sat Dec 6 10:54:24 2003 MSM-A cfgmgr 3.0.0.20 0 Ready Sat Dec 6 10:54:23 2003 MSM-A cli 3.0.0.21 0 Ready Sat Dec 6 10:54:23 2003 MSM-A devmgr 3.0.0.2 0 Ready Sat Dec 6 10:54:23 2003 MSM-A dirser 3.0.0.2 0 Ready Sat Dec 6 10:54:21 2003 MSM-A edp 3.0.0.2 0 Ready Sat Dec 6 10:54:24 2003 MSM-A ems 3.0.0.2 0 Ready Sat Dec 6 10:54:23 2003 MSM-A epm 3.0.0.2 0 Ready Sat Dec 6 10:54:21 2003 MSM-A exacl 3.0.0.2 0 Ready Sat Dec 6 10:54:23 2003 MSM-A exosmc 3.0.0.2 0 Ready Sat Dec 6 10:54:23 2003 MSM-A exosq 3.0.0.2 0 Ready Sat Dec 6 10:54:22 2003 MSM-A exsnoop 3.0.0.2 0 Ready Sat Dec 6 10:54:23 2003 MSM-A exvlan 3.0.0.2 0 Ready Sat Dec 6 10:54:22 2003

270

ExtremeWare XOS 11.3 Command Reference

show process
MSM-A fdb .... 3.0.0.2 0 Ready Sat Dec 6 10:54:24 2003

The following is sample output from a Summit X450 switch:


Process Name Version Restart State Start Time ------------------------------------------------------------------------aaa 3.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 acl 3.0.0.2 0 Ready Thu Sep 1 17:00:54 2005 bgp Not Started 0 No license Not Started cfgmgr 3.0.0.21 0 Ready Thu Sep 1 17:00:52 2005 cli 3.0.0.22 0 Ready Thu Sep 1 17:00:52 2005 devmgr 3.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 dirser 3.0.0.2 0 Ready Thu Sep 1 17:00:51 2005 dosprotect 3.0.0.1 0 Ready Thu Sep 1 17:00:56 2005 eaps 3.0.0.8 0 Ready Thu Sep 1 17:00:53 2005 edp 3.0.0.2 0 Ready Thu Sep 1 17:00:53 2005 elrp 3.0.0.1 0 Ready Thu Sep 1 17:00:53 2005 ems 3.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 epm 3.0.0.4 0 Ready Thu Sep 1 17:00:49 2005 esrp 3.0.0.4 0 Ready Thu Sep 1 17:00:53 2005 etmon 1.0.0.1 0 Ready Thu Sep 1 17:00:55 2005 exacl 3.0.0.2 0 Ready Thu Sep 1 17:00:50 2005 exdos 3.0.0.2 0 Ready Thu Sep 1 17:00:50 2005 exfib 1.0.0.2 0 Ready Thu Sep 1 17:00:51 2005 exosmc 3.0.0.2 0 Ready Thu Sep 1 17:00:50 2005 exosnvram 3.0.0.3 0 Ready Thu Sep 1 17:00:50 2005 exosq 3.0.0.2 0 Ready Thu Sep 1 17:00:50 2005 exsflow 1.0.0.2 0 Ready Thu Sep 1 17:00:51 2005 exsnoop 3.0.0.2 0 Ready Thu Sep 1 17:00:50 2005 exvlan 3.0.0.2 0 Ready Thu Sep 1 17:00:50 2005 fdb 4.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 hal 3.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 lacp 3.0.0.1 0 Ready Thu Sep 1 17:00:53 2005 lldp 1.2.0.0 0 Ready Thu Sep 1 17:00:53 2005 mcmgr 4.0.0.2 0 Ready Thu Sep 1 17:00:54 2005 msgsrv 3.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 netLogin 1.0.0.0 0 Ready Thu Sep 1 17:00:55 2005 netTools 3.0.0.2 0 Ready Thu Sep 1 17:00:55 2005 nettx 3.0.0.2 0 Ready Thu Sep 1 17:00:50 2005 nodemgr 3.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 ospf 3.0.0.2 0 Ready Thu Sep 1 17:00:54 2005 ospfv3 Not Started 0 No license Not Started pim 3.0.0.2 0 Ready Thu Sep 1 17:00:54 2005 poe 3.0.0.2 0 Ready Thu Sep 1 17:00:56 2005 polMgr 3.0.0.2 0 Ready Thu Sep 1 17:00:54 2005 rip 3.0.0.2 0 Ready Thu Sep 1 17:00:54 2005 ripng 3.0.0.1 0 Ready Thu Sep 1 17:00:54 2005 rtmgr 4.0.0.2 0 Ready Thu Sep 1 17:00:53 2005 snmpMaster 3.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 snmpSubagent 3.0.0.2 0 Ready Thu Sep 1 17:00:52 2005 stp 3.0.3.1 0 Ready Thu Sep 1 17:00:53 2005 telnetd 3.0.0.2 0 Ready Thu Sep 1 17:00:55 2005 tftpd 3.0.0.2 0 Ready Thu Sep 1 17:00:55 2005 thttpd 3.0.0.1 0 Ready Thu Sep 1 17:00:55 2005 vlan 3.1.0.2 0 Ready Thu Sep 1 17:00:52 2005

ExtremeWare XOS 11.3 Command Reference

271

Commands for Managing the ExtremeWare XOS Software


vrrp xmld 3.0.0.5 1.0.0.0 0 0 Ready Ready Thu Sep Thu Sep 1 17:00:55 2005 1 17:00:56 2005

The following example specifies the process aaa along with the detail keyword:
show process aaa detail

The following is sample output from this command:


Name PID Path Type Link Date Build By Peer -------------------------------------------------------------------------------aaa 284 ./aaa App Thu Dec 4 13:23:07 PST 2003 release-manager 2 3 Virtual Router(s): -------------------------------------------------------------------------------Configuration: Start Priority SchedPolicy Stack TTY CoreSize Heartbeat StartSeq -------------------------------------------------------------------------------1 0 0 0 0 0 1 1 Memory Usage Configuration: Memory(KB) Zones: Green Yellow Orange Red -------------------------------------------------------------------------------0 0 0 0 0 Recovery policies -------------------------------------------------------------------------------failover-reboot -------------------------------------------------------------------------------Statistics: ConnetionLost Timeout Start Restart Kill Register Signal Hello Hello Ack -------------------------------------------------------------------------------0 0 0 0 0 1 0 0 173199 Memory Zone Green Yellow Orange Red

-------------------------------------------------------------------------------Green 0 0 0 0 -------------------------------------------------------------------------------Commands: Start Stop Resume Shutdown Kill -------------------------------------------------------------------------------0 0 0 0 0 -------------------------------------------------------------------------------Resource Usage: UserTime SysTime PageReclaim PageFault Up Since Up Date Up Time -------------------------------------------------------------------------------2.160000 0.560000 546 966 Sat Dec 6 10:54:24 2003 00/00/04 00:14:02 -------------------------------------------------------------------------------Thread Name Pid Tid Delay Timeout Count -------------------------------------------------------------------------------tacThread 0 2051 10 0 radiusThread 0 1026 10 1 main 0 1024 2 1 --------------------------------------------------------------------------------

272

ExtremeWare XOS 11.3 Command Reference

show process The following example describes the name of all of the processes running on the switch:
show process description

The following is sample output from this command:


Process Name Description --------------------------------------------------------------------------aaa Authentication, Authorization, and Accounting Server acl Access Control List Manager bgp Border Gateway Protocol cfgmgr Configuration Manager cli Cli Manager devmgr Device Manager dirser Directory Services eaps Ethernet Automatic Protection Switching edp Extreme Discovery Protocol elrp Extreme Loop Recognition Protocol ems Event Management System Server epm Extreme Process Manager esrp Extreme Standby Routing Protocol etmon Traffic monitoring and sampling utility exacl Access Control List Module exfib Routing interface to manage missing routes in ASIC exosmc Multicast Forwarding Module exosq EXOS Queue Module exsflow Sflow interface to gather sflow samples exsnoop IGMP/MLD Snooping Module exvlan Layer 2 configuration module fdb Forwarding Data Base Manager hal Hardware Abstraction Layer lldp 802.1AB; Station and Media Access Control Connectivity Discover mcmgr Multicast Cache Manager msgsrv Message Server netLogin Network Login includes MAC, Web-Based and 802.1X authentication netTools Network Toolset includes ping/tracert/bootprelay/dhcp/dns/sntp nettx Layer 2 forwarding engine module nodemgr Fault Tolerance Manager ospf Open Shortest Path First Routing Protocol ospfv3 Open Shortest Path First Routing Protocol for IPv6 pim Protocol Independent Multicast polMgr Policy Manager rip Routing Information Protocol ripng Routing Information Protocol for IPv6 rtmgr Route Table Manager snmpMaster Simple Network Management Protocol - Master agent snmpSubagent Simple Network Management Protocol - Subagent stp Spanning Tree Protocol telnetd Telnet server tftpd Tftp server thttpd Web Server vlan VLAN Manager - L2 Switching application vrrp Virtual Router Redundancy Protocol (RFC 3768) xmld XML server

ExtremeWare XOS 11.3 Command Reference

273

Commands for Managing the ExtremeWare XOS Software

History
This command was first available in an ExtremeWare XOS 10.1. The description keyword was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all available platforms.

274

ExtremeWare XOS 11.3 Command Reference

start process

start process
start process <name> {msm <slot>}

Description
Restarts the specified process on the switch.

Syntax Description
name Specifies the name of the process to start. You can start the following processes: exsshd (only available if you have installed the SSH module) lldp netLogin ospf snmpMaster snmpSubagent telentd thttpd tftpd slot Specifies the MSM where the process should be started. A specifies the MSM installed in slot A, and B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
Use this command after you have stopped a process and you want to restart it. To stop a process, use the terminate process command. You are unable to start a process that is already running. If you try to start a currently running process, an error message similar to the following appears:
Error: Process telnetd already exists!

Depending on the software version running on your switch and the type of switch you have, you can restart different or additional processes. To see which processes you can restart, enter start process followed by [Tab]. The switch displays a list of available processes. To display the status of ExtremeWare XOS processes on the switch, including how many times a process has been restarted, use the show process {<name>} {detail} {description} {slot <slotid>} command.

ExtremeWare XOS 11.3 Command Reference

275

Commands for Managing the ExtremeWare XOS Software You can also use the start process command when upgrading a software modular package. For more information, see the section Upgrading a Modular Software Package in Appendix A, Software Upgrade and Boot Options of the ExtremeWare XOS Concepts Guide.

Example
The following restarts the process tftpd:
start process tftpd

History
This command was first available in ExtremeWare XOS 11.0. Support for restarting the Link Layer Discovery Protocol (lldp), Open Shortest Path First (ospf), and network login (netLogin) processes was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

276

ExtremeWare XOS 11.3 Command Reference

terminate process

terminate process
terminate process <name> [forceful | graceful] {msm <slot>}

Description
Terminates the specified process on the switch.

Syntax Description
name Specifies the name of the process to terminate. You can terminate the following processes: exsshd (only available if you have installed the SSH module) lldp netLogin ospf snmpMaster snmpSubagent telentd thttpd tftpd forceful graceful slot Specifies a forceful termination. Specifies a graceful termination. Specifies the MSM where the process should be terminated. A specifies the MSM installed in slot A, and B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
If recommended by Extreme Networks Technical Support personnel, you can stop a running process. The forceful option quickly terminates a process on demand. Unlike the graceful option, the process is immediately shutdown without any of the normal process cleanup. The status of the operation is displayed on the console. After a successful forceful termination of a process, a message similar to the following appears:
Forceful termination success for snmpMaster

The graceful option terminates the process by allowing it to close all opened connections, notify peers on the network, and other types of process cleanup. After this phase, the process is finally terminated. After a successful graceful termination of a process, a message similar to the following appears:
Successful graceful termination for snmpSubagent

ExtremeWare XOS 11.3 Command Reference

277

Commands for Managing the ExtremeWare XOS Software To display the status of ExtremeWare XOS processes on the switch, including how many times a process has been restarted, use the show process {<name>} {detail} {description} {slot <slotid>} command. Depending on the software version running on your switch and the type of switch you have, you can terminate different or additional processes. To see which processes you can terminate, enter terminate process followed by [Tab]. The switch displays a list of available processes. To restart a process that has been terminated, use the start process command.

NOTE
Do not terminate a process that was installed since the last reboot unless you have saved your configuration. If you have installed a software module and you terminate the newly installed process without saving your configuration, your module may not be loaded when you attempt to restart the process with the start process command.

You can also use the terminate process command when upgrading a software modular package. For more information, see the section Upgrading a Modular Software Package in Appendix A, Software Upgrade and Boot Options of the ExtremeWare XOS Concepts Guide.

Example
The following initiates a graceful termination of the process tftpd:
terminate process tftpd graceful

History
This command was first available in ExtremeWare XOS 11.0. Support for terminating the Link Layer Discovery Protocol (lldp), network login (netLogin), Open Shortest Path First (ospf) processes was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

278

ExtremeWare XOS 11.3 Command Reference

Commands for Configuring Slots and Ports on a Switch


Enabling, disabling, and configuring individual ports Configuring port speed (Fast Ethernet ports only) and half- or full-duplex mode Creating link aggregation groups on multiple ports Displaying port statistics Configuring switch port mirroring Configuring software-controlled redundant ports and Smart Redundancy Configuring Discovery Protocol

This chapter describes commands related to:


By default, all ports on the switch are enabled. After you configure the ports to your specific needs, you can select which ports are enabled or disabled. Fast Ethernet ports can connect to either 10BASE-T or 100BASE-T networks. By default, the ports autonegotiate (automatically determine) the port speed. You can also configure each port for a particular speed (either 10 Mbps or 100 Mbps). Gigabit Ethernet ports with fiber interfaces are statically set, and their speed cannot be modified. The switch comes configured to use autonegotiation to determine the port speed and duplex setting for each port. You can select to manually configure the duplex setting and the speed of 10/100 Mbps ports, and you can manually configure the duplex setting on gigabit Ethernet ports. All ports on the switch (except gigabit Ethernet ports) can be configured for half-duplex or full-duplex operation. The ports are configured to autonegotiate the duplex setting, but you can manually configure the duplex setting for your specific needs. Flow control is supported only on gigabit Ethernet ports. It is enabled or disabled as part of autonegotiation. If autonegotiation is set to off, flow control is disabled. When autonegotiation is turned on, flow control is enabled. Link aggregation, or load sharing, with Extreme Network switches allows you to increase bandwidth and resilience between switches by using a group of ports to carry traffic in parallel between switches. The sharing algorithm allows the switch to use multiple ports as a single logical port. For example, VLANs see the link aggregation group (LAG) as a single logical port. The algorithm also guarantees packet sequencing between clients. Beginning with ExtremeWare XOS version 11.3, you can use the Link Aggregation Control Protocol (LACP) to configure and enable dynamic link aggregation. Static link aggregation is still available as well. If a port in a link aggregation group fails, traffic is redistributed to the remaining ports in the LAG. If the failed port becomes active again, traffic is redistributed to include that port. You can view port status on the switch using the show ports commands. These commands, when used with specific keywords and parameters, allow you to view various issues such as collision statistics, link speed, flow control, and packet size. Beginning with ExtremeWare XOS software version 11.3, these port

ExtremeWare XOS 11.3 Command Reference

279

Commands for Configuring Slots and Ports on a Switch information displays show real-time statistics, or you can configure the display to show a snapshot of real-time statistics (as in earlier versions of the software). Commands that require you to enter one or more port numbers use the parameter <port_list> in the syntax. On a modular switch, a <port_list> can be a list of slots and ports. On a stand-alone switch, a <portlist> can be one or more port numbers.For a detailed explanation of port specification, see Port Numbering in Chapter 1. NOTE
The BlackDiamond 8810 switch was formerly known as Aspen.

280

ExtremeWare XOS 11.3 Command Reference

clear counters ports

clear counters ports


clear counters ports

Description
Clears the counters associated with the ports.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command clears the counters for the ports, including the following:

Statistics Transmit errors Receive errors Collisions Packets

Example
The following command clears the counters on all ports:
clear counters ports

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

281

Commands for Configuring Slots and Ports on a Switch

clear lacp counters


clear lacp counters

Description
Clears the counters associated with Link Aggregations Control Protocol (LACP).

Syntax Description
This command has no parameters or variables.

Default
N/A

Usage Guidelines
This command clears the following counters for LACP; it sets these counters back to 0 for every LACP port on the device:

LACP PDUs dropped on non_LACP ports Stats


Rx - Accepted Rx - Dropped due to error in verifying PDU Rx - Dropped due to LACP not being up on this port Rx - Dropped due to matching own MAC Tx - Sent Successfully Tx - Transmit error

Example
The following command clears the LACP counters on all ports:
clear lacp counters

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

282

ExtremeWare XOS 11.3 Command Reference

clear counters edp

clear counters edp


clear counters edp {ports <ports>}

Description
Clears the counters associated with Extreme Discovery Protocol (EDP).

Syntax Description
ports Specifies one or more ports or slots and ports.

Default
If you do not specify a port, the EDP counters will be cleared for all ports.

Usage Guidelines
This command clears the following counters for EDP protocol data units (PDUs) sent and received per EDP port:

Switch PDUs transmitted VLAN PDUs transmitted Transmit PDUs with errors Switch PDUs received VLAN PDUs received Received PDUs with errors

Example
The following command clears the EDP counters on all ports:
clear counters edp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

283

Commands for Configuring Slots and Ports on a Switch

clear slot
clear slot <slot>

Description
Clears a slot of a previously assigned module type.

Syntax Description
slot Specifies the slot number.

Default
N/A.

Usage Guidelines
All configuration information related to the slot and the ports on the module is erased. If a module is present when you issue this command, the module is reset to default settings. If a slot is configured for one type of module, and a different type of module is inserted, the inserted module is put into a mismatch state (where the inserted module does not match the configured slot), and is not brought online. To use the new module type in a slot, the slot configuration must be cleared or configured for the new module type. Use the configure slot module command to configure the slot.

Example
The following command clears slot 2 of a previously assigned module type:
clear slot 2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches.

284

ExtremeWare XOS 11.3 Command Reference

configure edp advertisement-interval

configure edp advertisement-interval


configure edp advertisment-interval <timer> holddown-interval <timeout>

Description
Sets the advertisement interval and hold down interval for EDP.

Syntax Description
timer timeout Specifies the advertisement interval in seconds. Specifies the hold down interval in seconds.

Default
The default setting for timer is 60 seconds, and for timeout is 180 seconds.

Usage Guidelines
Extreme Discover Protocol (EDP) is used to gather information about neighbor Extreme Networks switches. EDP-enabled ports advertise information about the Extreme switch to other switches on the interface and receive advertisements from other Extreme switches. Information about other Extreme switches is discarded after the hold down interval timeout value is reached without receiving another advertisement.

Example
The following command configures the EDP advertisement-interval to 2 minutes and the hold down interval to 6 minutes:
configure edp advertisement-interval 120 holddown-interval 360

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

285

Commands for Configuring Slots and Ports on a Switch

configure ip-mtu vlan


configure ip-mtu <mtu> vlan <vlan_name>

Description
Sets the maximum transmission unit (MTU) for the VLAN.

Syntax Description
mtu vlan_name Specifies the IP maximum transmission unit (MTU) value. Range is from 1500 to 9216. Specifies a VLAN name.

Default
The default IP MTU size is 1500.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch do not support fragmentation of any IP packets they forward. Also, the BlackDiamond 8800 family of switches and the Summit X450 switch do not support the router specification for path MTU discovery.

Use this command to enable jumbo frame support or for IP fragmentation with jumbo frames. Jumbo frames are Ethernet frames that are larger than 1522 bytes, including 4 bytes used for CRC. Both endstations involved in the transfer must be capable of supporting jumbo frames. The switch does not perform IP fragmentation or participate in MTU negotiation on behalf of devices that do not support jumbo frames. When enabling jumbo frames and setting the MTU size for the VLAN, keep in mind that some network interface cards (NICs) have a configured maximum MTU size that does not include the additional 4 bytes of CRC included in a jumbo frame configuration. Ensure that the NIC maximum MTU is at or below the maximum MTU size configured on the switch. Frames that are larger than the MTU size configured on the switch are dropped at the ingress port. If you use IP fragmentation with jumbo frames and you want to set the MTU size greater than 1500, all ports in the VLAN must have jumbo frames enabled.

Example
The following command sets the MTU size to 2000 for VLAN sales:
configure ip-mtu 2000 vlan sales

286

ExtremeWare XOS 11.3 Command Reference

configure ip-mtu vlan

History
This command was available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

287

Commands for Configuring Slots and Ports on a Switch

configure jumbo-frame-size
configure jumbo-frame-size <framesize>

Description
Sets the maximum jumbo frame size for the switch.

Syntax Description
framesize Specifies a maximum transmission unit (MTU) size for a jumbo frame. The range is 1523 to 9216; the default is 9216.

Default
Jumbo frames are disabled by default. The default size setting is 9216.

Usage Guidelines
Jumbo frames are used between endstations that support larger frame sizes for more efficient transfers of bulk data. Both endstations involved in the transfer must be capable of supporting jumbo frames. The framesize keyword describes the maximum jumbo frame size on the wire, and includes 4 bytes of cyclic redundancy check (CRC) plus another 4 bytes if 802.1Q tagging is being used. To enable jumbo frame support, you must configure the maximum transmission unit (MTU) size of a jumbo frame that will be allowed by the switch.

NOTE
Extreme Networks recommends that you set the MTU size so that fragmentation does not occur.

Some network interface cards (NICs) have a configured maximum MTU size that does not include the additional 4 bytes of CRC. Ensure that the NIC maximum MTU size is at or below the maximum MTU size configured on the switch. Frames that are larger than the MTU size configured on the switch are dropped at the ingress port.

Example
The following command configures the jumbo frame size to 5500:
configure jumbo-frame-size 5500

History
This command was first available in ExtremeWare XOS 10.1.

288

ExtremeWare XOS 11.3 Command Reference

configure jumbo-frame-size

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

289

Commands for Configuring Slots and Ports on a Switch

configure mirroring add


configure mirroring add [vlan <name> {port <port>}| port <port> {vlan <name>}] {ingress | egress | ingress-and-egress}

Description
Adds a particular mirroring filter definition on the switch.

Syntax Description
vlan name port port ingress Specifies a VLAN. Specifies a VLAN name. Specifies a port or slot and port. Specifies particular ports or slots and ports. Specifies packets be mirrored as they are received on a port. NOTE: This parameter is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch and only with port-based mirroring. egress Specifies packets be mirrored as they are sent from a port. NOTE: This parameter is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch and only with port-based mirroring. ingress-and-egress Specifies all forwarded packets be mirrored. This is the default setting on the Aspen family of switches and the Summit X450 switch for port-based mirroring. NOTE: This parameter is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch and only with port-based mirroring.

Default
N/A.

Usage Guidelines
You must enable port-mirroring using the enable mirroring to port command before you can configure the mirroring filter definitions. Port mirroring configures the switch to copy all traffic associated with one or more ports to a monitor port on the switch. The switch uses a traffic filter that copies a group of traffic to the monitor port. Up to 16 mirroring filters and one monitor port can be configured on the switch. Frames that contain errors are not mirrored. BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch only. The traffic filter can be defined based on one of the following criteria:

Physical portAll data that traverses the port, regardless of VLAN configuration, is copied to the monitor port. You can specify which traffic the port mirrors:

IngressMirrors traffic received at the port.

290

ExtremeWare XOS 11.3 Command Reference

configure mirroring add


EgressMirrors traffic sent from the port. Ingress and egressMirrors all traffic forwarded by the port. (If you omit the optional parameters, all traffic is forwarded; the default for port-based mirroring is ingress and egress).

VLANAll data to a particular VLAN, regardless of the physical port configuration, is copied to the monitor port. Virtual portAll data specific to a VLAN on a specific port is copied to the monitor port. Only 8 VLANs can be mirrored on a given physical port. Only traffic ingressing a VLAN can be monitored; you cannot specify ingressing or egressing traffic when mirroring VLAN traffic.

BlackDiamond 10K switch only. The traffic filter can be defined based on one of the following criteria:

Physical portAll data that traverses the port, regardless of VLAN configuration, is copied to the monitor port. VLANAll data to and from a particular VLAN, regardless of the physical port configuration, is copied to the monitor port. Virtual portAll data specific to a VLAN on a specific port is copied to the monitor port.

Example
The following example sends all traffic coming into an BlackDiamond 8800 family of switches on slot 3, port 2 to the mirror port:
configure mirroring add port 3:2 ingress

The following example sends all traffic coming into a Summit X450 switch on port 11 and the VLAN default to the mirror port:
configure mirroring add port 11 vlan default

The following example sends all traffic coming into or out of a BlackDiamond 10K switch on slot 3, port 2 and the VLAN default to the mirror port:
configure mirroring add port 3:2 vlan default

History
This command was first available in ExtremeWare XOS 10.1. The VLAN option was added in ExtremeWare XOS 11.0. The ingress/egress option was added in ExtremeWare XOS 11.1. The VLAN mirroring capability was added to the BlackDiamond 8800 family of switches in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

291

Commands for Configuring Slots and Ports on a Switch

configure mirroring delete


configure mirroring delete [all | port <port> {vlan <name>} |vlan <name> {port <port>}]

Description
Deletes a particular mirroring filter definition on the switch.

Syntax Description
all port port vlan name Specifies all mirroring filter definitions. Specifies a port or a slot and port. Specifies particular ports or slots and ports. Specifies a VLAN. Specifies a VLAN name.

Default
N/A.

Usage Guidelines
On a modular switch, <port_list> must be a slot and port in the form <slot>:<port>. For a detailed explanation of port specification, see Port Numbering in Chapter 1.

Example
The following example deletes the mirroring filter on an BlackDiamond 8800 family of switches defined for slot 7, port 1:
configure mirroring delete ports 7:1

The following example deletes the mirroring filter on a BlackDiamond 10K switch defined for slot 3, port 2 on VLAN default:
configure mirroring delete ports 3:2 vlan default

History
This command was first available in ExtremeWare XOS 10.1. The VLAN option was added in ExtremeWare XOS 11.0. The VLAN mirroring capability was added to the BlackDiamond 8800 family of switches in ExtremeWare XOS 11.2.

292

ExtremeWare XOS 11.3 Command Reference

configure mirroring delete

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

293

Commands for Configuring Slots and Ports on a Switch

configure ports auto off


configure ports <port_list> auto off speed [10 | 100 | 1000 | 10000] duplex [half | full]

Description
Manually configures port speed and duplex setting configuration on one or more ports on a switch.

Syntax Description
port_list speed [10] speed [100] speed [1000] speed [10000] duplex [half] duplex [full] Specifies one or more ports or slots and ports. Specifies 10 Mbps ports. Specifies 100 Mbps ports. Specifies 1000 Mbps (1 Gigabit) ports. Specifies 10000 Mbps (10 Gigabit) ports. Specifies half duplex; transmitting and receiving data one direction at a time. Specifies full duplex; transmitting and receiving data at the same time.

Default
Auto on for 1 G ports. Auto off for 10 G ports.

Usage Guidelines
You can manually configure the duplex setting and the speed on 10/100/1000 Mbps and fiber SFP Gigabit Ethernet ports. SFP gigabit Ethernet ports are statically set to 1 Gbps, and their speed cannot be modified. In certain interoperability situations, it is necessary to turn autonegotiation off on a fiber gigabit Ethernet port. Even though a gigabit Ethernet port runs only at full duplex and gigabit speeds, the command that turns off autonegotiation must still include the duplex setting. Gigabit Ethernet ports support flow control only when autonegotiation is turned on. When autonegotiation is turned off, flow control is not supported.

Example
The following example turns autonegotiation off for slot 2, port 1 on a modular switch:
configure ports 2:1 auto off duplex full

294

ExtremeWare XOS 11.3 Command Reference

configure ports auto off

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

295

Commands for Configuring Slots and Ports on a Switch

configure ports auto on


configure ports <port_list> auto on

Description
Enables autonegotiation for the particular port type.

Syntax Description
port_list Specifies one or more ports or slots and ports.

Default
Auto on for 1 Gbps ports. Auto off for 10 Gbps ports.

Usage Guidelines
The type of ports enabled for autonegotiation are 802.3u for 10/100 Mbps ports or 802.3z for gigabit Ethernet ports. Flow control on gigabit Ethernet ports is enabled or disabled as part of autonegotiation. If autonegotiation is set to off, flow control is disabled. When autonegotiation is turned on, flow control is enabled.

Example
The following command configures the switch to autonegotiate for slot 1, ports 2 and 4 on a modular switch:
configure ports 1:2, 1:4 auto on

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

296

ExtremeWare XOS 11.3 Command Reference

configure ports auto-polarity

configure ports auto-polarity


configure ports [<port_list> | all] auto-polarity [off | on]

Description
Configures the autopolarity detection feature on the specified Ethernet ports.

Syntax Description
port_list all off on Specifies one or more ports on the switch. Specifies all of the ports on the switch. Disables the autopolarity detection feature on the specified ports. Enables the autopolarity detection feature on the specified ports.

Default
Enabled.

Usage Guidelines
This feature applies to only the 10/100/1000 BASE-T ports on the switch. Use the all keyword to enable or disable the autopolarity detection feature on all of the Ethernet ports on the Summit X450 switch and the BlackDiamond 8800 family of switches (formerly known as Aspen). When autopolarity is disabled on one or more Ethernet ports, you can verify that status by using the command:
show ports information detail

Example
The following command disables the autopolarity detection feature on ports 5 to 7 on the Summit X450 switch:
configure ports 5-7 auto-polarity off

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available only on the Summit X450 switch and the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

297

Commands for Configuring Slots and Ports on a Switch

configure ports display-string


configure ports <port_list> display-string <string>

Description
Configures a user-defined string for a port or group of ports.

Syntax Description
port_list string Specifies one or more ports or slots and ports. Specifies a user-defined display string.

Default
N/A.

Usage Guidelines
The display string can be up to 15 characters. Display strings do not need to be unique for each port you can assign the same string to multiple ports. For example, you could give all the ports that connected to a particular department a common display string. The string is displayed in certain commands such as the show ports information command.

NOTE
Do not use a port number as a display string. For example, do not assign the display string 2 to port 2.

Example
The following command configures the user-defined string corporate for port 1 on a stand-alone switch:
configure ports 1 display-string corporate

The following command configures the user-defined string corporate for ports 3, 4, and 5 on slot 1 on a modular switch:
configure ports 1:3-5 display-string corporate

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

298

ExtremeWare XOS 11.3 Command Reference

configure ports preferred-medium

configure ports preferred-medium


configure ports <port_list> preferred-medium [copper | fiber] {force}

Description
Configures the primary uplink port to use a preferred medium.

Syntax Description
port_list copper fiber force Specifies the port number. Valid port numbers are 1 to 4. Specifies that the switch should always use the 10/100/1000 BASE-T connection whenever a link is established even when a fiber link is also present. Specifies that the switch should always use the 1 gigabit Ethernet fiber connection whenever a link is established even when a copper link is also present. Disables automatic failover. (If the specified preferred medium is not present, the link does not come up even if the secondary medium is present.)

Default
The default is determined at cable installation time.

Usage Guidelines
You specify either copper or fiber. The switch evaluates the copper energy and the fiber signal at the time the combo ports come online. If both are present, the configured preferred medium is chosen; however, if only one is present, the switch brings up that medium and uses this medium the next time the switch is rebooted. When a failure occurs and the uplinks are swapped, the switch continues to keep that uplink assignment until another failure occurs or until the assignment is changed using the CLI. If you use the force option, it disables automatic failover. If you force the preferred-medium to fiber and the fiber link goes away, the copper link is not used, even if available.

Examples
The following establishes copper port 4 as the primary uplink and fiber port 4 as the redundant uplink port:
configure ports 4 preferred-medium copper

Copper port 4 becomes the primary uplink until a failure occurs on that link. At that time, fiber port 4 becomes the primary uplink and copper port 4 becomes the redundant port. This assignment stays in place until the next failure.

History
This command was first available in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

299

Commands for Configuring Slots and Ports on a Switch

Platform Availability
This command is available only on the Summit X450 switch.

300

ExtremeWare XOS 11.3 Command Reference

configure ports rate-limit flood

configure ports rate-limit flood


configure ports <port_list> rate-limit flood [broadcast | multicast | unknown-destmac] [no-limit | <pps>]

Description
Limits the amount of ingress flooded traffic; minimizes network impact of broadcast loops.

Syntax Description
port_list broadcast multicast unknown-destmac no-limit pps Specifies one primary port or slot and port. Specifies all broadcast packets. Specifies all flooded multicast packets (known IP multicast caches are still forwarded at line rate). Specifies all packets with unknown MAC DAs. Specifies unlimited rate. Packets per second allowed; range is from 0 to 262,144.

Default
No limit

Usage Guidelines
Use this command to limit the amount of ingress flooding traffic and to minimize the network impact of broadcast loops.

Example
The following command rate limits broadcast packets on port 3 on a stand-alone switch to 500 pps:
configure ports 3 rate-limit flood broadcast 500

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch.

ExtremeWare XOS 11.3 Command Reference

301

Commands for Configuring Slots and Ports on a Switch

configure ports redundant


configure ports <primaryPort> redundant <secondaryPort> {link [on | off]}

Description
Configures a software-controlled redundant port.

Syntax Description
primaryPort redundantPort link Specifies one primary port or slot and port. Specifies one or redundant port or slot and port. Specifies state of link: onSpecifies keeping the redundant port active, but block traffic offSpecifies forcing the link down on the redundant port NOTE: The default value is off.

Default
N/A.

Usage Guidelines
The first port specifies the primary port. The second port specifies the redundant port. A software-controlled redundant port is configured to back up a specified primary port; both ports are on the same device. The redundant port tracks the link state of the associated primary port, and if the link on the primary port fails, the redundant port establishes a link and becomes active. You can back up a specified Ethernet port with a redundant, dedicated Ethernet port. You configure the redundant link to be always physically up but logically blocked or to be always physically down. The default is off, or the redundant link is down. The following criteria must be considered when configuring a software-controlled redundant port:

You can configure only one redundant port for each primary port. You cannot have any Layer 2 protocols configured on any of the VLANs that are present on the ports. (You will see an error message if you attempt to configure software redundant ports on ports with VLANs running Layer 2 protocols.) The primary and redundant port must have identical VLAN memberships. The master port is the only port of a load-sharing group that can be configured as either a primary or redundant port. (The entire trunk must go down before the software-controlled redundant port takes effect.) Only one side of the link should be configured as redundant.

302

ExtremeWare XOS 11.3 Command Reference

configure ports redundant

NOTE
On the BlackDiamond 10K switch, 10 Gbps modules with a serial number lower than 804405-00-09 the software redundant port feature cover only those failures where both the TX and RX paths fail. If a single strand of fiber is pulled on these ports, the software redundant port cannot correctly recover from the failure.To display the serial number of the module, issue the show slot <slot_number> command. (All the modules on the BlackDiamond 8800 family of switchesformerly known as Aspenhave this serial number or higher, as does the Summit X450 switch.)

Example
The following command configures a software-controlled redundant port:
configure ports 1:3 redundant 2:3

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

303

Commands for Configuring Slots and Ports on a Switch

configure sharing add ports


configure sharing <port> add ports <port_list>

Description
Adds ports to a load-sharing, or link aggregation, group. By using link aggregation, you use multiple ports as a single logical port. Link aggregation also provides redundancy because traffic is redistributed to the remaining ports in the LAG if one port in the group goes down.

Syntax Description
port port_list Specifies the logical port for a load-sharing group or link aggregation group (LAG). This number also functions as the LAG Group ID. Specifies one or more ports or slots and ports to be grouped in the LAG.

Default
N/A.

Usage Guidelines
NOTE
You must create a LAG (or load-sharing group) before you can configure the LAG. To create a LAG, see enable sharing <port> grouping <port_list> {algorithm [port-based | address-based {L2|L3}]} {lacp}.

Use this command to dynamically add ports to a load-sharing group, or link aggregation group (LAG). VMAN ports can belong to LAGs. If any port in the LAG is enabled for VMAN, all ports in the group are automatically enabled to handle jumbo size frames. Also, VMAN is automatically enabled on all ports of the untagged LAG. To verify your configuration, use the show ports sharing command. BlackDiamond 8800 family of switches (formerly known as Aspen) and Summit X450 switch only. The following guidelines apply to link aggregation on the BlackDiamond 8800 family of switches and the Summit X450 switch:

A static LAG can include a maximum of 8 ports. An LACP (dynamic) LAG can include a maximum of 16 ports; out of these up to 8 can be selected links and the remaining 8 will be standby links. The maximum number of LAGs is 32. Any broadcast, multicast, or unknown unicast packet is transmitted on a single port in the LAG.

304

ExtremeWare XOS 11.3 Command Reference

configure sharing add ports

NOTE
You cannot configure port-based load sharing algorithm on the BlackDiamond 8800 family of switches and the Summit X450 switch; you configure only address-based load-sharing algorithms.

The available address-based parameters on the BlackDiamond 8800 family of switches and the Summit X450 switch are L2 for Layer 2 and L3 for Layer 3. If the packet is not IP, the switch applies the Layer 2 algorithm, which is the default setting. BlackDiamond 10K switch only. The following guidelines apply to LAGs on the BlackDiamond 10K switch:

A static LAG can include a maximum 16 ports. An LACP (dynamic) LAG can include a maximum of 32 ports; out of these up to 16 can be selected links and the remaining 16 will be standby links. The maximum number of LAGs is 128.

On the BlackDiamond 10K switch, if you do not explicitly select an algorithm, the port-based scheme is used. However, the address-based algorithm has a more even distribution and is the recommended choice.

NOTE
You must use the configure sharing address-based command to configure address-based load sharing on the BlackDiamond 10K switch.

Example
The following example adds port 3:13 to the LAG with the logical port 3:9 on a modular switch:
configure sharing 3:9 add port 3:13

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

305

Commands for Configuring Slots and Ports on a Switch

configure sharing address-based


configure sharing address-based [L2 | L2_L3 | L2_L3_L4 |L2_L3_CHK_SUM | L2_L3_L4_CHK_SUM]

Description
Configures the part of the packet examined by the switch when selecting the egress port for transmitting link aggregation, or load-sharing, data. Includes IPv6 addresses with ExtremeWare XOS version 11.2 and higher.

Syntax Description
L2 L2_L3 L2_L3_L4 Indicates that the switch should examine the MAC source and destination address. Indicates that the switch should examine the MAC source and destination address plus the IP source and destination address. Indicates that the switch should examine the MAC source and destination address, the IP source and destination, plus the TCP source and destination port number. Indicates that the switch should examine the MAC source and destination address, the IP source and destination address, plus the IP check sum. NOTE: This variable applies only to IPv4 addresses. L2_L3_L4_CHK_SUM Indicates that the switch should examine the MAC source and destination address, the IP source and destination, the TCP source and destination port number, plus the IP check sum. NOTE: This variable applies only to IPv4 addresses.

L2_L3_CHK_SUM

Default
The default setting is L2.

Usage Guidelines
NOTE
You must create a LAG (or load-sharing group) before you can configure the LAG. To create a LAG, see enable sharing <port> grouping <port_list> {algorithm [port-based | address-based {L2|L3}]} {lacp}.

This feature is available using the address-based load-sharing, or link aggregation, algorithm only. The address-based load-sharing algorithm uses addressing information to determine which physical port in the load-sharing group, or LAG, to use for forwarding traffic out of the switch. Addressing information is based on the packet protocol, as follows:

IP packetsUses the source and destination MAC and IP address, and the TCP port number. All other packetsUses the source and destination MAC address.

306

ExtremeWare XOS 11.3 Command Reference

configure sharing address-based This command specifies the part of the packet header that the switch examines to select the egress port for address-based load-sharing trunks. The address-based load-sharing setting is global and applies to all load-sharing trunks, or LAGs, that are address-based. You change this setting by issuing the command again with a different option. To verify your configuration, use the show ports sharing command. This is a global setting and applies to all load-sharing trunks that are address-based. Because the algorithms L2_L3__CHK_SUM and L2_L3_L4_CHK_SUM use the IP check sum as part of the decision for the egress port selection, these algorithms do not guarantee the packet sequencing between the clients. Also, these variables apply only to IPv4 addresses. If you do not explicitly select an algorithm, the port-based scheme is used. However, the address-based algorithm has a more even distribution and is the recommended choice. Beginning with ExtremeWare XOS software version 11.3, you can configure dynamic link aggregation, using LACP.

Example
The following example configures the switch to examine the MAC source and destination address:
configure sharing address-based l2

History
This command was first available in ExtremeWare XOS 11.0. IPv6-compatibility was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

ExtremeWare XOS 11.3 Command Reference

307

Commands for Configuring Slots and Ports on a Switch

configure sharing delete ports


configure sharing <port> delete ports <port_list>

Description
Deletes ports from a link aggregation, or load-sharing, group.

Syntax Description
port port_list Specifies the logical port for a load-sharing group or a link aggregation group (LAG). This number also functions as the LAG Group ID. Specifies one or more ports or slots and ports to be grouped in the LAG.

Default
N/A.

Usage Guidelines
Use this command to dynamically delete ports from a load-sharing group, or link aggregation group (LAG). This command applies to static and dynamic link aggregation.

Example
The following example deletes port 3:12 from the LAG with the logical port, or LAG Group ID, 3:9:
configure sharing 3:9 delete port 3:12

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

308

ExtremeWare XOS 11.3 Command Reference

configure sharing lacp system-priority

configure sharing lacp system-priority


configure sharing <port> lacp system-priority <priority>

Description
Configures the system priority used by LACP for each LAG to establish the station on which end assumes priority in determining those LAG ports moved to the collecting/distributing state of the protocol. That end of the LAG with the lowest system priority is the one that assumes control of the determination. This is optional; if you do not configure this parameter, LACP uses system MAC values to determine priority. If you choose to configure this parameter, enter a value between 1 and 65535.

Syntax Description
port priority Specifies the master logical port for the LAG you are setting the priority for. Enter the value you want for the priority of the system for the LACP. The range is 1 to 65535; there is no default.

Default
N/A.

Usage Guidelines
The LACP uses the system MAC values to assign priority to one of the systems, and that system then determines which LAG ports move into the collecting/distributing state and exchange traffic. That end of the LAG with the lowest system priority is the one that assumes control of the determination. If you wish to override the default LACP system priority for a specific LAG, use this command to assign that LAG a specific LACP priority. Enter a value between 1 and 65535. You must enable sharing and create the LAG prior to assigning this LACP priority. To verify the LACP system priority, use the show lacp command. To change the system priority you previously assigned to a specific LAG, issue the configure sharing lacp system-priority using the new priority you want. To remove the assigned system priority entirely and use the LACP priorities, issue the configure sharing lacp system-priority using a value of 0.

Example
The following command assigns LAG 10 an LACP system priority of 3:
configure sharing 10 lacp system-priority 3

History
This command was first available in ExtremeWare XOS 11.3.

ExtremeWare XOS 11.3 Command Reference

309

Commands for Configuring Slots and Ports on a Switch

Platform Availability
This command is available on all platforms.

310

ExtremeWare XOS 11.3 Command Reference

configure slot module

configure slot module


configure slot <slot> module <module_type>

Description
Configures a slot for a particular I/O module card in a modular switch.

Syntax Description
slot module_type Specifies the slot number. Specifies the type of module for which the slot should be configured. The list of modules you can enter will vary depending on the type of switch and version of ExtremeWare XOS you are running. Certain modules are supported only with specific ExtremeWare XOS Technology Releases.

Default
If a slot has not been configured for a particular type of I/O module, then any type of module is accepted in that slot, and a default port and VLAN configuration is automatically generated.

Usage Guidelines
The configure slot module command displays different module parameters depending on the type of modular switch you are configuring and the version of ExtremeWare XOS running on the switch. You can also preconfigure the slot before inserting the module card. This allows you to begin configuring the module and ports before installing the card in the chassis. If a slot has not been configured for a particular type of I/O module, then any type of module is accepted in that slot, and a default port and VLAN configuration is automatically generated. If a slot is configured for one type of module, and a different type of module is inserted, the inserted module is put into a mismatch state, and is not brought online. To use the new module type in a slot, the slot configuration must be cleared or configured for the new module type. Upon powering up the chassis, or when an I/O module is hot-swapped, ExtremeWare XOS automatically determines the system power budget and protects the switch from any potential overpower configurations. If power is available, ExtremeWare XOS powers on and initializes the module. When ExtremeWare XOS detects that a module will cause an overpower condition, the module remains powered down, and is not initialized. An entry is made to the system log indicating the condition.

Example
The following command configures slot 2 for a 10/100/1000, 60-port, copper module:
configure slot 2 module G60T

ExtremeWare XOS 11.3 Command Reference

311

Commands for Configuring Slots and Ports on a Switch

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches.

312

ExtremeWare XOS 11.3 Command Reference

disable edp ports

disable edp ports


disable edp ports [<ports> | all]

Description
Disables the Extreme Discovery Protocol (EDP) on one or more ports.

Syntax Description
ports all Specifies one or more ports or slots and ports. Specifies all ports on the switch.

Default
Enabled.

Usage Guidelines
You can use the disable edp ports command to disable EDP on one or more ports when you no longer need to locate neighbor Extreme Networks switches.

Example
The following command disables EDP on slot 1, ports 2 and 4 on a modular switch:
disable edp ports 1:2, 1:4

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

313

Commands for Configuring Slots and Ports on a Switch

disable jumbo-frame ports


disable jumbo-frame ports [all | <port_list>]

Description
Disables jumbo frame support on a port.

Syntax Description
all port_list Specifies all ports. Specifies one or more ports or slots and ports. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch support only all ports; you cannot enable or disable jumbo frames by port on the switch.

Default
Disabled.

Usage Guidelines
BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch only. You must enable or disable jumbo frames for the entire switch; the BlackDiamond 8800 family of switches and the Summit X450 switch do not support enabling or disabling jumbo frames by port. BlackDiamond 10K switch only. You can enable jumbo frames per ports.

Example
The following command disables jumbo frame support on slot 1, port 2 on a BlackDiamond 10K switch:
disable jumbo-frame ports 1:2

The following command disables jumbo frame support on a BlackDiamond 8810 switch:
disable jumbo-frame ports all

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

314

ExtremeWare XOS 11.3 Command Reference

disable learning port

disable learning port


disable learning port [<port_list> | all]

Description
Disables MAC address learning on one or more ports for security purposes.

Syntax Description
port_list all Specifies one or more ports or slots and ports. Specifies all ports and slots.

Default
Enabled.

Usage Guidelines
Use this command in a secure environment where access is granted via permanent forwarding databases (FDBs) per port.

Example
The following command disables MAC address learning on port 4:3 on a modular switch:
disable learning ports 4:3

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

315

Commands for Configuring Slots and Ports on a Switch

disable mirroring
disable mirroring

Description
Disables port mirroring.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Use the disable mirroring command to stop all configured copied mirroring traffic. Use this command to unconfigure all the filters on the system.

Example
The following command disables port mirroring:
disable mirroring

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

316

ExtremeWare XOS 11.3 Command Reference

disable port

disable port
disable port [<port_list> | all]

Description
Disables one or more ports on the switch.

Syntax Description
port_list all Specifies one or more ports or slots and ports. Specifies all ports on the switch.

Default
Enabled.

Usage Guidelines
Use this command for security, administration, and troubleshooting purposes. When a port is disabled, the link is brought down.

Example
The following command disables ports 3, 5, and 12 through 15 on a stand-alone switch:
disable ports 3,5,12-15

The following command disables slot 1, ports 3, 5, and 12 through 15 on a modular switch:
disable port 1:3,1:5,1:12-1:15

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

317

Commands for Configuring Slots and Ports on a Switch

disable sharing
disable sharing <port>

Description
Disables a load-sharing group of ports, also known as a link aggregation group (LAG).

Syntax Description
port Specifies the logical port of a load-sharing group or link aggregation group (LAG). Specifies a port or a combination of the slot and port number.

Default
Disabled.

Usage Guidelines
When sharing is disabled, the logical port retains all configuration including VLAN membership. All other member ports are removed from all VLANs to prevent loops and their configuration is reset to default values.

Example
The following command disables sharing on master logical port 9 in slot 3, which contains ports 9 through 12, on a modular switch:
disable sharing 3:9

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

318

ExtremeWare XOS 11.3 Command Reference

disable slot

disable slot
disable slot <slot> {offline}

Description
Disables slot and leaves that module in a power down state.

Syntax Description
slot Offline Specifies the slot to be disabled. Specifies that the slot be disabled offline. NOTE: This parameter available on the BlackDiamond 8800 family of switches (formerly known as Aspen) only.

Default
Enabled.

Usage Guidelines
This command allows the user to disable a slot. When the user types this command, the I/O card in that particular slot number is brought down, and the slot is powered down. The LEDs on the card go OFF. A disabled slot can be re-enabled using the enable slot command. When the slot is re-enabled, the software on the I/O module is updated to match the software on the primary MSM. The show slot command, if invoked after the user disables the slot, shows this slot state as Power Off/Disabled. If there is no I/O card present in a slot when the user disables the slot, the slot still goes to the Disable state. If a card is inserted in a slot that has been disabled, the card does not come up and stays in the Power Off/Disabled state until the slot is enabled by using the enable slot command. below. If you do not save the configuration before you do a switch reboot, the slot will be re-enabled upon reboot. If you save the configuration after disabling a slot, the slot will remain disabled after a reboot. On Power over Ethernet (PoE) modules, disabling a slot also disables any inline power that in flowing to that slot. BlackDiamond 8800 family of switches only (formerly known as Aspen). This command applies only to the data, or I/O ports on slots holding an MSM. The slots holding an MSM on the BlackDiamond 8810 switch are 5 and possibly 6; the slots holding an MSM on the BlackDiamond 8806 switch are 3 and possibly 4. Additionally, the offline parameter is applicable on the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

319

Commands for Configuring Slots and Ports on a Switch

Example
The following command disables slot 5 on the switch:
disable slot 5

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches. The offline parameter is available only on the BlackDiamond 8800 family of switches.

320

ExtremeWare XOS 11.3 Command Reference

disable smartredundancy

disable smartredundancy
disable smartredundancy <port_list>

Description
Disables the Smart Redundancy feature.

Syntax Description
port_list Specifies one or more ports or slots and ports.

Default
Enabled.

Usage Guidelines
The Smart Redundancy feature works in concert with the software-controlled redundant feature. When Smart Redundancy is disabled, the switch attempts only to reset the primary port to active if the redundant port fails. That is, if you disable Smart Redundancy, the traffic does not automatically return to the primary port once it becomes active again; the traffic continues to flow through the redundant port even after the primary port comes up again.

Example
The following command disables the Smart Redundancy feature on ports 1:1 to 1:4 on a modular switch:
disable smartredundancy 1:1-4

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

321

Commands for Configuring Slots and Ports on a Switch

enable edp ports


enable edp ports [<ports> | all]

Description
Enables the Extreme Discovery Protocol (EDP) on one or more ports.

Syntax Description
ports all Specifies one or more ports or slots and ports. Specifies all ports on the switch.

Default
Enabled.

Usage Guidelines
On a modular switch, <ports> can be a list of slots and ports. On a stand-alone switch, <ports> can be one or more port numbers.For a detailed explanation of port specification, see Port Numbering in Chapter 1. EDP is useful when Extreme Networks switches are attached to a port. The EDP is used to locate neighbor Extreme Networks switches and exchange information about switch configuration. When running on a normal switch port, EDP is used to by the switches to exchange topology information with each other. Information communicated using EDP includes the following:

Switch MAC address (switch ID) Switch software version information Switch IP address Switch VLAN information Switch port number Switch port configuration data: duplex, and speed

Example
The following command enables EDP on slot 1, port 3 on a modular switch:
enable edp ports 1:3

History
This command was first available in ExtremeWare XOS 10.1. The port configuration data was added in ExtremeWare XOS 11.0.

322

ExtremeWare XOS 11.3 Command Reference

enable edp ports

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

323

Commands for Configuring Slots and Ports on a Switch

enable jumbo-frame ports


enable jumbo-frame ports [all | <port_list>]

Description
Enables support on the physical ports that will carry jumbo frames.

Syntax Description
all port_list Specifies ports. Specifies one or more slots and ports. NOTE: The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch support only all ports; you cannot enable or disable jumbo frames by port on the switch. The system returns an error message if you attempt to enter specified ports.

Default
Disabled.

Usage Guidelines
Increases performance to back-end servers or allows for VMAN 802.1Q encapsulations. You can configure the maximum size of a jumbo frame if you want to use a different size than the default value of 9216. Use the configure jumbo-frame-size command to configure the size. This setting is preserved across reboots. BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch only. You must enable or disable jumbo frames for the entire switch; the BlackDiamond 8800 family of switches and the Summit X450 switch do not support enabling or disabling jumbo frames by port. This also enables jumbo frames on any new modules that you bring online after issuing this command. BlackDiamond 10K switch only. You can enable jumbo ports per port.

Example
The following command enables jumbo frame support on slot 3, port 5 on a BlackDiamond 10K switch:
enable jumbo-frame ports 3:5

The following command enables jumbo frame support on a BlackDiamond 8810 switch:
enable jumbo-frame ports all

324

ExtremeWare XOS 11.3 Command Reference

enable jumbo-frame ports

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

325

Commands for Configuring Slots and Ports on a Switch

enable learning port


enable learning port [all | <port_list>]

Description
Enables MAC address learning on one or more ports.

Syntax Description
all port_list Specifies all ports. Specifies one or more ports or slots and ports.

Default
Enabled.

Usage Guidelines
N/A.

Example
The following command enables MAC address learning on slot 1, ports 7 and 8 on a modular switch:
enable learning ports 1:7-8

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

326

ExtremeWare XOS 11.3 Command Reference

enable mirroring to port

enable mirroring to port


enable mirroring to port [<port>] [tagged | untagged]

Description
Dedicates a port on the switch to be the mirror output port, or the monitor port.

Syntax Description
port tagged untagged Specifies the mirror output port. Specifies the mirror output, or monitor, port is tagged. NOTE: This parameter is available only on the BlackDiamond 10K switch. Specifies the mirror output, or monitor, port is untagged. NOTE: This parameter is available only on the BlackDiamond 10K switch.

Default
Disabled.

Usage Guidelines
Port mirroring configures the switch to copy all traffic associated with one or more ports to a monitor port on the switch. The monitor port can be connected to a network analyzer or RMON probe for packet analysis. The switch uses a traffic filter that copies a group of traffic to the monitor port. Up to 16 mirroring filters and one monitor port can be configured on the switch. After a port has been specified as a monitor port, it cannot be used for any other function. Frames that contain errors are not mirrored. BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch only. The traffic filter can be defined based on one of the following criteria:

Physical portAll data that traverses the port, regardless of VLAN configuration, is copied to the monitor port. You can specify which traffic the port mirrors:

IngressMirrors traffic received at the port. EgressMirrors traffic sent from the port. Ingress and egressMirrors all traffic forwarded by the port. (If you omit the optional parameters, all traffic is forwarded; the default for port-based mirroring is ingress and egress).

VLANAll data to a particular VLAN, regardless of the physical port configuration, is copied to the monitor port. Virtual portAll data specific to a VLAN on a specific port is copied to the monitor port. Only 8 VLANs can be mirrored on a given physical port. Only traffic ingressing a VLAN can be monitored; you cannot specify ingressing or egressing traffic when mirroring VLAN traffic.

ExtremeWare XOS 11.3 Command Reference

327

Commands for Configuring Slots and Ports on a Switch All traffic egressing the monitor port is tagged on the BlackDiamond 8800 family of switches and the Summit X450 switch. Even if some untagged ports send mirrored traffic to the monitor port, that traffic also egresses the monitor port tagged with the internal VLAN ID.

NOTE
On the BlackDiamond 8800 family of switches and the Summit X450 switch, mirroring and sFlow are mutually exclusive; you can enable either sFlow or mirroring but not both.

BlackDiamond 10K switch only. The traffic filter can be defined based on one of the following criteria:

Physical portAll data that traverses the port, regardless of VLAN configuration, is copied to the monitor port. VLANAll data to and from a particular VLAN, regardless of the physical port configuration, is copied to the monitor port. Virtual portAll data specific to a VLAN on a specific port is copied to the monitor port. NOTE

Beginning with ExtremeWare XOS 11.0, the monitor port must be explicitly configured for tagged or untagged. Mirroring configurations prior to 11.0 are restored as tagged monitor ports only.

The traffic egressing the monitor port can either be tagged or untagged. If the mirroring is enabled as tagged on the monitor port of the BlackDiamond 10K switch, all traffic egressing the monitor port is tagged. In this case, even if some untagged ports send mirrored traffic to the monitor port, that traffic also egresses the monitor port tagged. And, if mirroring is enabled as untagged on the monitor port, all traffic egressing the monitor port is untagged, including mirrored tagged packets. When you upgrade to 11.0, all restored mirroring configurations are tagged monitor ports only.

Example
The following example selects slot 3, port 4 as the mirror, or monitor, port on the BlackDiamond 8810 switch:
enable mirroring to port 3:4

The following example selects slot 1, port 3 as the tagged mirror, or monitor, port on the BlackDiamond 10K switch:
enable mirroring to port 1:3 tagged

History
This command was first available in ExtremeWare XOS 10.1. Beginning with ExtremeWare XOS 11.0, you must configure the monitor port as tagged or untagged on the BlackDiamond 10K switch.

Platform Availability
This command is available on all platforms.

328

ExtremeWare XOS 11.3 Command Reference

enable port

enable port
enable port [<port_list> | all]

Description
Enables a port.

Syntax Description
port_list all Specifies one or more ports or slots and ports. Specifies all ports on the switch.

Default
All ports are enabled.

Usage Guidelines
Use this command to enable the port(s) if you disabled the port(s) for security, administration, or troubleshooting purposes.

Example
The following command enables ports 3, 5, and 12 through 15 on the stand-alone switch:
enable ports 3,5,12-15

The following command enables slot 1, ports 3, 5, and 12 through 15 on the modular switch:
enable port 1:3, 1:5, 1:12-1:15

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

329

Commands for Configuring Slots and Ports on a Switch

enable sharing grouping


enable sharing <port> grouping <port_list> {algorithm [port-based | address-based {L2|L3}]} {lacp}

Description
Enables the switch to configure port link aggregation, or load sharing. By using link aggregation, you use multiple ports as a single logical port. Link aggregation also provides redundancy because traffic is redistributed to the remaining ports in the LAG if one port in the group goes down. LACP allows the system to dynamically configure the LAGs.

Syntax Description
port port_list port-based address-based L2 | L3 Specifies the master logical port for a load-sharing group or link aggregation group (LAG). Specifies one or more ports or slots and ports to be grouped to the logical port. Specifies link aggregation by port-based algorithm. NOTE: This parameter is available only on the BlackDiamond 10K switch. Specifies link aggregation by address-based algorithm. Specifies address-based link aggregation by either Layer 2 or Layer 3; Layer 2 is the default value. NOTE: This parameter is available only on the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch. lacp Specifies dynamic link aggregation, or load sharing, using the LACP.

Default
Disabled.

Usage Guidelines
Link aggregation, or load sharing, allows you to increase bandwidth and availability between switches by using a group of ports to carry traffic in parallel between switches. The aggregation algorithm allows the switch to use multiple ports as a single logical port. For example, VLANs see the link aggregation group (LAG) as a single logical port. Groups can span multiple modules. Beginning with ExtremeWare XOS version 11.3, you can enable and configure dynamic link aggregation, using LACP. Static link aggregation is the default link aggregation method.

NOTE
Always verify the LACP configuration by issuing the show ports sharing command; look for the ports listed as being in the aggregator.

If a port in a LAG fails, traffic is redistributed to the remaining ports in the LAG. If the failed port becomes active again, traffic is redistributed to include that port.

330

ExtremeWare XOS 11.3 Command Reference

enable sharing grouping Link aggregation must be enabled on both ends of the link, or a network loop will result.

NOTE
See ExtremeWare XOS Concepts Guide for information on the interaction of port-based ACLs and LAGs of ports.

Modular switch LAGs are defined according to the following rules:

Although you can reference only the logical port of a LAG to a Spanning Tree Domain (STPD), all the ports of a load-sharing group actually belong to the specified STPD. When using link aggregation, you should always reference the logical port of the LAG when configuring or viewing VLANs. VLANs configured to use other ports in the LAG will have those ports deleted from the VLAN when link aggregation becomes enabled.

Link aggregation, or load-sharing, algorithms allow you to select the distribution technique used by the LAG to determine the output port selection. Algorithm selection is not intended for use in predictive traffic engineering.

Port-basedUses the ingress port to determine which physical port in the LAG is used to forward traffic out of the switch. Address-basedUses addressing information to determine which physical port in the LAG to use for forwarding traffic out of the switch. Refer to configure sharing address-based for more information on using addressing information.

BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch only. The following guidelines apply to link aggregation on the BlackDiamond 8800 family of switches and the Summit X450 switch:

A static LAG, or load-sharing group, can include a maximum of 8 ports. An LACP (dynamic) LAG can include a maximum of 16 ports; out of these up to 8 can be selected links and the remaining 8 will be standby links. The maximum number of LAGs is 32. Any broadcast, multicast, or unknown unicast packet is queued to the logical port in the LAG. NOTE

You cannot configure port-based load sharing algorithm on the BlackDiamond 8800 family of switches and the Summit X450 switch; you configure only address-based load sharing algorithm.

The available address-based parameters on the BlackDiamond 8800 family of switches and the Summit X450 switch are L2 for Layer 2 and L3 for Layer 3. If the packet is not IP, the switch applies the Layer 2 algorithm, which is the default setting. Beginning with ExtremeWare XOS software version 11.2, the switch can use IPv6 addresses. BlackDiamond 10K switch only. The following guidelines apply to load sharing on the BlackDiamond 10K switch:

A static LAG can include a maximum 16 ports. An LACP (dynamic) LAG can include a maximum of 32 ports; out of these up to 16 can be selected links and the remaining 16 will be standby links. The maximum number of LAGs is 128.

ExtremeWare XOS 11.3 Command Reference

331

Commands for Configuring Slots and Ports on a Switch On the BlackDiamond 10K switch, if you do not explicitly select an algorithm, the port-based scheme is used. However, the address-based algorithm has a more even distribution and is the recommended choice.

NOTE
You must use the configure sharing address-based command to configure address-based load sharing on the BlackDiamond 10K switch.

Example
The following example defines a static link aggregation group (LAG) on a modular switch that contains ports 9 through 12 on slot 3, ports 7 through 10 on slot 5, and uses the first port on slot 3 as the logical port 9 on a modular switch:
enable sharing 3:9 grouping 3:9-3:12, 5:7-5:10

In this example, logical port 3:9 represents physical ports 3:9 through 3:12 and 5:7 through 5:10. The following example defines a dynamic LAG on a stand-alone switch containing ports 10 through 15, with port 10 being the logical port:
enable sharing 10 grouping 10-15 lacp

History
This command was first available in ExtremeWare XOS 10.1. The address-based algorithm was added in ExtremeWare XOS 11.0. The L2 and L3 optional parameters were added in ExtremeWare XOS 11.1. IPv6-compatibility was added in ExtremeWare XOS 11.2. Dynamic link aggregation, using LACP, was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

332

ExtremeWare XOS 11.3 Command Reference

enable slot

enable slot
enable slot <slot>

Description
Enables slots.

Syntax Description
slot Specifies the slot to be enabled.

Default
Enabled.

Usage Guidelines
NOTE
On the BlackDiamond 8800 family of switches, this command only applies to the data, or I/O, ports on slots holding an MSM (slot 5 and possibly 6 on the BlackDiamond 8810; slot 3 and possibly 4 on the BlackDiamond 8806 switch).

This command allows the user to enable a slot that has been previously disabled using the disable slot command.

NOTE
If your chassis has an inline power module and there is not enough power to supply a slot, that slot will not be enabled; the slot will not function in data-only mode without enough power for inline power.

When the user enters the enable command, the disabled I/O card in the specified slot is brought up, and the slot is made operational, if possible, or goes to the appropriate state as determined by the card state machine. The LEDs on the card are brought ON as usual. When the slot is enabled, the software on the I/O module is updated to match the software on the primary MSM. After the user enables the slot, the show slot command shows the state as Operational or will display the appropriate state if the card could not be brought up successfully. Note that there is no card state named Enable and the card goes to the appropriate states as determined by the card state machine when the enable slot command is invoked. Only slots that have their state as disabled can be enabled using this command. If this command is used on slots that are in states other than disabled, the card state machine takes no action on these slots. To enable inline power to a slot, the slot must be enabled as well as inline power for that slot. Use the
enable inline-power command to enable inline power.

ExtremeWare XOS 11.3 Command Reference

333

Commands for Configuring Slots and Ports on a Switch

Example
The following command enables slot 5 on the switch:
enable slot 5

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches.

334

ExtremeWare XOS 11.3 Command Reference

enable smartredundancy

enable smartredundancy
enable smartredundancy <port_list>

Description
Enables the Smart Redundancy feature on the primary port.

Syntax Description
portlist Specifies one or more ports or slots and ports.

Default
Enabled.

Usage Guidelines
You must configure the software-controlled redundant port using the configure ports redundant command prior to enabling Smart Redundancy. The Smart Redundancy feature works in concert with the software-controlled redundant port feature. With Smart Redundancy enabled on the switch, when the primary port becomes active the switch redirects all traffic to the primary port and blocks the redundant port again. (If you disable Smart Redundancy, the primary port is blocked because traffic is now flowing through the redundant, port.)

Example
The following command enables the Smart Redundancy feature on slot 1, port 4 on a modular switch:
enable smartredundancy 1:4

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

335

Commands for Configuring Slots and Ports on a Switch

restart ports
restart ports [all | <port_list>

Description
Resets autonegotiation for one or more ports by resetting the physical link.

Syntax Description
all port_list Specifies all ports on the switch. Specifies one or more ports or slots and ports.

Default
N/A.

Usage Guidelines
N/A.

Example
The following command resets autonegotiation on slot 1, port 4 on a modular switch:
restart ports 1:4

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

336

ExtremeWare XOS 11.3 Command Reference

run msm-failover

run msm-failover
run msm-failover {force}

Description
Causes a user-specified node failover.

Syntax Description
force Force failover to occur.

Default
N/A.

Usage Guidelines
Use this command to cause the primary MSM to failover to the backup MSM. Before you initiate failover, use the show switch {detail} command to confirm that the nodes are in sync and have identical software and switch configurations. If the output shows MASTER and BACKUP (InSync), the two MSMs are in sync. If the MSMs are not in sync, and both MSMs are running ExtremeWare XOS 11.0 or later, use the synchronize command to get the two MSMs in sync. This command ensures that the backup has the same software in flash as the master.

NOTE
Both the backup and the master MSMs must be running ExtremeWare XOS 11.0 or later to use the synchronize command.

If the MSMs are not in sync, and one MSM is running ExtremeWare XOS 10.1 or earlier, specify the force option of the run msm-failover command. By specifying force, failover occurs regardless of the version of software running on the MSMs.

Example
The following command causes a user-specified MSM failover:
run msm-failover

History
This command was first available in ExtremeWare XOS 10.1.

ExtremeWare XOS 11.3 Command Reference

337

Commands for Configuring Slots and Ports on a Switch

Platform Availability
This command is available only on modular switches.

338

ExtremeWare XOS 11.3 Command Reference

show edp

show edp
show edp {ports [all | <ports>] {detail}}

Description
Displays connectivity and configuration information for neighboring Extreme Networks switches.

Syntax Description
ports all detail Specifies one or more ports or slots and ports. Specifies all ports. Show detailed information.

Default
N/A.

Usage Guidelines
On a modular switch, <ports> can be a list of slots and ports. On a stand-alone switch, <portlist> can be one or more port numbers. For a detailed explanation of port specification, see Port Numbering in Chapter 1. To clear the counters, use the clear lacp counters command. Use the show edp command to display neighboring switches and configurations. This is most effective with Extreme Networks switches.

Example
The following command displays the configuration of the switch:
show edp

Following is sample output from this command:


EDP advert-interval EDP holddown-interval EDP enabled on ports :60 seconds :180 seconds :1:1 1:2 1:3

1:4

1:5

1:6

3:1

3:2

3:3

3:4

Following is sample output from the show edp ports 1:1 command:
Port Remote Age Num Port Vlans ============================================================================= 1:1 Oban 00:00:00:30:48:41:ed:97 1:1 54 1 ============================================================================= Neighbor Neighbor-mac

ExtremeWare XOS 11.3 Command Reference

339

Commands for Configuring Slots and Ports on a Switch The following command displays the connectivity and configuration of neighboring Extreme Networks switches:
show edp ports 1:1 detail

Following is sample output from this command:


============================================================================= Port 1:1: EDP is Enabled Tx stats: sw-pdu-tx=2555 Rx stats: sw-pdu-rx=2511

vlan-pdu-tx=1465 vlan-pdu-rx=2511

pdu-tx-err=0 pdu-rx-err=0

Time of last transmit error: None Time of last receive error: None Remote-System: Oban Age = 41 Remote-ID: 00:00:00:30:48:41:ed:97 Software version: 11.1.0.19 Remote-Port: 1:1 Port Type: Ethernet Auto Negotiation: OFF Flow Control: SYMMETRIC/ASYMMETRIC Duplex Speed: Configured = HALF Actual = HALF Port Speed (MB): Configured = ERROR Actual = 100 Mbps Remote-Vlans: test (4094) Age = 41 =============================================================================

NOTE
The output differs if the port is connected to a port running ExtremeWare software; the output shown above is displayed when both connected ports are running ExtremeWare XOS software.

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

340

ExtremeWare XOS 11.3 Command Reference

show lacp

show lacp
show lacp

Description
Displays LACP, or dynamic link aggregation, settings on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command displays the following information about the LACP LAGs configured on the switch:

Up or Down Enabled or disabled (not configurable) System MAC

MAC address for the system, which is used for LACP priority in the absence of a specifically configured priority.

LACP PDUs dropped on non-LACP ports LAG

Identifies the particular LAG. This number comes from logical port assigned to the LAG and is the LAG group ID. Shows the system priority for that LAG. If this number is lower than the number displayed for the Partner Sys-Pri, the system you are working on is the controlling partner in the LAG. Automatically generated LACP key. Identifies the MAC address for the system connecting to the LAG on the remote end. Shows the system priority for that LAG on the remote end. If this number is lower than the number displayed for the Actor Sys-Pri, the system at the remote end is the controlling partner in the LAG. LACP key automatically generated by the system to which this aggregator is connected.

Actor Sys-Pri

Actor Key

Partner MAC

Partner Sys-Pri

Partner Key

ExtremeWare XOS 11.3 Command Reference

341

Commands for Configuring Slots and Ports on a Switch

If this number is lower than the number displayed for the Actor Key, the partner system is the controlling partner in the LAG. Identifies the number of ports added to the aggregator for that LAG.

Agg Count

Example
The following command displays the LACP LAGs on the switch:
show lacp

The following is sample output from this command on a modular switch:


LACP Up LACP Enabled System MAC LACP PDUs dropped on non-LACP ports Lag : : : : Yes Yes 00:04:96:10:33:60 0

Actor Actor Partner Partner Partner Agg Sys-Pri Key MAC Sys-Pri Key Count -------------------------------------------------------------------------------2:1 90 0x07d1 00:01:30:f9:9c:30 601 0x1391 2 4:5 100 0x0fa5 00:01:30:f9:9c:30 321 0x1f47 16 4:9 677 0x0fa9 00:01:30:f9:9c:30 87 0x0fa9 8

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

342

ExtremeWare XOS 11.3 Command Reference

show lacp lag

show lacp lag


show lacp lag <group-id> {detail}

Description
Displays LACP, or dynamic link aggregation, settings for the specified LAG.

Syntax Description
group-id detail Specifies the LAG group ID you want to display. This is the number of the port you configured as the logical port of the LAG. Show detailed information.

Default
N/A.

Usage Guidelines
This command displays the following information about the specified LACP LAG:

LAG

Identifies the particular LAG. This number comes from logical port assigned to the LAG and is the LAG group ID. Shows the system priority for that LAG. If this number is lower than the number displayed for the Partner Sys-Pri, the system you are working on is the controlling partner in the LAG. Automatically generated LACP key. Identifies the MAC address for the system connecting to the LAG on the remote end. Shows the system priority for that LAG on the remote end. If this number is lower than the number displayed for the Actor Sys-Pri, the system at the remote end is the controlling partner in the LAG. LACP key automatically generated by the system to which this aggregator is connected. If this number is lower than the number displayed for the Actor Key, the partner system is the controlling partner in the LAG. Identifies the number of ports added to the aggregator for that LAG.

Actor Sys-Pri

Actor Key

Partner MAC

Partner Sys-Pri

Partner Key

Agg Count

Member port

ExtremeWare XOS 11.3 Command Reference

343

Commands for Configuring Slots and Ports on a Switch

Rx StateReceiving state of the port


Idle Initialized CurrentReceiving LACP PDUs Expired Defaulted SelectedPorts with a matching admin key on the remote end. UnselectedPorts that failed to meet with a matching admin key on the remote end. StandbyPorts that exceed the number of ports that can be active in the LAG simultaneously. These ports can be moved into selected mode if one of the currently selected ports in the LAG goes down. WaitingSelected port that is waiting for LACP to determine if it can join the aggregator. AttachedPorts ready to be added to the aggregator. Collecting-DistPorts that are added to the aggregator and are transferring data. DetachedPorts that cannot be added to the aggregator. AActivity TTimeout GAggregation SSynchronization CCollecting DDistributing FDefaulted EExpired

Sel LogicSelection state of the port


Mux StateAbility to transmit and collect data of the port


Actor FlagMux state of the port


Partner Port

The operational value of the port number assigned to this link by partner.

Unack count Wait-for-count Receive state Transmit state Selected countNumber of selected ports in the LAG Standby countNumber of standby ports in the LAG LAG Id flag

SDisplays information on controlling partner of LAG. TDisplays information on controlled partner of LAG.

Example
The following command displays information on the specified LACP LAG:

344

ExtremeWare XOS 11.3 Command Reference

show lacp lag


show lacp lag 1

The following is sample output from this command on a modular switch:


Lag Actor Actor Partner Partner Partner Agg Sys-Pri Key MAC Sys-Pri Key Count -------------------------------------------------------------------------------4:5 100 0x0fa5 00:01:30:f9:9c:30 321 0x1f47 16 Port list: Member Rx Sel Mux Actor Partner Port State Logic State Flags Port -------------------------------------------------------------------------------4:5 Current Selected Collect-Dist A-GSCD-- 8015 4:6 Current Selected Collect-Dist A-GSCD-- 8016 4:7 Current Selected Collect-Dist A-GSCD-- 8017 4:8 Current Selected Collect-Dist A-GSCD-- 8019 4:25 Current Selected Collect-Dist A-GSCD-- 8020 ================================================================================ Actor Flags: A-Activity, T-Timeout, G-Aggregation, S-Synchronization C-Collecting, D-Distributing, F-Defaulted, E-Expired

The following command displays detailed information on the specified LACP LAG:
show lacp lag 1 detail

The following is sample output from this command on a modular switch:


Lag Actor Actor Partner Partner Partner Agg Sys-Pri Key MAC Sys-Pri Key Count -------------------------------------------------------------------------------4:5 100 0x0fa5 00:01:30:f9:9c:30 321 0x1f47 16 Up : Yes Enabled : Yes Unack count : 0 Wait-for-count : 0 Receive state : Enabled Transmit state : Enabled Selected count : 16 Standby count : 0 LAG Id flag : Yes S.pri:100 , S.id:00:04:96:10:33:60, K:0x0fa5 T.pri:321 , T.id:00:01:30:f9:9c:30, L:0x1f47 Port list: Member Rx Sel Mux Actor Partner Port State Logic State Flags Port -------------------------------------------------------------------------------4:5 Current Selected Collect-Dist A-GSCD-- 8015 4:6 Current Selected Collect-Dist A-GSCD-- 8016 4:7 Current Selected Collect-Dist A-GSCD-- 8017 4:8 Current Selected Collect-Dist A-GSCD-- 8019 4:25 Current Selected Collect-Dist A-GSCD-- 8020 ================================================================================ Actor Flags: A-Activity, T-Timeout, G-Aggregation, S-Synchronization C-Collecting, D-Distributing, F-Defaulted, E-Expired

ExtremeWare XOS 11.3 Command Reference

345

Commands for Configuring Slots and Ports on a Switch

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

346

ExtremeWare XOS 11.3 Command Reference

show lacp member-port

show lacp member-port


show lacp member-port <port> {detail}

Description
Displays LACP, or dynamic link aggregation, settings for the specified port that is a member of any LAG.

Syntax Description
port detail Specifies the port number. Show detailed information.

Default
N/A.

Usage Guidelines
This command displays the following information about the specified port:

Member Port Rx StateReceiving state of the port


Idle Initialized CurrentReceiving LACP PDUs Expired Defaulted SelectedPorts with a matching admin key on the remote end. UnselectedPorts that failed to meet with a matching admin key on the remote end. StandbyPorts that exceed the number of ports that can be active in the LAG simultaneously. These ports can be moved into selected mode if one of the currently selected ports in the LAG goes down. WaitingSelected port that is waiting for LACP to determine if it can join the aggregator. AttachedPorts ready to be added to the aggregator. Collecting-DistPorts that are added to the aggregator and are transferring data. DetachedPorts that cannot be added to the aggregator. AActivity TTimeout

Sel LogicSelection state of the port


Mux StateAbility to transmit and collect data of the port


Actor Flag

ExtremeWare XOS 11.3 Command Reference

347

Commands for Configuring Slots and Ports on a Switch


GAggregation SSynchronization CCollecting DDistributing FDefaulted EExpired

Partner Port

The operational value of the port number assigned to this link by partner.

Up or Down Enabled or disabled (not configurable) Ready_NReady to be added to aggregator. Wait pending Ack pending LAG Id

SDisplays information on controlling partner of LAG. TDisplays information on controlled partner of LAG.

Stats Rx - Accepted Rx - Dropped due to error in verifying PDU Rx - Dropped due to LACP not being up on this port Rx - Dropped due to matching own MAC Tx - Sent Successfully Tx - Transmit error

Example
The following command displays LACP information on the specified port:
show lacp member-port 5

The following is sample output from this command on the Summit X450 switch:
Member Rx Sel Mux Actor Partner Port State Logic State Flags Port -------------------------------------------------------------------------------5 Current Selected Collect-Dist A-GSCD-- 1005 ================================================================================ Actor Flags: A-Activity, T-Timeout, G-Aggregation, S-Synchronization C-Collecting, D-Distributing, F-Defaulted, E-Expired

The following command displays detailed LACP information on the specified port:
show lacp member-port 5 detail

The following is sample output from this command on the Summit X450 switch:
Member Rx Sel Mux Actor Partner Port State Logic State Flags Port --------------------------------------------------------------------------------

348

ExtremeWare XOS 11.3 Command Reference

show lacp member-port


5 Current Selected Collect-Dist A-GSCD-- 1005 Up : Yes Enabled : Yes Link State : Up Ready_N : Yes Wait pending : No Ack pending : No LAG Id: S.pri:0 , S.id:00:04:96:1f:a5:2e, K:0x03ed, P.pri:0 , P.num:1005 T.pri:0 , T.id:00:04:96:1f:a5:76, L:0x03ed, Q.pri:0 , Q.num:1005 Stats: Rx - Accepted : 13980 Rx - Dropped due to error in verifying PDU : 0 Rx - Dropped due to LACP not being up on this port : 0 Rx - Dropped due to matching own MAC : 0 Tx - Sent successfully : 13979 Tx - Transmit error : 0 ================================================================================ Actor Flags: A-Activity, T-Timeout, G-Aggregation, S-Synchronization C-Collecting, D-Distributing, F-Defaulted, E-Expired

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

349

Commands for Configuring Slots and Ports on a Switch

show mirroring
show mirroring

Description
Displays the port-mirroring configuration on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
You must enable mirroring on the switch prior to configuring mirroring, and you must configure mirroring to display mirroring statistics. Use the enable mirroring to port command to enable mirroring and the configure mirroring add command to configure mirroring. You can use this command to display mirroring statistics and determine if mirroring is enabled or disabled on the switch.

Example
The following command displays switch mirroring statistics:
show mirroring

BlackDiamond 8800 family of switches (formerly known as Aspen) and Summit X450 switch only. Following is sample output from this command on the BlackDiamond 8810 switch that is configured for portbased mirroring:
Mirror port: 3:15 is up Number of Mirroring filters: 3 Mirror Port configuration: Port number 3:12 in all vlans ingress only Port number 5:4 in all vlans egress only Port number 8:30 in all vlans

Following is sample output from this command on the Summit X450 switch that is configured for mirroring a virtual port:
Mirror port: 12 is down Number of Mirroring filters:1 Mirror Port configuration: Port number 3 in vlan peggy.

350

ExtremeWare XOS 11.3 Command Reference

show mirroring BlackDiamond 10K switch only. Following is sample output from this command on the BlackDiamond 10K switch that is configured for port-based mirroring:
Mirror port: 1:5 is up tagged Number of Mirroring filters: 1 Mirror Port configuration: Port number 2:1 in all vlans

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

351

Commands for Configuring Slots and Ports on a Switch

show ports collisions


show ports {mgmt | <port_list>} collisions {no-refresh}

Description
Displays real-time collision statistics.

Syntax Description
mgmt port_list no-refresh Specifies the management port. Specifies one or more ports or slots and ports. Specifies a static snapshot of data.

Default
Real-time statistics.

Usage Guidelines
If you do not specify a port number or range of ports, collision statistics are displayed for all ports. To clear the counters, use the clear counters ports command. The default display is a constantly refreshing real-time display. If you specify the no-refresh parameter, the system displays a snapshot of the data at the time you issue the command. This status information may be useful for your technical support representative if you have a network problem.

Example
The following command displays real-time collision statistics on slot 1, ports 1 and 2 on a modular switch:
show ports 1:1-2 collisions

Following is sample output from this command:


Port Collision Monitor Port Link Collision Histogram Status 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 ================================================================================ 1:1 A 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1:2 R 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ================================================================================ Link Status: A-Active R-Ready NP-Port not present

The numbers 1 to 16 represent the number of collisions encountered prior to successfully transmitting the packet; this is applicable only for half-duplex links.

352

ExtremeWare XOS 11.3 Command Reference

show ports collisions

History
This command was first available in ExtremeWare XOS 10.1. The Not Present variable was added in ExtremeWare XOS 11.2. The no-refresh variable was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

353

Commands for Configuring Slots and Ports on a Switch

show ports configuration


show ports {mgmt | <port_list>} configuration {no-refresh}

Description
Displays port configuration statistics.

Syntax Description
mgmt port_list no-refresh Specifies the management port. Specifies one or more ports or slots and ports. Specifies a static snapshot of data.

Default
Real-time statistics.

Usage Guidelines
If you do not specify a port number or range of ports, configuration statistics are displayed for all ports. If you specify the no-refresh parameter, the system displays a snapshot of the data at the time you issue the command. This status information may be useful for your technical support representative if you have a network problem. This command displays port configuration, which includes:

Virtual router Port state Autonegotiation information Link state Link speed Duplex mode Flow control Load sharing information Link media information NOTE

On 10 Gbps ports, the Media Primary column displays NONE when no module is installed, and SR, LR, or ER depending on the module installed when there is one present.

354

ExtremeWare XOS 11.3 Command Reference

show ports configuration

Example
The following command displays the port configuration for all ports:
show ports configuration Port Configuration Port Virtual Port Link Auto Speed Duplex Flow Load Media router State State Neg Cfg Actual Cfg Actual Cntrl Master Primary ================================================================================ 1:1 VR-Default E A ON AUTO 100 AUTO FULL SY/ASYM UTP 1:2 VR-Default E R ON AUTO AUTO UTP 2:1 VR-Default E R ON AUTO AUTO UTP 2:2 VR-Default E R ON AUTO AUTO UTP 3:1 VR-Default E R ON AUTO AUTO UTP 3:2 VR-Default E R ON AUTO AUTO UTP 4:1 VR-Default E R ON AUTO AUTO UTP 4:2 VR-Default E R ON AUTO AUTO UTP 5:1 VR-Default E R ON AUTO AUTO UTP 5:2 VR-Default E R ON AUTO AUTO UTP 5:3 VR-Default E R ON AUTO AUTO UTP 5:4 VR-Default E R ON AUTO AUTO UTP 5:5 VR-Default E R ON AUTO AUTO UTP 5:6 VR-Default E R ON AUTO AUTO UTP 5:7 VR-Default E R ON AUTO AUTO UTP 5:8 VR-Default E R ON AUTO AUTO UTP 5:9 VR-Default E R ON AUTO AUTO UTP 5:10 VR-Default E R ON AUTO AUTO UTP . . . . 5:106 VR-Default E R ON AUTO AUTO UTP 5:107 VR-Default E R ON AUTO AUTO UTP 5:108 VR-Default E R ON AUTO AUTO UTP ================================================================================ Link Status: A-Active, R-Ready, NP-Port not present Port State: D-Disabled E-Enabled Media: !-Unsupported XENPAK

The following command displays the port configuration statistics for slot 2, port 2:
show ports 2:2 configuration

Following is sample output from this command:


Port Configuration Port Virtual Port Link Auto Speed Duplex Flow Load Media router State State Neg Cfg Actual Cfg Actual Cntrl Master Primary ================================================================================ 2:2 VR-Default E R ON AUTO AUTO UTP ================================================================================ Link Status: A-Active, R-Ready, NP-Port not present Port State: D-Disabled E-Enabled Media: !-Unsupported XENPAK

ExtremeWare XOS 11.3 Command Reference

355

Commands for Configuring Slots and Ports on a Switch

History
This command was first available in ExtremeWare XOS 10.1. The Port not present and Media variables were added in ExtremeWare XOS 11.2. The no-refresh variable was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

356

ExtremeWare XOS 11.3 Command Reference

show ports information

show ports information


show ports {mgmt | <port_list>} information {detail}

Description
Displays detailed system-related information.

Syntax Description
mgmt port_list detail Specifies the management port. Specifies one or more ports of slots and ports. Specifies detailed port information.

Default
N/A.

Usage Guidelines
This command displays information, including the following:

Port number Diagnostics Port configuration


Virtual router Admin state Link state and speed Link counter VLAN configuration STP configuration Trunking EDP Load balancing Learning Egress flooding QoS profiles VMAN status Smart Redundancy status SRP status Additional platform-specific information

If you do not specify a port number or range of ports, detailed system-related information is displayed for all ports. The data is displayed in a table format.

ExtremeWare XOS 11.3 Command Reference

357

Commands for Configuring Slots and Ports on a Switch This status information may be useful for your technical support representative if you have a network problem. The detail parameter is used to provided more specific port information. The data is called out with written explanations versus displayed in a table format. The detailed output displays a link filter counter. The link filter counter is calculated at the middle layer on receiving an event. The link filter up indicates the number of link transitions from down to up at the middle layer filter.

Example
The following command displays port system-related information:
show port 3:1 information

Following is sample output from this command:


QB_Mariner.4 > show port 3:1 info Port Link Link Num Num Num Jumbo QOS Load State UPS STP VLAN Proto Size profile Master ================================================================================ 3:1 P Em------e-- ready 0 0 1 1 9216 ================================================================================ Flags : a - Load Sharing Algorithm address-based, D - Port Disabled, e - Extreme Discovery Protocol Enabled, E - Port Enabled, f - Flooding Enabled, g - Egress TOS Enabled, j - Jumbo Frame Enabled, l - Load Sharing Enabled, m - MACLearning Enabled, n - Ingress TOS Enabled, o - Dot1p Replacement Enabled, P - Software redundant port(Primary), q - Background QOS Monitoring Enabled, R - Software redundant port(Redunda nt), s - diffserv Replacement Enabled, v - Vman Enabled, f - Unicast Flooding Enabled M - Multicast Flooding Enabled, B - Broadcast Flooding Enabled Diag Flags

NOTE
The BlackDiamond 10K switch has an additional flag: p - Load Sharing Algorithm, port-based.

BlackDiamond 8800 family of switches and the Summit X450 switch only. The following command displays more specific information for slot 3, port 1 on a BlackDiamond 8810 switch:
show ports 3:1 information detail

Following is sample output from this command:


Port: 3:1 Virtual-router: VR-Default Type: UTP Random Early drop: Disabled Admin state: Enabled with auto-speed sensing Link State: Active, 1 Gbps, full-duplex Link Counter: Up 1 time(s) VLAN cfg:

auto-duplex

358

ExtremeWare XOS 11.3 Command Reference

show ports information


Name: Default, Internal Tag = 1 (MAC-Based), MAC-limit = No-limit STP cfg: s0(disable), Tag=(none), Mode=802.1D, State=FORWARDING Protocol: Name: Default Protocol: ANY Match all protocols. Trunking: Load sharing is not enabled. EDP: Enabled DLCS: Unsupported lbDetect: Unsupported Learning: Enabled Unicast Flooding: Enabled Multicast Flooding: Enabled Broadcast Flooding: Enabled Jumbo: Disabled BG QoS monitor: Unsupported Egress Port Rate: 128 Kbps, Max Burst Size: 200 Kb Broadcast Rate: No-limit Multicast Rate: No-limit Unknown Dest Mac Rate: No-limit QoS Profile: QP3 configured by user Ingress Rate Shaping : Unsupported Ingress IPTOS Examination: Disabled Egress IPTOS Replacement: Disabled Egress 802.1p Replacement: Disabled NetLogin: Enabled NetLogin authentication mode: MAC based NetLogin port mode: MAC based VLANs Smart redundancy: Enabled Software redundant port: Disabled Auto-polarity: Enabled

BlackDiamond 10K switch only. The following command displays more specific information for slot 1, port 1 on a BlackDiamond 10K switch:
show ports 1:1 information detail

Following is sample output from this command:


Port: 1:1 Virtual-router: VR-Default Type: UTP Random Early drop: Disabled Admin state: Enabled with auto-speed sensing auto-duplex Link State: Active, 100Mbps, full-duplex Link Counter: Up 1 time(s) VLAN cfg: Name: peggy, Internal Tag = 4094, MAC-limit = No-limit STP cfg: Protocol: Trunking: EDP: Name: peggy Protocol: ANY Load sharing is not enabled. Enabled Match all protocols.

ExtremeWare XOS 11.3 Command Reference

359

Commands for Configuring Slots and Ports on a Switch


DLCS: Unsupported lbDetect: Unsupported Learning: Enabled Unicast Flooding: Enabled Multicast Flooding: Enabled Broadcast Flooding: Enabled Jumbo: Disabled BG QoS monitor: Unsupported QoS Profile: None configured Queue: QP1 MinBw = 0% MaxBw = QP2 MinBw = 0% MaxBw = QP3 MinBw = 0% MaxBw = QP4 MinBw = 0% MaxBw = QP5 MinBw = 0% MaxBw = QP6 MinBw = 0% MaxBw = QP7 MinBw = 0% MaxBw = QP8 MinBw = 0% MaxBw = Ingress Rate Shaping : Unsupported Ingress IPTOS Examination: Disabled Egress IPTOS Replacement: Disabled Egress 802.1p Replacement: Disabled NetLogIn: Disabled Smart redundancy: Enabled Software redundant port: Enabled Primary: 1:1 Redundant: 1:2 Redundant link configuration: Off autopolarity: Enabled

100% 100% 100% 100% 100% 100% 100% 100%

Pri Pri Pri Pri Pri Pri Pri Pri

= = = = = = = =

1 2 3 4 5 6 7 8

NOTE
On the BlackDiamond 10K switch, the screen displays both ingress and egress QoS settings. The 10Gbps ports have 8 ingress queues, and the 1 Gbps ports have 2 ingress queues.(Refer to the ExtremeWare XOS Concepts Guide for more information on ingress queues, or bi-directional rate shaping.)

History
This command was first available in ExtremeWare XOS 10.1. Information on ingress rate shaping was added in ExtremeWare XOS 11.0. NetLogIn, Smart Redundancy, and rate limiting were added in ExtremeWare XOS 11.1. Information on unicast, multicast, and broadcast flooding; the Port not present parameter; and autopolarity status were added in ExtremeWare XOS 11.2. The netlogin parameters were added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

360

ExtremeWare XOS 11.3 Command Reference

show ports packet

show ports packet


show ports {mgmt | <port_list>} packet {no-refresh}

Description
Displays a histogram of packet statistics.

Syntax Description
mgmt port_list no-refresh Specifies the management port. Specifies one or more ports or slots and ports. Specifies a static snapshot of data.

Default
Real-time statistics.

Usage Guidelines
If you do not specify a port number or range of ports, the system displays information for all ports; if you specify the no-refresh parameter, the system displays a snapshot of the data at the time you issue the command. To clear the counters, use the clear counters ports command. This status information may be useful for your technical support representative if you have a network problem. The following packet statistics are displayed:

Port number Link state Packet size

Example
The following command displays packet statistics for slot 1, port 1, slot 2, port 1, and slot 5, ports 1 through 8 on a modular switch:
show ports 1:1, 2:1, 5:1-5:8 packet

Following is sample output from this command:


Port Link Packet Sizes State 0-64 65-127 128-255 256-511 512-1023 1024-1518 Jumbo ================================================================================ 1:1 A 0 0 0 0 0 0 0 2:1 R 0 0 0 0 0 0 0 5:1 R 0 0 0 0 0 0 0 5:2 R 0 0 0 0 0 0 0 5:3 R 0 0 0 0 0 0 0

ExtremeWare XOS 11.3 Command Reference

361

Commands for Configuring Slots and Ports on a Switch


5:4 R 0 0 0 0 0 0 0 5:5 R 0 0 0 0 0 0 0 5:6 R 0 0 0 0 0 0 0 5:7 R 0 0 0 0 0 0 0 5:8 R 0 0 0 0 0 0 0 ================================================================================ Link Status: A-Active R-Ready, NP-Port not present

History
This command was first available in ExtremeWare XOS 10.1. The Port Not Present variable was added in ExtremeWare XOS 11.2. The no-refresh variable was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

362

ExtremeWare XOS 11.3 Command Reference

show ports redundant

show ports redundant


show ports redundant

Description
Displays detailed information about redundant ports.

Syntax
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays information on software-controlled redundant ports on the switch:
show ports redundant

Following is sample output from this command:


Primary: *1:1 Redundant: 3:1, Link on/off option: OFF Flags: (*)Active, (!) Disabled, (g) Load Share Group

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

363

Commands for Configuring Slots and Ports on a Switch

show ports sharing


show ports sharing

Description
Displays port load-sharing groups, or link aggregation groups (LAGs).

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Output from this command displays the following information:

Config MasterThe port that is configured as the master logical port of the link aggregation group (LAG). This number is also the LAG group ID. Current MasterIn LACP, this is the port that is currently the LAG group ID, or master logical port for the LAG. Agg ControlThis is the aggregation control for the specified LAG; it can be either static or LACP. In LACP, it is the aggregation control for the specified LAG. Ld Share AlgorithmThe algorithm used for the link aggregation. The available link aggregation algorithms vary among platforms; see the ExtremeWare XOS Concepts Guide for more information. Ld Share GroupThe specific ports that belong to each LAG, or the port numbers in the trunk. A port can belong to only one LAG, either static or dynamic. Agg MbrIn LACP, this shows whether the port has been added to the aggregator or not; it will be either Y for yes or - for no. Link StatusThis is the current status of the link Link Up transitionsNumber of times the link has cycled through being up, then down, then up.

Example
The following command displays link aggregation on the switch:
show ports sharing

The following is sample output from this command on the Summit X450 switch:
Load Sharing Monitor Config Current Agg Ld Share Ld Share Agg Link Link Up Master Master Control Algorithm Group Mbr Status transitions ============================================================================== 5 5 LACP L2 5 Y A 3 L2 6 Y A 3

364

ExtremeWare XOS 11.3 Command Reference

show ports sharing


L2 7 Y A 3 L2 8 Y A 3 L2 9 A 3 L2 10 A 3 12 Static L2 12 R 0 L2 13 R 0 =========================================================================== Link Status: A-Active, D-Disabled, R-Ready, NP-Port not present Load Sharing Algorithm: (L2) Layer 2 address based, (L3) Layer 3 address based Default algorithm: L2 Number of load sharing trunks: 2

History
This command was first available in ExtremeWare XOS 10.1. The LACP (dynamic link aggregation) feature was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

365

Commands for Configuring Slots and Ports on a Switch

show ports utilization


show ports {mgmt | <port_list>} utilization {bandwidth | bytes | packets}

Description
Displays real-time port utilization information. The total utilization displays as real-time information, constantly refreshing, and the parameter displays show a snapshot of the activity on the port when you issue the command.

Syntax Description
mgmt port_list bandwidth bytes packets Specifies the management port. Specifies one or more ports or slots and ports. Specifies port utilization as percentage of bandwidth. Specifies port utilization in bytes per second. Specifies port utilization in packets per second.

Default
N/A.

Usage Guidelines
The software continuously monitors port utilization and calculates bandwidth as a function of each ports maximum link capacity. The total utilization display presents real-time statistics; the display for bandwidth, bytes, and packets shows a snapshot per port when you issued the command. If you do not specify a port number or range of ports, port utilization information is displayed for all ports. This status information may be useful for your technical support representative if you have a network problem.

Example
The following command displays utilization statistics for port 1 on a stand-alone switch:
show ports 1 utilization

The following command displays utilization statistics for slot 3, port 1 on a modular switch:
show ports 3:1 utilization

The following example shows sample output from the show ports utilization command for all ports on the Summit X450 switch (real-time display that constantly refreshes):
Link Utilization Averages Fri Aug 5 13:23:45 UTC 2005 Port Link Receive Peak Rx Transmit Peak Transmit Status packets/sec packets/sec packets/sec packets/sec ================================================================================ 1 A 0 0 0 0 2 R 0 0 0 0 3 R 0 0 0 0

366

ExtremeWare XOS 11.3 Command Reference

show ports utilization


4 R 0 0 0 0 5 R 0 0 0 0 6 R 0 0 0 0 7 R 0 0 0 0 8 R 0 0 0 0 9 R 0 0 0 0 10 R 0 0 0 0 11 R 0 0 0 0 12 R 0 0 0 0 13 R 0 0 0 0 14 R 0 0 0 0 15 R 0 0 0 0 16 R 0 0 0 0 17 R 0 0 0 0 ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present Spacebar->toggle screen U->page up D->page down ESC->exit

The following example shows sample output from the show ports utilization bandwidth command:
Port Link Link Receive Peak Rx Transmit Peak Transmit Status Speed % bandwidth % bandwidth % bandwidth % bandwidth ================================================================================ 1 A 1000 0.00 0.00 0.00 0.00 2 R 0 0.00 0.00 0.00 0.00 3 R 0 0.00 0.00 0.00 0.00 4 R 0 0.00 0.00 0.00 0.00 5 R 0 0.00 0.00 0.00 0.00 6 R 0 0.00 0.00 0.00 0.00 7 R 0 0.00 0.00 0.00 0.00 8 R 0 0.00 0.00 0.00 0.00 9 R 0 0.00 0.00 0.00 0.00 10 R 0 0.00 0.00 0.00 0.00 11 R 0 0.00 0.00 0.00 0.00 12 R 0 0.00 0.00 0.00 0.00 13 R 0 0.00 0.00 0.00 0.00 14 R 0 0.00 0.00 0.00 0.00 15 R 0 0.00 0.00 0.00 0.00 16 R 0 0.00 0.00 0.00 0.00 17 R 0 0.00 0.00 0.00 0.00 18 R 0 0.00 0.00 0.00 0.00 19 R 0 0.00 0.00 0.00 0.00 20 R 0 0.00 0.00 0.00 0.00 21 R 0 0.00 0.00 0.00 0.00 22 R 0 0.00 0.00 0.00 0.00 23 R 0 0.00 0.00 0.00 0.00 24 R 0 0.00 0.00 0.00 0.00 25 R 0 0.00 0.00 0.00 0.00 26 R 0 0.00 0.00 0.00 0.00 ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present

The following example shows sample output of the show ports utilization bytes command:
Port Link Receive Peak Rx Transmit Peak Transmit

ExtremeWare XOS 11.3 Command Reference

367

Commands for Configuring Slots and Ports on a Switch


Status bytes/sec bytes/sec bytes/sec bytes/sec ================================================================================ 1 A 0 0 0 0 2 R 0 0 0 0 3 R 0 0 0 0 4 R 0 0 0 0 5 R 0 0 0 0 6 R 0 0 0 0 7 R 0 0 0 0 8 R 0 0 0 0 9 R 0 0 0 0 10 R 0 0 0 0 11 R 0 0 0 0 12 R 0 0 0 0 13 R 0 0 0 0 14 R 0 0 0 0 15 R 0 0 0 0 16 R 0 0 0 0 17 R 0 0 0 0 18 R 0 0 0 0 19 R 0 0 0 0 20 R 0 0 0 0 21 R 0 0 0 0 22 R 0 0 0 0 23 R 0 0 0 0 24 R 0 0 0 0 25 R 0 0 0 0 26 R 0 0 0 0 ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present

The following example shows sample output of the show ports utilization packets command:
Port Link Receive Peak Rx Transmit Peak Transmit Status packets/sec packets/sec packets/sec packets/sec ================================================================================ 1 A 0 0 0 0 2 R 0 0 0 0 3 R 0 0 0 0 4 R 0 0 0 0 5 R 0 0 0 0 6 R 0 0 0 0 7 R 0 0 0 0 8 R 0 0 0 0 9 R 0 0 0 0 10 R 0 0 0 0 11 R 0 0 0 0 12 R 0 0 0 0 13 R 0 0 0 0 14 R 0 0 0 0 15 R 0 0 0 0 16 R 0 0 0 0 17 R 0 0 0 0 18 R 0 0 0 0 19 R 0 0 0 0 20 R 0 0 0 0

368

ExtremeWare XOS 11.3 Command Reference

show ports utilization


21 R 0 0 0 0 22 R 0 0 0 0 23 R 0 0 0 0 24 R 0 0 0 0 25 R 0 0 0 0 26 R 0 0 0 0 ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

369

Commands for Configuring Slots and Ports on a Switch

show slot
show slot {<slot> {detail} | detail }

Description
Displays the slot-specific information.

Syntax Description
slot detail Specifies a slot on a modular switch. Specifies detailed port information.

Default
N/A.

Usage Guidelines
The show slot command displays the following information:

The slot number The type of module installed in the slot The type that the module is configured as The state of the module, whether the power is down, if the module is operational, if a diagnostic being run, if there is a mismatch between the slot configuration and the module in the slot The number of ports on the module

If you do not specify a slot number, information for all slots is displayed. The display also includes a notice of insufficient power, should that arise. The show slot command displays the following states, among others:

Empty Down Power ON Powered OFF Booting Initializing VLAN sync FDB sync ACL sync RT sync Operational

370

ExtremeWare XOS 11.3 Command Reference

show slot

Example
You see slightly different displays, depending on the platform. BlackDiamond 8800 family of switches (formerly known as Aspen) only. The following example displays module information for all slots:
Slots Type Configured State Ports Flags ------------------------------------------------------------------------------Slot-1 Empty 0 Slot-2 G24X G24X Operational 24 M S Slot-3 Empty 0 Slot-4 Empty 0 Slot-5 G8X G8X Operational 8 M S Slot-6 Empty 0 Slot-7 G48P Empty 48 Slot-8 G48P Operational 48 M S Slot-9 10G4X 10G4X Powered OFF 4 SI Slot-10 Empty 0 MSM-A MSM-G8X Operational 0 S MSM-B Empty 0 Flags : M B D I Backplane link to Master MSM is Active Backplane link to Backup MSM is also Active Slot Disabled, S - Slot Secured Insufficient Power (refer to "show power budget")

The following example displays module information for a specified slot on the BlackDiamond 8810 switch:
BD-8810.3 # show slot 2 Slot-2 information:

State:
Download %: Flags: Serial number: Hw Module Type: SW Version: SW Build: Configured Type: Ports available: Flags : M B D I -

Operational
100 M S 800115-00-02 04314-00006 G24X 11.1.0.0 v11100 by Wed Oct 20 16:01:52 PDT 2004 G24X 24

Backplane link to Master MSM is Active Backplane link to Backup MSM is also Active Slot Disabled, S - Slot Secured Insufficient Power (refer to "show power budget")

BlackDiamond 10K switch only. The following example displays module information for all slots:
BD-10808.2 # show slot Slots Type Configured State Ports Flags ------------------------------------------------------------------------------Slot-1 Empty 0 Slot-2 Empty 0 Slot-3 Empty 0 Slot-4 Empty 0 Slot-5 Empty 0

ExtremeWare XOS 11.3 Command Reference

371

Commands for Configuring Slots and Ports on a Switch


Slot-6 Slot-7 Slot-8 MSM-A MSM-B Flags : M B D I E Empty Operational Empty Operational Present 0 60 0 0 0

G60T MSM-1XL MSM-1XL -

Backplane link to Master MSM is Active Backplane link to Backup MSM is also Active Slot Disabled, S - Slot Secured Insufficient Power (refer to "show power budget") Errors on slot will be ignored (no corrective action initiated)

The following example displays module information for a specified slot on the BlackDiamond 10K switch:
BD-10808.3 # show slot 7 Slot-7 information: State: Download %: Flags: Serial number: Hw Module Type: SW Version: SW Build: 004 Configured Type: Ports available: Flags : M B D I E -

Operationa 100 M 804403-00-02 0330Z-00086 G60T 11.1.1.1 v1111b1 by release-manager on Fri Nov 5 06:42:22 PST 2 G60T 60

Backplane link to Master MSM is Active Backplane link to Backup MSM is also Active Slot Disabled, S - Slot Secured Insufficient Power (refer to "show power budget") No corrective actions to be taken

You see the same output if you add the optional parameter detail to the command for displaying a specified slot number. The following example displays detailed module information for all slots:
BD-10808.4 # show slot detail Slot-1 information: State: Flags: Serial number: Hw Module Type: Configured Type: Ports available: Slot-2 information: State: Flags: Serial number: Hw Module Type: Configured Type: Ports available:

Empty

Empty

372

ExtremeWare XOS 11.3 Command Reference

show slot
Slot-3 information: State: Flags: Serial number: Hw Module Type: Configured Type: Ports available: Slot-4 information: State: Flags: Serial number: Hw Module Type: Configured Type: Ports available: Slot-5 information: State: Flags: Serial number: Hw Module Type: Configured Type: Ports available: Slot-6 information: State: Flags: Serial number: Hw Module Type: Configured Type: Ports available: Slot-7 information: State: Download %: Flags: Serial number: Hw Module Type: SW Version: SW Build: 004 Configured Type: Ports available: Slot-8 information: State: Flags: Serial number: Hw Module Type: Configured Type: Ports available: MSM-A information: State: Download %: Flags:

Empty

Empty

Empty

Empty

Operational 100 M 804403-00-02 0330Z-00086 G60T 11.1.1.1 v1111b1 by release-manager on Fri Nov 5 06:42:22 PST 2 G60T 60

Empty

Operational 100

ExtremeWare XOS 11.3 Command Reference

373

Commands for Configuring Slots and Ports on a Switch


Serial number: Hw Module Type: Configured Type: Ports available: MSM-B information: State: Download %: Flags: Serial number: Hw Module Type: Configured Type: Ports available: Flags : M B D I 804301-00-02 ENGSN00017 MSM-1XL 0

Present 0 804301-00-02 ENGSN00029 MSM-1XL 0

Backplane link to Master MSM is Active Backplane link to Backup MSM is also Active Slot Disabled, S - Slot Secured Insufficient Power (refer to "show power budget")

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches.

374

ExtremeWare XOS 11.3 Command Reference

unconfigure ports display string

unconfigure ports display string


unconfigure ports <port_list> display-string

Description
Clears the user-defined display string from one or more ports.

Syntax Description
port_list Specifies one or more ports or slots and ports.

Default
N/A.

Usage Guidelines
This command removes the display string that you configured using the configure ports displaystring command.

Example
The following command clears the user-defined display string from slot 2, port 4 on a modular switch:
unconfigure ports 2:4 display-string

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

375

Commands for Configuring Slots and Ports on a Switch

unconfigure ports redundant


unconfigure ports <port_list> redundant

Description
Clears a previously configured software-controlled redundant port.

Syntax Description
port_list This refers to the primary port of the redundant pair and specifies one or more ports or slots and ports.

Default
N/A.

Usage Guidelines
The list of port numbers or the port display string specifies the primary port(s).

Example
The following command unconfigures a software-controlled redundant port on a modular switch:
unconfigure ports 2:3 redundant

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

376

ExtremeWare XOS 11.3 Command Reference

unconfigure slot

unconfigure slot
unconfigure slot <slot>

Description
Clears a slot of a previously assigned module type.

Syntax Description
slot Specifies a slot on a modular switch.

Default
N/A.

Usage Guidelines
If you issue the unconfigure slot command on a slot containing a module with any ports configured for software-controlled redundancy, this command wipes away all software-controlled redundancy on both ports; both ports return to normal. Refer to ExtremeWare XOS Concepts Guide for more information on software-controlled redundant ports.

Example
The following command clears slot 4 of a previously assigned module type:
unconfigure slot 4

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches.

ExtremeWare XOS 11.3 Command Reference

377

Commands for Configuring Slots and Ports on a Switch

378

ExtremeWare XOS 11.3 Command Reference

LLDP Commands

Beginning with ExtremeWare XOS version 11.2, the software supports the Link Layer Discovery Protocol (LLDP). LLDP provides a standard method of discovering and representing the physical network connections of a given network management domain. LLDP works together with Extreme Discovery Protocol (EDP). LLDP works together with Extreme Discovery Protocol (EDP); it also works independently, you do not have to run EDP to use LLDP. The LLDP neighbor discovery protocol allows you to discover and maintain accurate network topologies in a multivendor environment. The one-way protocol LLDP protocol transmits periodic advertisements containing device information and media-specific configuration information to neighbors attached to the same network. LLDP agents cannot solicit information from other agents by way of this protocol. The type length value (TLV) format with link layer control frames is used to communicate with other LLDP agents. LLDP agents also receive link layer control frames, extract the information in TLVs, and store them in LLDP MIB objects. You configure LLDP per port, and each port can store received information for a maximum of four neighboring ports. All LLDP configurations are saved across reboots when you issue the save configuration command.

NOTE
Because each LLDP protocol data unit (LLDPDU) is limited to 1500 bytes, the system drops configured optional TLVs that exceed this limit. To see if your system is dropping TLVs, issue the show lldp statistics command.

ExtremeWare XOS 11.3 Command Reference

379

LLDP Commands

configure lldp ports management-address


configure lldp ports [all | <port_list>] [advertise | no-advertise] management-address

Description
Configures the LLDP port to advertise or not to advertise management address information to its neighbors.

Syntax Description
all port_list advertise no-advertise Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors.

Default
No advertise.

Usage Guidelines
With ExtremeWare XOS, you can only add one management address TLV per LLDPDU and the information must be the IP address configured on the management VLAN. If no IP address is assigned to the management VLAN, the system sends the system MAC address. LLDP does not send out IPv6 addresses in this field.

Example
The following command advertises the management address information for port 1:5:
configure lldp ports 1:5 advertise management-address

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

380

ExtremeWare XOS 11.3 Command Reference

configure lldp ports port-description

configure lldp ports port-description


configure lldp ports [all | <port_list>] [advertise | no-advertise] portdescription

Description
Configures the LLDP port to advertise or not advertise port description information to its neighbors.

Syntax Description
all port_list advertise no-advertise Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors.

Default
No advertise.

Usage Guidelines
N/A.

Example
The following command configures port 1:7 to not advertise the port description information to neighbors:
configure lldp ports 1:7 no-advertise port-description

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

381

LLDP Commands

configure lldp ports system-capabilities


configure lldp ports [all | <port_list>] [advertise | no-advertise] systemcapabilities

Description
Configures the LLDP port to advertise or not to advertise its system capabilities to its neighbors.

Syntax Description
all port_list advertise no-advertise Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors.

Default
No advertise.

Usage Guidelines
When at least one VLAN exists with more than two ports, bridging is sent to enabled. When at least one VLAN on the switch has IP forwarding enabled, the system automatically sets the router bit.

Example
The following command configures all ports to advertise system capability information to neighbors:
configure lldp ports all advertise system-capabilities

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

382

ExtremeWare XOS 11.3 Command Reference

configure lldp ports system-description

configure lldp ports system-description


configure lldp ports [all | <port_list>] [advertise | no-advertise] systemdescription

Description
Configures the LLDP port to advertise or not to advertise its system description to its neighbors.

Syntax Description
all port_list advertise no-advertise Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors.

Default
Advertise.

Usage Guidelines
Although not mandatory according to the standard, this TLV is included in the LLDPU by default when you enable LLDP. When enabled, the system sends the following image (from the show version command) in the system description TLV:
ExtremeWare XOS version 11.2.0.12 v1120b12 by release-manager on Fri Mar 18 16:01:08 PST 2005

Example
The following command configures port 1:4 through port 1:8 to not advertise the system description information to neighbors:
configure lldp ports 1:4 - 1:8 no-advertise system-description

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

383

LLDP Commands

configure lldp ports system-name


configure lldp ports [all | <port_list>] [advertise | no-advertise] systemname

Description
Configures the LLDP port to advertise or not to advertise its system name to its neighbors.

Syntax Description
all port_list advertise no-advertise Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors.

Default
No advertise.

Usage Guidelines
N/A.

Example
The following command configures port 1:6 to advertise the system name to neighbors:
configure lldp ports 1:4 - 1:8 advertise system-name

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

384

ExtremeWare XOS 11.3 Command Reference

configure lldp ports vendor-specific dot1 port-vlan-ID

configure lldp ports vendor-specific dot1 port-vlan-ID


configure lldp ports [all | <port_list>] [advertise | no-advertise] vendorspecific dot1 port-vlan-ID

Description
Configures the LLDP port to advertise or not advertise port vlan ID information to its neighbors. This allows a VLAN bridge port to advertise the port VLAN identifier that is associated with untagged or priority-tagged frames.

Syntax Description
all port_list advertise no-advertise Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors.

Default
No advertise.

Usage Guidelines
The port VLAN ID TLV allows the port to transmit the VLAN ID associated with untagged VLANs. There can be only one port VLAN ID in each LLPDU. If no untagged VLANs are configured on the specified port, the TLV is not added to the LLPDU, even if you configured this to advertise.

Example
The following command configures all ports to advertise port vlan ID information to neighbors:
configure lldp ports all advertise vendor-specific dot1 port-vlan-ID

History
This command was first available in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

385

LLDP Commands

configure lldp ports vendor-specific dot1 port-protocolvlan-ID


configure lldp ports [all | <port_list>] [advertise | no-advertise] vendorspecific dot1 port-protocol-vlan-ID {vlan [all | <vlan_name>]}

Description
Configures the LLDP port to advertise or not advertise port VLAN information to its neighbors.

Syntax Description
all port_list advertise no-advertise all vlan_name Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors. Specifies all VLANs on the port. Specifies the VLAN on the port that you want to advertise.

Default
No advertise.

Usage Guidelines
When configured to advertise, the switch inserts a port and protocol VLAN ID TLV for each VLAN configured on the ports. The port and protocol VLAN ID TLV allows the port to advertise if it supports protocol and/or tagged VLANs, along with the associated tagged values. A separate TLV is sent for each VLAN that you want to advertise. By default, once you configure this TLV, the system sends all protocol-based VLANs on the port. However, the LLDPDU cannot exceed 1500 bytes, so you should configure the port to advertise only the specified VLANs.

NOTE
The total LLPDU size is 1500 bytes; any TLVs after that limit are dropped.

This TLV does not send information on the type of protocol that the VLAN has enabled; it just says whether the port is enabled or disabled for protocol-based VLANs. As Extreme Networks devices are always capable of supporting protocol-based VLANs, once you configure this TLV, the system always advertises support these VLANs.

386

ExtremeWare XOS 11.3 Command Reference

configure lldp ports vendor-specific dot1 port-protocol-vlan-ID

Example
The following command configures all ports to advertise port and protocol VLAN information to neighbors for all VLANs on all ports:
configure lldp ports all advertise vendor-specific dot1 port-protocol-vlan-id

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

387

LLDP Commands

configure lldp ports vendor-specific dot1 vlan-name


configure lldp ports [all | <port_list>] [advertise | dont-advertise] vendor-specific dot1 vlan-name {vlan [all | <vlan_name>]}

Description
Configures the LLDP port to advertise or not advertise VLAN name information to its neighbors. Use this TLV to advertise information for the tagged VLANs you want to specify on the port. This allows an IEEE 802.1Q-compatible 802 LAN station to advertise the assigned name of any VLAN with which it is configured.

Syntax Description
all port_list advertise no-advertise vlan vlan_name Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors. Specifies all VLANs on the port. Specifies the VLAN on the port that you want to advertise.

Default
No advertise.

Usage Guidelines
The VLAN name TLV sends the VLAN name and the tag used; it associates a name to a tag for the specified VLAN. This allows an IEEE 802.1Q-compatible 802 LAN station to advertise the assigned name of any VLAN with which it is configured. You can enable this TLV for tagged and untagged VLANs. When you enable this TLV for tagged VLANs, the TLV advertises the IEEE 802.1Q tag for that VLAN. (For untagged VLANs, the internal tag is advertised.) You can specify exactly which VLANs to advertise. When configured to advertise, the switch inserts a VLAN name TLV for every VLAN configured on the ports. By default, once you configure this TLV, the system sends all VLAN names on the port. However, each VLAN name can require up to 32 bytes and the LLDPDU cannot exceed 1500 bytes, so you should configure the port to advertise only the specified VLANs, using the keyword vlan_name. NOTE
The total LLPDU size is 1500 bytes; any TLVs after that limit are dropped.

388

ExtremeWare XOS 11.3 Command Reference

configure lldp ports vendor-specific dot1 vlan-name

Example
The following command configures all ports to not advertise VLAN name information to neighbors:
configure lldp ports all no-advertise vendor-specific dot1 vlan-name

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

389

LLDP Commands

configure lldp ports vendor-specific dot3 linkaggregation


configure lldp ports [all | <port_list>] [advertise | no-advertise] vendorspecific dot3 link-aggregation

Description
Configures the LLDP port to advertise or not advertise link-aggregation capabilities to its neighbors.

Syntax Description
all port_list advertise no-advertise Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors.

Default
No advertise.

Usage Guidelines
When configured, this TLV is added to each LLDP port LLDPDU indicating the link-aggregation capabilities, status, and value of the master port of the load-sharing group.

Example
The following command configures port 1:12 to not advertise link-aggregation capabilities to neighbors:
configure lldp ports 1:12 not-advertise vendor-specific dot3 link-aggregation

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

390

ExtremeWare XOS 11.3 Command Reference

configure lldp ports vendor-specific dot3 mac-phy

configure lldp ports vendor-specific dot3 mac-phy


configure lldp ports [all | <port_list>] [advertise | no-advertise] vendorspecific dot3 mac-phy

Description
Configures the LLDP port to advertise or not advertise MAC and physical layer capabilities to its neighbors. The capabilities include duplex and bit rate.

Syntax Description
all port_list advertise no-advertise Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors.

Default
No advertise.

Usage Guidelines
When configured, the system add information about the speed capabilities, as well as autonegotiation support and status, of the LLDP port.

Example
The following command configures all ports to advertise MAC/PHY capabilities to neighbors:
configure lldp ports all advertise vendor-specific dot3 mac-phy

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

391

LLDP Commands

configure lldp ports vendor-specific dot3 max-framesize


configure lldp ports [all | <port_list>] [advertise | no-advertise] vendorspecific dot3 max-frame-size

Description
Configures the LLDP port to advertise or not advertise its maximum frame size to its neighbors.

Syntax Description
all port_list advertise no-advertise Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors.

Default
No advertise.

Usage Guidelines
When jumbo frames are not enabled on the specified port, the TLV reports a value of 1518 once you configure it to advertise. If jumbo frames are enabled, the TLV inserts the configured value for the jumbo frames.

Example
The following command configures ports 1:12 and 1:13 to advertise the maximum frame size to neighbors:
configure lldp ports 1:12 - 1:13 advertise vendor-specific dot3 max-frame-size

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

392

ExtremeWare XOS 11.3 Command Reference

configure lldp ports vendor-specific dot3 power-via-mdi

configure lldp ports vendor-specific dot3 power-via-mdi


configure lldp ports [all | <port_list>] [advertise | no-advertise] vendorspecific dot3 power-via-mdi

Description
Configures the LLDP port to advertise or not advertise Power over Ethernet (PoE) capabilities to its neighbors.

Syntax Description
all port_list advertise no-advertise Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies to send the information to neighbors. Specifies not to send the information to neighbors.

Default
No advertise.

Usage Guidelines
When configured, the system includes this TLV. Extreme Networks recommends enabling this TLV only on PoE-capable ports. The following information is transmitted for LLDP ports with this TLV:

Support PoE or not Port class


Power sourcing equipment (PSE) Powered device (PD) Signal Spare

Power pairs used to supply power


Power status Support pairs control or not Power class


Class0 Class1 Class2 Class2 Class3 Class4

ExtremeWare XOS 11.3 Command Reference

393

LLDP Commands

Example
The following command configures all ports to advertise power capabilities to neighbors:
configure lldp ports all advertise vendor-specific dot3 power-via-mdi

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

394

ExtremeWare XOS 11.3 Command Reference

configure lldp reinitialize-delay

configure lldp reinitialize-delay


configure lldp reinitialize-delay <seconds>

Description
Configures the delay before the receive state machine is reinstalled once the LLDP transmit mode has been disabled.

Syntax Description
seconds Specifies the delay that applies to the reinitialization attempt. The range is 1 to 10 seconds.

Default
2 seconds.

Usage Guidelines
N/A.

Example
The following command configures a reinitialization delay of 10 seconds:
configure lldp reinitialize-delay 10

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

395

LLDP Commands

configure lldp snmp-notification-interval


configure lldp snmp-notification-interval <seconds>

Description
Configures the allowed interval at which Simple Network Management Protocol (SNMP) notifications are sent.

Syntax Description
seconds Specifies the interval at which LLDP SNMP notifications are sent. The range is 5 to 3600 seconds.

Default
5 seconds.

Usage Guidelines
This is a global timer. If one port sends a notification, no notifications for other ports go out for the configured interval.

Example
The following command configures an interval of 60 seconds for LLDP SNMP notifications:
configure lldp snmp-notification-interval 60

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

396

ExtremeWare XOS 11.3 Command Reference

configure lldp transmit-delay

configure lldp transmit-delay


configure lldp transmit-delay [ auto | <seconds>]

Description
Configures the delay time between successive frame transmissions initiated by a value change or status change in any of the LLDP local systems Management Information Base (MIB). The auto option uses a formula (0.25 * transmit-interval) to calculate the number of seconds.

Syntax Description
auto seconds Uses the formula (0.25 * transmit-interval) to calculate the seconds. Specifies the interval at which LLDP notifications are sent. The range is 1 to 8291.

Default
2 seconds.

Usage Guidelines
This is the timer between triggered updates.

Example
The following command configures the delay between LLDP frame transmissions for triggered updates to be automatically calculated:
configure lldp transmit-delay auto

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

397

LLDP Commands

configure lldp transmit-hold


configure lldp transmit-hold <hold>

Description
Calculates the actual time-to-live (TTL) value used in the LLDPDU messages. The formula is transmitinterval * transmit-hold; by default the TTL value is (30*4) 120 seconds.

Syntax Description
hold Used to calculate the TTL value; the range is 2 to 10.

Default
4.

Usage Guidelines
N/A.

Example
The following command configures the transmit-hold value (which is used to calculate the TTL of the LLDP packets) to 5:
configure lldp transmit-hold 5

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

398

ExtremeWare XOS 11.3 Command Reference

configure lldp transmit-interval

configure lldp transmit-interval


configure lldp transmit-interval <seconds>

Description
Configures the periodic transmittal interval for LLDPDUs.

Syntax Description
seconds Specifies the time between LLDPDU transmissions. The range is 5 to 32768.

Default
30 seconds.

Usage Guidelines
N/A.

Example
The following command configures a transmittal interval of 20 seconds for LLDPDUs.
configure lldp transmit-interval 20

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

399

LLDP Commands

disable lldp ports


disable lldp ports [all | <port_list>] {receive-only | transmit-only}

Description
Disables LLDP transmit mode, receive mode, or transmit and receive mode on the specified port or ports.

Syntax Description
all port_list receive-only transmit-only Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies that only the receive mode for LLDP is disabled. Specifies that only the transmit mode for LLDP is disabled.

Default
Disabled.

Usage Guidelines
If you do not specify an option, both LLDP modes (transmit and receive) are disabled.

Example
The following example disables the LLDP receive mode on ports 1:2 to 1:6.
disable lldp ports 1:2-1:6 receive-only

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

400

ExtremeWare XOS 11.3 Command Reference

disable snmp traps lldp

disable snmp traps lldp


disable snmp traps lldp {ports [all | <port_list>]}

Description
Disables the sending of LLDP-specific SNMP traps on the specified port or ports.

Syntax Description
all port_list Specifies all ports on the switch. Specifies one or more ports or slots and ports.

Default
Disabled.

Usage Guidelines
If you do not specify any ports, the system stops sending LLDP traps from all ports on the switch.

Example
The following example disables sending LLDP SNMP traps on all switch ports:
disable snmp traps lldp ports all

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

401

LLDP Commands

enable lldp ports


enable lldp ports [all | <port_list>] {receive-only | transmit-only}

Description
Enables LLDP transmit mode, receive mode, or transmit and receive mode. If the transmit or receive option is not specified, both transmit and receive modes are enabled.

Syntax Description
all port_list receive-only transmit-only Specifies all ports on the switch. Specifies one or more ports or slots and ports. Specifies that the port only receives LLDP messages. Specifies that the port only transmits LLDP messages.

Default
Disabled.

Usage Guidelines
If you do not specify an option, the port is enabled to both transmit and receive LLDP messages. Once the port is enabled for LLDP in one mode and you issue another enable lldp ports command for another mode, that second mode replaces the original mode. For example, you may originally enable several ports to only receive LLDP messages and then want those ports to both receive and transmit LLDP messages. In that case, you issue the enable lldp ports command with no variables (and the receive-and-transmit mode replaces the receive-only mode). To verify the port setting for LLDP, use the show lldp {port [all | <port_list>]} {detailed} command.

Example
The following example enables LLDP transmit and receive mode on port 1:4.
enable lldp port 1:4

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

402

ExtremeWare XOS 11.3 Command Reference

enable snmp traps lldp

enable snmp traps lldp


enable snmp traps lldp {ports [all | <port_list>]}

Description
Enables the transmission of LLDP SNMP trap notifications.

Syntax Description
all port_list Specifies all ports on the switch. Specifies one or more ports or slots and ports.

Default
Disabled.

Usage Guidelines
If you do not specify any ports, the system sends LLDP traps for all ports.

Example
The following command enables LLDP SNMP traps for all ports:
enable snmp traps lldp ports all

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

403

LLDP Commands

show lldp
show lldp {port [all | <port_list>]} {detailed}

Description
Displays LLDP configuration information for the specified port or ports. Use the detailed keyword to display the configured VLANs on the port and the enabled VLAN-specific TLVs.

Syntax Description
all port_list detailed Specifies all ports on the switch. Specifies one or more ports or slots and ports. Shows information on the configured VLANs on the port.

Default
N/A.

Usage Guidelines
Use the detailed variable to display information regarding configured VLANs on the ports and any enabled VLAN-specific TLVs.

Example
The following example displays LLDP configuration information for the switch:
# show lldp LLDP LLDP LLDP LLDP LLDP transmit interval transmit hold multiplier transmit delay SNMP notification interval reinitialize delay : : : : : 30 seconds 4 (used TTL = 120 seconds) 2 seconds 5 seconds 2 seconds

LLDP Port Configuration: Port Rx Tx SNMP Optional enabled transmit TLVs Mode Mode Notification LLDP 802.1 802.3 ============================================================================ 1:1 Enabled Enabled Disabled PNDCM PpNM-LF 2:2 Enabled Enabled Disabled --D-- ------============================================================================= LLDP Flags : (P) Port Description, (N) System Name, (D) System Description (C) System Capabilities, (M) Mgmt Address 802.1 Flags: (P) Port VLAN ID, (p) Port & Protocol VLAN ID, (N) VLAN Name 802.3 Flags: (M) MAC/PHY Configuration/Status, (P) Power via MDI (L) Link Aggregation, (F) Frame Size

404

ExtremeWare XOS 11.3 Command Reference

show lldp The following example includes detailed information on the LLDP configuration for port 1:
# show lldp port 1 detailed LLDP LLDP LLDP LLDP LLDP transmit interval transmit hold multiplier transmit delay SNMP notification interval reinitialize delay : : : : : 30 seconds 4 (used TTL = 120 seconds) 2 seconds 5 seconds 2 seconds

LLDP Port Configuration: Port Rx Tx SNMP Optional enabled transmit TLVs Mode Mode Notification LLDP 802.1 802.3 ============================================================================ 1 Enabled Enabled Disabled -ND-- --N---VLAN: Default ----- ------VLAN: voice ----- --N---============================================================================= LLDP Flags : (P) Port Description, (N) System Name, (D) System Description (C) System Capabilities, (M) Mgmt Address 802.1 Flags: (P) Port VLAN ID, (p) Port & Protocol VLAN ID, (N) VLAN Name 802.3 Flags: (M) MAC/PHY Configuration/Status, (P) Power via MDI (L) Link Aggregation, (F) Frame Size

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

405

LLDP Commands

show lldp neighbors


show lldp {port [all | <port_list>]} neighbors {detailed}

Description
Displays the information related to the LLDP neighbors detected on the specified port or ports.

Syntax Description
all port_list detailed Specifies all ports on the switch. Specifies one or more ports or slots and ports. Shows detailed information on the neighbors.

Default
N/A.

Usage Guidelines
N/A.

Example
The following example displays LLDP neighbor information for all switch ports:
# show lldp port all neighbors Port Neighbor Chassis ID Neighbor Port ID TTL Age ============================================================================= 4:1 00:04:96:10:51:81 1:69 120 29 4:1 00:30:48:42:F3:12 1:1 120 1 4:2 00:04:96:10:51:80 1:1 120 60 ============================================================================= NOTE: The Chassis ID and/or Port ID might be truncated to fit the screen.

The following command lists detailed LLDP neighbor information for all switch ports:
# show lldp all neighbors detailed ----------------------------------------------------------------------------LLDP Port 4:1 detected 2 neighbors Neighbor: 00:04:96:10:51:81/1:2, age 29 seconds - Chassid ID Type: MAC Address (4) Chassis ID : "00:04:96:10:51:81" - Port ID Type: ifName (5) Port ID : "1:2" - Time to Live: 120 seconds

406

ExtremeWare XOS 11.3 Command Reference

show lldp neighbors


Neighbor: 00:30:48:42:F3:12/1:1, age 1 seconds - Chassis ID type: MAC address (4) Chassis ID : 00:30:48:42:F3:12 - Port ID type: ifName (5) Port ID : "1:1" - Time To Live: 120 seconds - Port Description: Port-2-Internet - System Name: CoreSwitch01 - System Description: "ExtremeWare X0S version 11.2.0.0 branch-shasta7_v\ 1111b7 by eelco on Tue Dec 14 09:51:30 CET 2004" - System Capabilities : "Bridge, Router" Enabled Capabilities: "Bridge" ----------------------------------------------------------------------------LLDP Port 4:2 detected 1 neighbor Neighbor: 00:04:96:10:51:80/1:2, age 60 seconds - Chassid ID Type: MAC Address (4) Chassis ID : "00:04:96:10:51:80" - Port ID Type: ifName (5) Port ID : "1:1" - Time to Live: 120 seconds

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

407

LLDP Commands

show lldp statistics


show lldp {port [all | <port_list>]} statistics

Description
Displays statistical counters related to the specified port or ports.

Syntax Description
all port_list Specifies all ports on the switch. Specifies one or more ports or slots and ports.

Default
N/A.

Usage Guidelines
The following counters are presented with the standard command (taken from the IEEE 802.1ab MIB definition):

Last table change time: Last time an entry in the LLDP database was added, changed or deleted. Number of table inserts: The number of times the complete set of information advertised by a particular neighbor has been inserted into tables. Number of table deletes: The number of times the complete set of information advertised by a particular neighbor has been deleted from tables. Number of table drops: The number of times the complete set of information advertised by a particular neighbor could not be stored in memory because of insufficient resources. Number of table age outs: The number of times the complete set of information advertised by a particular neighbor has been deleted from tables because the information timeliness interval has expired. Tx Total: The number of LLDP frames transmitted by this switch on the indicated port. Tx Total Length Exceeded: The number of LLDP frames sent out on this port that could not hold all the information configured because the total frame length would exceed the maximum LDDPDU size of 1500 bytes. Rx Total: The number of valid LLDP frames received by this switch on the indicated port, while this LLDP agent is enabled. Rx Discarded: The number of LLDP frames received by this switch on the indicated port, and then discarded for any reason. Rx Errors: The number of invalid LLDP frames received by this switch on the indicated port, while this LLDP agent is enabled. TLVs Discarded: The number of LLDP TLVs discarded for any reason by this switch on the indicated port. TLVs Unrecognized: The number of LLDP TLVs received on the given port that are not recognized by the switch.

408

ExtremeWare XOS 11.3 Command Reference

show lldp statistics

Example
The following example lists statistical counters for all ports on the switch:
# show lldp port all statistics Last table change time Number of Table Inserts Number of Table Deletes Number of Table Drops Number of Table Age Outs Port : : : : : Fri Dec 17 10:42:33 2004 3 0 0 0

Tx Tx Length Rx Rx Rx TLVs TLVs Total Exceeded Total Discarded Errors Discarded Unrecogn. =================================================================================== 1:1 189 0 5654 0 0 0 0 2:2 188 0 565 0 0 0 0

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

409

LLDP Commands

unconfigure lldp
unconfigure lldp {port [all | <port_list>]}

Description
Leaves LLDP enabled and configured; restores the LLDP timer default values.

Syntax Description
all port_list Specifies all ports on the switch. Specifies one or more ports or slots and ports.

Default
N/A.

Usage Guidelines
When you issue the global unconfigure lldp, only the LLDP timers are reset to default values. All the configured TLVs remain on the ports remain, and LLDP remains enabled. When you use the keyword ports, the TLVs for each port are returned to the five default TLVs. LLDP remains enabled.

Example
The following command restores LLDP factory default TLVs for ports 1:4 to 1:8:
unconfigure lldp port 1:4 - 1:8

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

410

ExtremeWare XOS 11.3 Command Reference

Power Over Ethernet Commands

Power over Ethernet (PoE) is an effective method of supplying 48 VDC power to certain types of powered devices (PDs) through Category 5 or Category 3 twisted pair Ethernet cables. PDs include wireless access points, IP telephones, laptop computers, web cameras, and other devices. With PoE, a single Ethernet cable supplies power and the data connection, reducing costs associated with separate power cabling and supply. PoE for ExtremeWare XOS includes a method of detection to assure that power is delivered to devices that meet the IEEE 802.3af specification for PoE, as well as to many legacy devices.

Summary of PoE Software Features


The G48P PoE module for the BlackDiamond 8800 family of switches (formerly known as Aspen) supports the following PoE software features:

Configuration and control of the power distribution for PoE at the system, slot, and port levels Real-time discovery and classification of 802.3af-compliant PDs and many legacy (non-standard) devices Monitor and control of PoE fault conditions Support for configuring and monitoring PoE status at the system, slot, and port levels LED control for indicating the ports PoE inline power state Management of an over-subscribed power budget Beginning with ExtremeWare XOS version 11.3, support for hitless failover in a chassis with two MSMs

For more conceptual information about configuring and managing PoE, see the ExtremeWare XOS Concepts Guide.

ExtremeWare XOS 11.3 Command Reference

411

Power Over Ethernet Commands

clear inline-power stats ports


clear inline-power stats ports [all | <port_list>]

Description
Clears the inline statistics for the selected port to zero.

Syntax Description
all port_list Specifies all ports. Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports. May be in the form 2:5, 2:6-2:8.

Default
N/A.

Usage Guidelines
Use this command to clear all the information displayed by the show inline-power stats ports <port_list> command.

Example
The following command clears the inline statistics for ports 1-8 on slot 3:
clear inline-power stats ports 3:1-3:8

The following command displays cleared inline power configuration information for ports 1-8 in slot 3:
show inline-power stats ports 3:1-3:8

Following is sample output from this command:


Port 3:1 3:2 3:3 3:4 3:5 3:6 3:7 3:8 State delivering delivering searching searching searching searching searching searching Class class3 class3 class0 class0 class0 class0 class0 class0 STATISTICS COUNTERS Absent InvSig Denied 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 OverCurrent 0 0 0 0 0 0 0 0 Short 0 0 0 0 0 0 0 0

History
This command was first available in ExtremeWare XOS 11.1.

412

ExtremeWare XOS 11.3 Command Reference

clear inline-power stats ports

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

413

Power Over Ethernet Commands

configure inline-power budget slot


configure inline-power budget <num_watts> slot <slot>

Description
Sets the reserved power on the specified slot to the specified watts.

Syntax Description
num_watts Specifies the number of watts to reserve for specified slot for inline power. Enter an integer. The minimum value is 37, or 0 if the slot is disabled; the maximum is 768; and the default value is 50. Specifies a slot. The slot must be configured to hold a PoE module.

slot

Default
50 W.

Usage Guidelines
This command sets the budgeted power reserved for all PDs connected to the specified slot in Watts. None of the power budget on a specified slot can be used to power other slots or PDs on other slots. You can modify the power budget without disabling the slot. If you specify a slot that is not configured to hold a PoE module, the system returns the following error message:
Error: Slot 2 is not capable of inline-power.

If the power consumption of the PDs on a specified slot exceeds this configured power budget, the system disconnects the lowest priority ports. (Refer to configure inline-power priority ports for information on configuring this parameter.) If you attempt to configure this power budget for a value that the system cannot safely provide, the system returns an error message. To display inline power settings, use the command show inlinepower; to display the power for the entire switch, use the command show power budget.

NOTE
You must disable inline power for a slot using the disable inline-power slot command prior to setting the budget to 0.

To reduce the chances of ports fluctuating between powered and non-powered states, newly inserted PDs are not powered when the actual delivered power for the module is within approximately 19 W of the configured inline power budget for that slot. However, actual aggregate power can be delivered up to the configured inline power budget for the slot (for example, when delivered power from ports increases or when the configured inline power budget for the slot is reduced).

414

ExtremeWare XOS 11.3 Command Reference

configure inline-power budget slot

Example
The following command sets the power for slot 4 to 150 W:
configure inline-power budget 150 slot 4

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

415

Power Over Ethernet Commands

configure inline-power disconnect-precedence


configure inline-power disconnect-precedence [deny-port | lowest-priority]

Description
Configures the disconnect precedence priority for the switch when a new PD is detected and the measured inline power for that slot is within 19 W or the slots PoE power budget.

Syntax Description
deny-port lowest-priority Specifies power be denied to PD requesting power, regardless of priority. Specifies power be withdrawn from lowest-priority port(s) when next PD requesting power connects.

Default
Deny-port.

Usage Guidelines
You configure this parameter for the entire switch; you cannot configure this per slot or per port. If the power supplied to the PDs on a slot exceeds the power that was budgeted for that slot, the system disconnects power to one or more ports to prevent power overload. Refer to configure inline-power budget slot for information on configuring and modifying the power budgeted for each slot. You configure the switch to either deny power to the next PD that requests power on that slot, regardless of the priority, or to disconnect those PDs on ports with lower priorities until there is enough power for the new PD. If you select this argument and you did not configure port priorities or if several ports have the same priority, the switch withdraws power (or disconnects) those ports with the highest port number (s). Refer to configure inline-power priority ports for information on configuring the PoE priority for the ports. The default value is deny-port. So, if you do not change the default value and the slots power is exceeded, the next PD requesting power will not be connected. When the setting is lowest priority, the switch continues dropping ports with the lowest configured PoE port priorities, or the highest port number in the case of equal PoE port priorities, until there is enough power for the requesting PD.

Example
The following command sets the switch to withdraw power from the lowest-priority port(s) on the switch:
configure inline-power disconnect-precedence lowest-priority

416

ExtremeWare XOS 11.3 Command Reference

configure inline-power disconnect-precedence

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

417

Power Over Ethernet Commands

configure inline-power label ports


configure inline-power label <string> ports <port_list>

Description
Lets you create your own label for a specified PoE port or group of PoE ports.

Syntax Description
string port_list Specifies a name up to 15 characters in length to identify the specified power port(s). Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.

Default
No label.

Usage Guidelines
Use the show inline-power configuration ports command, as shown in the following example, to display inline power configuration information, including the label (if any) for each port:
show inline-power configuration port 3:1-10

Following is sample output from this command:


Port 3:1 3:2 3:3 3:4 3:5 3:6 3:7 3:8 3:9 3:10 Config Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Operator 16000 15000 15000 15000 15000 15000 15000 15000 15000 15000 Limit mW mW mW mW mW mW mW mW mW mW Priority Low Low Low Low Low Low Low Low Low Low Label finance finance

marketing marketing marketing

Example
The following command assigns the name alpha-test_1 to port 1 on slot 4:
config inline-power label alpha-test_1 ports 4:1

History
This command was first available in ExtremeWare XOS 11.1.

418

ExtremeWare XOS 11.3 Command Reference

configure inline-power label ports

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

419

Power Over Ethernet Commands

configure inline-power operator-limit ports


configure inline-power operator-limit <milliwatts> ports [all |<port_list>]

Description
Sets the power limit allowed for PDs connected to the specified ports.

Syntax Description
milliwatts An integer specifying the maximum allowed power in milliwatts; the range is 3000 to 16800 mW. NOTE: If you attempt to enter a higher value, the switch returns an error message. port_list Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.

Default
15400 mW.

Usage Guidelines
This command sets the power limit that a PD can draw on the specified ports. Range is 3000 to 16800 mW; the default value is 15400 mW. If the measured power for a specified port exceeds the ports operator limit, the power is withdrawn from that port and the port moves into a fault state. If you try to set an operator-limit outside the accepted range, the system returns the following error message:
Error: Invalid operator-limit value. Must be in the range of 3000-16800 mW

Example
The following command sets the limit for legacy PDs on ports 3 6 of slot 5 to 10000 mW:
configure inline-power operator-limit 10000 ports 5:3-5:6

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

420

ExtremeWare XOS 11.3 Command Reference

configure inline-power priority ports

configure inline-power priority ports


configure inline-power priority [critical | high | low] ports <port_list>

Description
Sets the PoE priority on the specified ports.

Syntax Description
critical | high | low port_list Sets the PoE priority for the specified ports. Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.

Default
Low.

Usage Guidelines
The system allocates power to those ports with the highest priorities first. This command can also be used in conjunction with the configure inline-power disconnect-precedence command. If you configure the disconnect precedence as lowest priority, then newly detected PDs will be powered if that port has higher priority than the existing powered ports. If there are multiple ports at the same priority level (either configured, or by default) and one of the ports must have power withdrawn because of excessive power demands, those ports with the lower port number are powered first. The higher port numbers have power withdrawn first in the case of equal PoE port priorities.

Example
The following command assigns a critical PoE priority on ports 4 6 on slot 3:
configure inline-power priority critical ports 3:4-3:6

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

421

Power Over Ethernet Commands

configure inline-power usage-threshold


configure inline-power usage-threshold <threshold>

Description
Sets the inline power usage SNMP event threshold.

Syntax Description
threshold Specifies the percentage of budgeted power used on any PoE module that causes the system to send an SNMP event and create a log message. The range 1 to 99; the default value is 70.

Default
70.

Usage Guidelines
This command sets the threshold for generating an SNMP event and an Event Management System (EMS) message when the measured power for a PoE module compared to the budgeted power for that slot exceeds a certain value. The configured threshold value initiates the event and message once that percentage of the budgeted power is being used. The PoE threshold applies only to the percentage per slot of measured to budgeted power use; it does not apply systemwide. The system generates an additional SNMP event and EMS message once the power usage falls below the threshold again; once the condition clears.

Example
The following command sets the inline power usage alarm threshold at 75%:
configure inline-power usage-threshold 75

History
This command was first available in ExtremeWare XOS 11.1

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

422

ExtremeWare XOS 11.3 Command Reference

disable inline-power

disable inline-power
disable inline-power

Description
Shuts down PoE power currently provided on all ports on all slots.

Syntax Description
This command has no arguments or variables

Default
Enable.

Usage Guidelines
You can control whether inline power is provided to the system by using the disable inline-power command and the enable inline-power command. Using the disable inline-power command shuts down inline power currently provided on the entire switch or to specified ports and slots. Disabling inline power to a switch, port, or slot immediately removes power to any connected PDs. By default, inline power provided to all ports is enabled. Disabling inline power does not allow PoE power reserved for slots to be allocated to other slots that may be needing more power to become operational. Disabling inline power using the disable inline-power command does not affect the data traffic traversing the port. And, disabling the port using the disable port command does not affect the inline power supplied to the port. However, when you issue the command disable slot on a slot holding a PoE module, the inline power is also disabled; that slot is totally offline.

NOTE
Inline power cannot be delivered to connected PDs unless the BlackDiamond 8800 chassis and module are powered.

Example
The following command shuts down inline power currently provided to all ports and all slots:
disable inline-power

History
This command was first available in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

423

Power Over Ethernet Commands

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

424

ExtremeWare XOS 11.3 Command Reference

disable inline-power legacy slot

disable inline-power legacy slot


disable inline-power legacy slot <slot>

Description
Disables the non-standard (or capacitance) power detection mechanism for the specified slot.

Syntax Description
slot Disables non-standard power detection for specified slot.

Default
Disable.

Usage Guidelines
This command disables the non-standard power-detection mechanism on the specified slot. Legacy PDs do not conform to the IEEE 802.3af standard but may be detected by the switch through a capacitance measurement. However, measuring the power through capacitance is used only if this parameter is enabled and after an unsuccessful attempt to discover the PD using the standard resistance measurement method. The default for legacy is disabled. The reason legacy detection is configurable is that it is possible for a normal (non-PoE) device to have a capacitance signature that causes the device to be detected as a legacy PoE device and have power delivered to it, potentially causing damage to the device.

Example
The following command disables capacitance detection of PDs on slot 3:
disable inline-power legacy slot 3

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

425

Power Over Ethernet Commands

disable inline-power ports


disable inline-power ports [all | <port_list>]

Description
Shuts down PoE power currently provided to all ports or to specified ports.

Syntax Description
all port_list Disables inline power to all ports on the switch. Disables inline power to the specified ports.

Default
Enable.

Usage Guidelines
Disabling inline power to ports immediately removes power to any connected PDs. By default, the capability to provide inline power to all ports is enabled. Disabling inline power using the disable inline-power command does not affect the data traffic traversing the port. And, disabling the port using the disable port command does not affect the inline power supplied to the port. Disabling inline power to a port providing power to a PD immediately removes power to the PD.

NOTE
PoE power removed from ports using this command can be used by other ports on the same module.

Example
The following command shuts down inline power currently provided to ports 4 and 5 on slot 3:
disable inline-power ports 3:4-5

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

426

ExtremeWare XOS 11.3 Command Reference

disable inline-power slot

disable inline-power slot


disable inline-power slot <slot>

Description
Shuts down PoE power currently provided to the specified slot.

Syntax Description
slot Disables inline power to specified slot.

Default
Enable.

Usage Guidelines
Disabling inline power to a slot immediately removes power to any connected PDs. By default, the capability to provide inline power to a slot is enabled. Disabling a slot using this command does not change the power budgeted to a specified slot using the configure inline-power budget slot command; nor can that power be used by PDs connected to any other slot.

NOTE
You can set the reserved power budget to 0 for a slot if, and only if, you first issue this command.

Example
The following command removes power to all PDs on slot 3:
disable inline-power slot 3

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

427

Power Over Ethernet Commands

enable inline-power
enable inline-power

Description
Enables PoE power to all ports on all slots.

Syntax Description
This command has no arguments or variables.

Default
Enable.

Usage Guidelines
You can control whether inline power is provided to the system by using the disable inline-power command and the enable inline-power command. By default, inline power provided to all ports is enabled. Enabling inline power starts the PoE detection process used to discover, classify, and power remote PDs.

NOTE
If your chassis has an inline power module and there is not enough power to supply a slot, that slot will not be powered on; the slot will not function in data-only mode without enough power for inline power.

Disabling inline power using the disable inline-power command does not affect the data traffic traversing the port. And, disabling the port using the disable port command does not affect the inline power supplied to the port. However, when you issue the command disable slot on a slot holding a PoE module, the inline power is also disabled; that slot is totally offline.

NOTE
Inline power cannot be delivered to connected PDs unless the BlackDiamond 8800 chassis and module are powered.

To deliver inline power to connected PDs, you must also reserve adequate power for the slot with the PDs using the configure inline-power budget slot command.

428

ExtremeWare XOS 11.3 Command Reference

enable inline-power

Example
The following command enables inline power currently provided to all ports and all slots:
enable inline-power

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

429

Power Over Ethernet Commands

enable inline-power legacy slot


enable inline-power legacy slot <slot>

Description
Enables non-standard (or capacitance) power detection mechanism for the specified slot.

Syntax Description
slot Enables non-standard power detection for specified slot.

Default
Disable.

Usage Guidelines
This command enables the non-standard power-detection mechanism on the specified slot. Legacy PDs do not conform to the IEEE 802.3af standard but may be detected by the switch through a capacitance measurement. However, measuring the power through capacitance is used only if this parameter is enabled and after an unsuccessful attempt to discover the PD using the standard resistance measurement method. The default for legacy is disabled.

CAUTION
A normal (non-PoE) device may have a capacitance signature that causes the device to be detected as a legacy PoE device (and have power supplied), potentially causing damage to the device.

Example
The following command enables capacitance detection of PDs on slot 3:
enable inline-power legacy slot 3

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

430

ExtremeWare XOS 11.3 Command Reference

enable inline-power ports

enable inline-power ports


enable inline-power ports [all | <port_list>]

Description
Enables PoE power currently provided to all ports or to specified ports.

Syntax Description
all port_list Enables inline power to all ports on the switch. Enables inline power to the specified ports.

Default
Enable.

Usage Guidelines
Disabling inline power to a port immediately removes power to any connected PD. By default, inline power provided to all ports is enabled. To deliver inline power to ports with connected PDs, you must also reserve power for the slot with the PDs using the configure inline-power budget slot command. If you do not have enough reserved power for the port, that port moves into a Denied state.

NOTE
If your chassis has an inline power module and there is not enough power to supply a slot, that slot will not be powered on; the slot will not function in data-only mode without enough power for inline power.

Disabling inline power using the disable inline-power command does not affect the data traffic traversing the port. And, disabling the port using the disable port command does not affect the inline power supplied to the port.

Example
The following command enables inline power to ports 4 and 5 on slot 3:
enable inline-power ports 3:4-5

History
This command was first available in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

431

Power Over Ethernet Commands

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

432

ExtremeWare XOS 11.3 Command Reference

enable inline-power slot

enable inline-power slot


enable inline-power slot <slot>

Description
Enables PoE power to the specified slot.

Syntax Description
slot Enables inline power to specified slot.

Default
Enable.

Usage Guidelines
Disabling inline power to a slot immediately removes power to any connected PDs. By default, inline power provided to all slots is enabled. To deliver inline power to slots, you must reserve power for that slot using the configure inlinepower budget slot command. By default, each PoE module has 50 W of power reserved for inline power.

NOTE
If your chassis has an inline power module and there is not enough power to supply a slot, that slot will not be powered on; the slot will not function in data-only mode without enough power for inline power.

Disabling inline power using the disable inline-power command does not affect the data traffic traversing the slot. And, disabling the slot using the disable slot command does not affect the inline power supplied to the slot.

Example
The following command makes inline power available to slot 3:
enable inline-power slot 3

History
This command was first available in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

433

Power Over Ethernet Commands

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

434

ExtremeWare XOS 11.3 Command Reference

reset inline-power ports

reset inline-power ports


reset inline-power ports <port_list>

Description
Power cycles the specified ports.

Syntax Description
portlist Specifies one or more slots and ports for which power is to be reset. May be in the form 2:*, 2:5, 2:6-2:8.

Default
N/A.

Usage Guidelines
This command power cycles the specified ports. Ports are immediately disabled and then re-enabled, allowing remote PDs to be power-cycled. This command affects only inline power; it does not affect network connectivity for the port(s).

Example
The following command resets power for port 4 on slot 3:
reset inline-power ports 3:4

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

435

Power Over Ethernet Commands

show inline-power
show inline-power

Description
Displays inline power status information for the system.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
The output indicates the following inline power status information for the system:

Configured inline power statusThe status of the inline power for the switch: enabled or disabled. System power surplusThe surplus amount of power on the system, in watts, available for budgeting. Redundant power surplusThe amount of power on the system, in watts, available for budgeting if one power supply is lost. System power usage thresholdThe configured power usage threshold for each slot, shown as a percentage of budgeted power. Once this threshold has been passed on any slot, the system sends an SNMP alarm and logs a message. Disconnect precedenceThe method of denying power to PDs if the budgeted power on any slot is exceeded. Legacy modeThe status of the legacy mode, which allows detection of non-standard PDs.

The output indicates the following inline power status information for each slot:

Inline power statusThe status of inline power. The status conditions are:

Enabled Disabled Operational Not operational Disabled Subsystem failure Card not present Slot disabled

Firmware statusThe operational status of the slot. The status conditions are:

Budgeted powerThe amount of power, in watts, that is reserved and available to the slot. Measured powerThe amount of power, in watts, that currently being used by the slot.

436

ExtremeWare XOS 11.3 Command Reference

show inline-power

NOTE
For additional information on inline power parameters, refer to the show power budget command.

To reduce the chances of ports fluctuating between powered and non-powered states, newly inserted PDs are not powered when the actual delivered power for the module is within approximately 19 W of the configured inline power budget for that slot. However, actual aggregate power can be delivered up to the configured inline power budget for the slot (for example, when delivered power from ports increases or when the configured inline power budget for the slot is reduced).

Example
The following command displays inline power status for the system:
show inline-power

Following is sample output from this command:


Inline Power Configured : System Power Surplus : Redundant Power Surplus : Power Usage Threshold : Disconnect Precedence : Legacy Mode : System Information Enabled 1500 Watts available for budgeting 465 Watts available for budgeting to maintain N+1 70 percent (per slot) lowest-priority Disabled Budgeted Measured Slot Inline-Power Firmware Status Power (Watts) Power (Watts) 3 Enabled Operational 50 W 9 W 4 Enabled Card Not Present ( 50 W) n/a 7 Enabled Operational 50 W 0 W Note: A budget value in parentheses is not allocated from the system power budget because the card is not present, or the slot is disabled.

Sample output from the show power budget command is displayed below:
PS State Watts 48V 12V --------------------------------------------------------------------------1 Powered On 1152.00 1104.00 48.00 2 Powered On 1152.00 1104.00 48.00 3 Empty 4 Empty 5 Empty 6 Empty --------------------------------------------------------------------------Power Available: 2304.00 2208.00 96.00 Redundant (N+1) Power Available: 1200.00 1152.00 48.00 Slots Type State Watts 48V 12V --------------------------------------------------------------------------Slot-1 Empty Slot-2 Empty Slot-3 G48P Operational 111.00 110.00 1.00 Inline Power (budgeted + 2% loss) 51.00 51.00 0.00 Slot-4 G48P Empty Slot-5 G8X Operational 0.00 0.00 0.00

ExtremeWare XOS 11.3 Command Reference

437

Power Over Ethernet Commands


Slot-6 G48T Operational 0.00 0.00 0.00 Slot-7 G48P Operational 111.00 110.00 1.00 Inline Power (budgeted + 2% loss) 51.00 51.00 0.00 Slot-8 Empty Slot-9 Empty Slot-10 Empty MSM-A MSM-G8X Operational 151.00 150.00 1.00 MSM-B Empty 151.00 150.00 1.00 FanTray Operational 55.00 55.00 0.00 --------------------------------------------------------------------------Power Required: 681.00 677.00 4.00 Power Allocated: 681.00 677.00 4.00 Power Surplus: 1623.00 1531.00 92.00 Redundant Power Supply(s) Present?: yes

The term 2% loss shown in this display is the 2% associated with powering PDs. For example, when you reserve 50 W for a particular slot, the system reserves 51 W.

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

438

ExtremeWare XOS 11.3 Command Reference

show inline-power configuration ports

show inline-power configuration ports


show inline-power configuration ports <port_list>

Description
Displays inline power configuration information for the specified ports.

Syntax Description
port_list Specifies one or more ports. May be in the form 2:*, 2:5, 2:6-2:8.

Default
N/A.

Usage Guidelines
The output displays the following inline power configuration information for the specified ports:

ConfigIndicates whether the port is enabled to provide inline power:


Enabled: The port can provide inline power. Disabled: The port cannot provide inline power.

Operator LimitDisplays the configured limit, in milliwatts, for inline power on the port. PriorityDisplays inline power priority of the port, which is used when the disconnect precedence is set to lowest priority:

Low High Critical

LabelDisplays a text string, if any, associated with the port.

Example
The following command displays inline power configuration information for ports 1 to 10 in slot 3:
show inline-power configuration port 3:1-10

Following is sample output from this command:


Port 3:1 3:2 3:3 3:4 3:5 3:6 3:7 3:8 Config Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Operator 15000 15000 15000 15000 15000 15000 15000 15000 Limit mW mW mW mW mW mW mW mW Priority Low Low Low Low Low Low Low Low Label

ExtremeWare XOS 11.3 Command Reference

439

Power Over Ethernet Commands


3:9 3:10 Enabled Enabled 15000 mW 15000 mW Low Low

History
This command was first available in ExtremeWare XOS 11.1

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

440

ExtremeWare XOS 11.3 Command Reference

show inline-power info ports

show inline-power info ports


show inline-power info {detail} ports <port_list>

Description
Displays inline power information for the specified ports.

Syntax Description
port_list Specifies one or more ports. May be in the form 2:*, 2:5, 2:6-2:8.

Default
N/A.

Usage Guidelines
NOTE
Ports in the denied or faulted state periodically display the searching state as the hardware retests the PD state.

You can use this command to generate a summary report or a detailed report. Summary output displays the following inline power information for the specified ports:

StateDisplays the port power state:


Disabled Searching Delivering Faulted Disconnected Other Denied -----: disabled or searching class0: class 0 device class1: class 1 device class2: class 2 device class3: class 3 device class4: class 4 device

PDs power classDisplays the class type of the connected PD:


VoltsDisplays the measured voltage. A value from 0 to 2 is valid for ports that are in a searching state.

ExtremeWare XOS 11.3 Command Reference

441

Power Over Ethernet Commands


CurrDisplays the measured current, in milliamperes, drawn by the PD. PowerDisplays the measured power, in watts, supplied to the PD. FaultDisplays the fault value:

None UV/OV fault UV/OV spike Over current Overload Undefined Underload HW fault Discovery resistance fail Operator limit violation Disconnect Discovery resistance, A2D failure Classify, A2D failure Sample, A2D failure Device fault, A2D failure Force on error

The detail command lists all inline power information for the selected ports. Detail output displays the following information:

Configured Admin StateDisplays the ports configured state; Enabled or Disabled. Inline Power StateDisplays the port power state. MIB Detect StatusDisplays the port state as reported by SNMP; valid values are as follows:

disabled searching delivering fault test otherFault denyLowPriority

LabelDisplays the ports configured label. Operator LimitDisplays the ports configured operator limit value. PD ClassDisplays the class type of connected PD: Max Allowed PowerDisplays the amount of maximum allowed power for a device of this class. Measured PowerDisplays the measured power, in watts, supplied to the PD. Line VoltageDisplays the measured voltage. A value from 0 to 2 is valid for ports in a searching state. CurrentDisplays the measured current, in milliamperes, drawn by the PD. Fault StatusDisplays the fault value.

442

ExtremeWare XOS 11.3 Command Reference

show inline-power info ports


Detailed Status PriorityDisplays the ports configured PoE priority value, as follows:

Critical High Low

Example
The following command displays summary inline power information for ports 1 to 3 on slot 3:
show inline-power info ports 3:1-3

Following is sample output from this command:


Port 3:1 3:2 3:3 State delivering delivering searching Class class3 class3 -----Volts 48.3 48.3 0.0 Curr (mA) 192 192 0 Power (Watts) 9.300 9.300 0.0 Fault None None None

The following command displays detail inline power information for port 1 on slot 3:
show inline-power info detail port 3:1

Following is sample output from this command:


Port 3:1 Configured Admin State: Inline Power State : MIB Detect Status : Label : Operator Limit : PD Class : Max Allowed Power : Measured Power : Line Voltage : Current : Fault Status : Detailed Status : Priority : enabled delivering delivering 16800 milliwatts class3 15.400 W 9.400 W 48.3 Volts 193 mA None low

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

443

Power Over Ethernet Commands

show inline-power slot


show inline-power slot <slot>

Description
Displays inline power information for the specified slot.

Syntax Description
slot Specifies the slot.

Default
N/A.

Usage Guidelines
The output indicates the following inline power status information for each slot:

Inline power statusThe status of inline power. The status conditions are:

Enabled Disabled Operational Not operational Disabled Subsystem failure Card not present Slot disabled

Firmware statusThe operational status of the slot. The status conditions are:

Budgeted powerThe amount of power, in watts, that is available to the slot. Measured powerThe amount of power, in watts, that currently being used by the slot. LegacyThe status of the legacy mode, which allows detection of many non-standard PDs.

Example
The following command displays inline power information for slot 3:
show inline-power slot 3

Following is sample output from this command:


Slot 3 Inline-Power Enabled Firmware Status Operational Budgeted Power (Watts) 500 W Measured Power (Watts) 441 W Legacy Disabled

444

ExtremeWare XOS 11.3 Command Reference

show inline-power slot

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

445

Power Over Ethernet Commands

show inline-power stats ports


show inline-power stats ports <port_list>

Description
Displays inline power statistics for the specified ports.

Syntax Description
port_list Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.

Default
N/A.

Usage Guidelines
The output displays the following inline power statistics for the specified ports:

StateDisplays the port power state:


Disabled Searching Delivering Faulted Disconnected Other Denied -----: disabled or searching class0: class 0 device class1: class 1 device class2: class 2 device class3: class 3 device class4: class 4 device

PDs power classDisplays the class type of the connected PD:


AbsentDisplays the number of times the port was disconnected. InvSigDisplays the number of times the port had an invalid signature. DeniedDisplays the number of times the port was denied. Over-currentDisplays the number of times the port entered an overcurrent state. ShortDisplays the number of times the port entered undercurrent state.

446

ExtremeWare XOS 11.3 Command Reference

show inline-power stats ports

Example
The following command displays inline power configuration information for ports 1 to 10 in slot 3:
show inline-power stats ports 3:1-10

Following is sample output from this command:


Port 3:1 3:2 3:3 3:4 3:5 3:6 3:7 3:8 3:9 3:10 State delivering delivering searching searching searching searching searching searching searching searching Class class3 class3 class0 class0 class0 class0 class0 class0 class0 class0 STATISTICS COUNTERS Absent InvSig Denied 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 OverCurrent 18 0 0 0 0 0 0 0 0 0 Short 0 0 0 0 0 0 0 0 0 0

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

447

Power Over Ethernet Commands

show inline-power stats slot


show inline-power stats slot <slot>

Description
Displays inline power statistics for the specified slot.

Syntax Description
slot Specifies the slot.

Default
N/A.

Usage Guidelines
Use this command to produce a report that shows the firmware status and version plus how many ports are currently faulted, powered, and waiting for power for the selected slots. Unlike the values displayed with the show inline-power stats ports command, these values (displayed with the show inline-power stats slot command) are current readings; not cumulative counters.

Example
The following command displays inline power statistics information for slot 3:
show inline-power stats slot 3

Following is sample output from this command:


Inline-Power Slot Statistics Slot: 3 Firmware status Firmware revision Total Total Total Total ports ports ports ports powered awaiting power faulted disabled

: Operational : 292b1 : : : : 7 41 0 0

History
This command was first available in ExtremeWare XOS 11.1.

448

ExtremeWare XOS 11.3 Command Reference

show inline-power stats slot

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

449

Power Over Ethernet Commands

unconfigure inline-power budget slot


unconfigure inline-power budget slot <slot>

Description
Unconfigures the inline reserved power on the specified slot and returns the power budget on that slot to the default value of 50 W.

Syntax Description
slot Specifies the slot.

Default
50 W.

Usage Guidelines
This command unconfigures any previously configured power budget for the specified slot and resets the budgeted power reserved for all PDs connected to this slot to 50 W. The rest of the previously configured power budget on this slot cannot be used to power other slots or PDs on other slots (unless you explicitly reconfigure the power budget for other slots). If you specify a slot that does not have a PoE module, the system returns the following error message:
Error: Slot 2 is not capable of inline-power.

Example
The following command resets the power for slot 4 to 50 W:
unconfigure inline-power budget slot 4

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

450

ExtremeWare XOS 11.3 Command Reference

unconfigure inline-power disconnect-precedence

unconfigure inline-power disconnect-precedence


unconfigure inline-power disconnect-precedence

Description
Unconfigures the disconnect precedence setting and returns the switch to the default disconnect precedence value of deny port.

Syntax Description
This command has no arguments or variables.

Default
Deny-port.

Usage Guidelines
You configure this parameter for the entire switch; you cannot configure this per slot or per port. Unconfigures the PoE disconnect precedence previously set for the switch and returns the disconnect precedence to the default value of deny port. Deny port denies power to the next PD that requests inline power from the slot when the inline power budget for the slot is reached, regardless of the inline power port priority.

Example
The following command resets the switch to the PoE disconnect precedence value, which is deny port:
unconfigure inline-power disconnect-precedence

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

451

Power Over Ethernet Commands

unconfigure inline-power operator-limit ports


unconfigure inline-power operator-limit ports [all |<port_list>]

Description
Unconfigures the PoE operator limit setting and resets the power limit allowed for PDs connected to the specified ports to the default value of 15400 mW.

Syntax Description
all port_list Specifies all ports. Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.

Default
15400 mW.

Usage Guidelines
This command unconfigures any previously configured operator limit for the specified ports. It resets the maximum power that any PD can draw to 15400 mW.

Example
The following command resets the limit on ports 3 to 6 of slot 5 to the default value of 15400 mW:
unconfigure inline-power operator-limit ports 5:3-5:6

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

452

ExtremeWare XOS 11.3 Command Reference

unconfigure inline-power priority ports

unconfigure inline-power priority ports


unconfigure inline-power priority ports [all | <port_list>]

Description
Unconfigures the PoE priority on the specified ports, and returns the ports to the default PoE port priority value of low.

Syntax Description
all port_list Specifies all ports. Specifies one or more slots and ports. May be in the form 2:*, 2:5, 2:6-2:8.

Default
Low.

Usage Guidelines
Use this to reset the PoE port priority on specified ports to the default value of low. If there are multiple ports at the same priority level (either configured, or by default) and one of the ports must have power withdrawn because of excessive power demands, those ports with the lower port number are powered first. The higher port numbers have power withdrawn first in the case of equal PoE port priorities.

Example
The following command resets the PoE priority on ports 4 6 on slot 3 to low:
unconfigure inline-power priority ports 3:4-3:6

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

453

Power Over Ethernet Commands

unconfigure inline-power usage-threshold


unconfigure inline-power usage-threshold

Description
Unconfigures the inline power usage alarm threshold and returns threshold to the default value of 70%.

Syntax Description
This command has no arguments or variables.

Default
70.

Usage Guidelines
This command unconfigures the PoE usage threshold setting for initiating SNMP event and EMS messages and returns the switchs inline power usage threshold for to 70%. The system initiates an event and message once that percentage of the budgeted power is being used. The PoE threshold applies only to the percentage per slot of measured to budgeted power use; it does not apply to the entire switch. The system generates an additional SNMP event and EMS message once the power usage falls below the threshold again; once the condition clears.

Example
The following command resets the inline power usage alarm threshold to 70%:
unconfigure inline-power usage-threshold

History
This command was first available in ExtremeWare XOS 11.1

Platform Availability
This command is available only on the G48P module installed in the BlackDiamond 8800 family of switches.

454

ExtremeWare XOS 11.3 Command Reference

Commands for Status Monitoring and Statistics

This chapter describes commands for:


Configuring and managing the Event Management System/Logging Configuring and monitoring system health and statistics Enabling and disabling the collection of remote monitoring (RMON) statistics on the switch Enabling, disabling, and configuring sFlow statistics collection

Event Management System


When an event occurs on a switch, the Event Management System (EMS) allows you to send messages generated by these events to a specified log target. You can send messages to the memory buffer, NVRAM, the console display, the current session, to a syslog host, or to the other Management Switch Fabric Module (MSM). The log messages contain configuration and fault information pertaining to the device. You can format the log messages to contain various items of information, but typically a message consists of:

TimestampThe timestamp records when the event occurred. Severity level:


CriticalA desired switch function is inoperable. The switch may need to be reset. ErrorA problem is interfering with normal operation. WarningAn abnormal condition exists that may lead to a function failure. NoticeA normal but significant condition has been detected; the system is functioning as expected. InfoActions and events that are consistent with expected behavior. Debug-Summary, Debug-Verbose, and Debug -DataInformation that is useful when performing detailed trouble shooting procedures.

By default, log entries that are assigned a critical, error, or warning level are considered static entries and remain in the NVRAM log target after a switch reboot.

ComponentThe component refers to the specific functional area to which the error refers. MessageThe message contains the log information with text that is specific to the problem.

The switch maintains a configurable number of messages in its internal (memory-buffer) log (1000 by default). You can display a snapshot of the log at any time. In addition to viewing a snapshot of the log, you can configure the system to maintain a running real-time display of log messages on the console display or telnet session. In addition to maintaining an internal log, the switch supports remote logging by way of the UNIX syslog host facility. Beginning with ExtremeWare XOS 11.2, EMS supports IPv6 as a parameter for filtering events.

ExtremeWare XOS 11.3 Command Reference

455

Commands for Status Monitoring and Statistics

sFlow Statistics
sFlow is a technology for monitoring traffic in data networks containing switches and routers. It relies on statistical sampling of packets from high-speed networks, plus periodic gathering of the statistics. A User Datagram Protocol (UDP) datagram format is defined to send the information to an external entity for analysis. sFlow consists of a (Management Information Base) MIB and a specification of the packet format for forwarding information to a remote agent. Details of sFlow specifications can be found in RFC 3176 and at the following website: http://www.sflow.org ExtremeWare XOS allows you to collect sFlow statistics on a per port basis. An agent, residing locally on the switch, sends data to a collector that resides on another machine. You configure the local agent, the address of the remote collector, and the ports of interest for sFlow statistics gathering. You can also modify default values for how frequently on average a sample is taken, how often the data is sent to the collector, and the maximum load allowed on the CPU before throttling the statistics gathering.

RMON
RMON is the common abbreviation for the Remote Monitoring Management Information Base (MIB) system defined by the Internet Engineering Task Force (IETF) documents RFC 1757 and RFC 2021, which allows you to monitor LANs remotely. Using the RMON capabilities of the switch allows network administrators to improve system efficiency and reduce the load on the network. The IETF defines nine groups of Ethernet RMON statistics. The switch supports the following four of these groups, as defined in RFC 1757:

Statistics History Alarms Events

The switch also supports the following parameters for configuring the RMON probe and the trap destination table, as defined in RFC 2021:

probeCapabilities probeSoftwareRev probeHardwareRev probeDateTime probeResetControl trapDestTable

456

ExtremeWare XOS 11.3 Command Reference

clear counters

clear counters
clear counters

Description
Clears all switch statistics and port counters, including port packet statistics, bridging statistics, IP statistics, and log event counters.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
You should view the switch statistics and port counters before you clear them. Use the show ports command to view port statistics. Use the show log counters command to show event statistics. The CLI also provides a number of options that you can specify with the clear counters command. If you specify an option, the switch only clears the statistics for that option. For example, if you want to clear, reset only the STP statistics and counters, use the clear counters stp command. Please refer to the specific chapter in the ExtremeWare XOS Command Reference Guide for more detailed information about those commands. Viewing and maintaining statistics on a regular basis allows you to see how well your network is performing. If you keep simple daily records, you will see trends emerging and notice problems arising before they cause major network faults. By clearing the counters, you can see fresh statistics for the time period you are monitoring.

Example
The following command clears all switch statistics and port counters:
clear counters

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

457

Commands for Status Monitoring and Statistics

clear log
clear log {error-led | static | messages [memory-buffer | nvram]}

Description
Clears the log messages in memory and NVRAM, and clears the ERR LED on the MSM.

Syntax Description
error-led static memory-buffer nvram Clears the ERR LED on the MSM. Specifies that the messages in the NVRAM and memory-buffer targets are cleared, and the ERR LED on the MSM is cleared. Clears entries from the memory buffer. Clears entries from NVRAM.

Default
N/A.

Usage Guidelines
The switch log tracks configuration and fault information pertaining to the device. By default, log entries that are sent to the NVRAM remain in the log after a switch reboot. The clear log and clear log messages memory-buffer commands remove entries in the memory buffer target; the clear log static and clear log messages nvram commands remove messages from the NVRAM target. In addition, the clear log static command will also clear the memory buffer target. There are three ways to clear the ERR LED. Clear the log, reboot the switch, or use the clear log error-led command. To clear the ERR LED without rebooting the switch or clearing the log messages, use the clear log error-led command.

Example
The following command clears all log messages, from the NVRAM:
clear log static

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

458

ExtremeWare XOS 11.3 Command Reference

clear log counters

clear log counters


clear log counters {<event-condition> | [all | <event-component>] {severity <severity> {only}}}

Description
Clears the incident counters for events.

Syntax Description
event-condition all event-component severity only Specifies the event condition counter to clear. Specifies that all events counters are to be cleared. Specifies that all the event counters associated with a particular component should be cleared. Specifies the minimum severity level of event counters to clear (if the keyword only is omitted). Specifies that only event counters of the specified severity level are to be cleared.

Default
If severity is not specified, then the event counters of any severity are cleared in the specified component.

Usage Guidelines
This command sets the incident counters to zero for each event specified. To display event counters, use the following command:
show log counters

See the command show log on page 532 for more information about severity levels. To get a listing of the event conditions in the system, use the following command:
show log events {detail}

To get a listing of the components present in the system, use the following command:
show log components

Example
The following command clears the event counters for event conditions of severity error or greater in the component BGP:
clear log counters "BGP" severity error

ExtremeWare XOS 11.3 Command Reference

459

Commands for Status Monitoring and Statistics

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

460

ExtremeWare XOS 11.3 Command Reference

configure log display

configure log display


configure log display <severity> {only}

Description
Configures the real-time log-level message to display.

Syntax Description
severity only Specifies a message severity. Severities include critical, error, warning, notice, info, debug-summary, debug-verbose, and debug-data. Specifies only log messages of the specified severity level.

Default
If not specified, messages of all severities are displayed on the console display.

Usage Guidelines
You must enable the log display before messages are displayed on the log display. Use the enable log display command to enable the log display. This allows you to configure the system to maintain a running real-time display of log messages on the console. Severity filters the log to display messages with the selected severity or higher (more critical). Severities include critical, error, warning, info, notice, debug-summary, debug-verbose, and debug-data. You can also control log data to different targets. The command equivalent to configure log display is the following:
configure log target console-display severity <severity>

To display the current configuration of the log display, use the following command:
show log configuration target console-display

Example
The following command configures the system log to maintain a running real-time display of log messages of critical severity or higher:
configure log display critical

The following command configures the system log to maintain a running real-time display of only log messages of critical severity:
configure log display critical only

ExtremeWare XOS 11.3 Command Reference

461

Commands for Status Monitoring and Statistics

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

462

ExtremeWare XOS 11.3 Command Reference

configure log filter events

configure log filter events


configure log filter <name> [add | delete] {exclude} events [<eventcondition> | [all | <event-component>] {severity <severity> {only}}]

Description
Configures a log filter to add or delete detailed feature messages based on a specified set of events.

Syntax Description
name add delete exclude event-condition all event-component severity only Specifies the filter to configure. Add the specified events to the filter Remove the specified events from the filter Events matching the specified events will be excluded Specifies an individual event. Specifies all components and subcomponents. Specifies all the events associated with a particular component. Specifies the minimum severity level of events (if the keyword only is omitted). Specifies only events of the specified severity level.

Default
If the exclude keyword is not used, the events will be included by the filter. If severity is not specified, then the filter will use the component default severity threshold (see the note on page 464 when delete or exclude is specified).

Usage Guidelines
This command controls the incidents that pass a filter by adding, or deleting, a specified set of events. If you want to configure a filter to include or exclude incidents based on event parameter values (for example, MAC address or BGP Neighbor) see the command configure log filter events match on page 466. When the add keyword is used, the specified event name is added to the beginning of the filter item list maintained for this filter. The new filter item either includes the events specified, or if the exclude keyword is present, excludes the events specified. The delete keyword is used to remove events from the filter item list that were previously added using the add command. All filter items currently in the filter item list that are identical to, or a subset of, the set of events specified in the delete command will be removed. Event Filtering Process. From a logical standpoint, the filter associated with each enabled log target is examined to determine whether a message should be logged to that particular target. The determination is made for a given filter by comparing the incident with the most recently configured filter item first. If the incident matches this filter item, the incident is either included or excluded, depending on whether

ExtremeWare XOS 11.3 Command Reference

463

Commands for Status Monitoring and Statistics the exclude keyword was used. Subsequent filter items on the list are compared if necessary. If the list of filter items has been exhausted with no match, the incident is excluded. Events, Components, and Subcomponents. As mentioned, a single event can be included or excluded by specifying the events name. Multiple events can be added or removed by specifying an ExtremeWare XOS component name plus an optional severity. Some components, such as BGP, contain subcomponents, such as Keepalive, which is specified as BGP.Keepalive. Either components or subcomponents can be specified. The keyword all in place of a component name can be used to indicate all ExtremeWare XOS components. Severity Levels. When an individual event name is specified following the events keyword, no severity value is needed since each event has pre-assigned severity. When a component, subcomponent, or the all keyword is specified following the events keyword, a severity value is optional. If no severity is specified, the severity used for each applicable subcomponent is obtained from the pre-assigned severity threshold levels for those subcomponents. For example, if STP were specified as the component, and no severity is specified for the add of an include item, then only messages with severity of error and greater would be passed, since the threshold severity for the STP component is error. If STP.InBPDU were specified as the component, and no severity is specified, then only messages with severity of warning and greater would be passed, since the threshold severity for the STP.InPBDU subcomponent is warning. Use the show log components command to see this information. The severity keyword all can be used as a convenience when delete or exclude is specified. The use of delete (or exclude) with severity all deletes (or excludes) previously added events of the same component of all severity values.

NOTE
If no severity is specified when delete or exclude is specified, severity all is used

If the only keyword is present following the severity value, then only the events in the specified component at that exact severity are included. Without the only keyword, events in the specified component at that severity or more urgent are included. For example, using the option severity warning implies critical, error, or warning events, whereas the option severity warning only implies warning events only. Severity all only is not a valid choice. Any EMS events with severity debug-summary, debug-verbose, or debug-data will not be logged unless debug mode is enabled Filter Optimization. Each time a configure log filter command is issued for a given filter name, the events specified are compared against the current configuration of the filter to try to logically simplify the configuration. For example, if the command:
configure log filter bgpFilter1 add events bgp.keepalive severity error only

were to be followed by the command:


configure log filter bgpFilter1 add events bgp severity info

the filter item in the first command is automatically deleted since all events in the BGP.Keepalive subcomponent at severity error would be also included as part of the second command, making the first command redundant.

464

ExtremeWare XOS 11.3 Command Reference

configure log filter events More Information. See the command show log on page 532 for more information about severity levels. To get a listing of the components present in the system, use the following command:
show log components

To get a listing of event condition definitions, use the following command:


show log events

To see the current configuration of a filter, use the following command:


show log configuration filter {<filter name>}

Example
The following command adds all STP component events at severity info to the filter mySTPFilter:
configure log filter myStpFilter add events stp severity info

The following command adds the STP.OutBPDU subcomponent, at the pre-defined severity level for that component, to the filter myStpFilter:
configure log filter myStpFilter add events stp.outbpdu

The following command excludes one particular event, STP.InBPDU.Drop, from the filter:
configure log filter myStpFilter add exclude events stp.inbpdu.drop

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

465

Commands for Status Monitoring and Statistics

configure log filter events match


configure log filter <name> [add | delete] {exclude} events [<eventcondition> | [all | <event-component>] {severity <severity> {only}}] [match | strict-match] <type> <value>

Description
Configures a log filter to add or delete detailed feature messages based on a specified set of events and match parameter values.

Syntax Description
name add delete exclude event-condition all event-component severity only match strict-match type value Specifies the filter to configure. Add the specified events to the filter. Remove the specified events from the filter. Events matching the filter will be excluded. Specifies the event condition. Specifies all events. Specifies all the events associated with a particular component. Specifies the minimum severity level of events (if the keyword only is omitted). Specifies only events of the specified severity level. Specifies events whose parameter values match the <type> <value> pair. Specifies events whose parameter values match the <type> <value> pair, and possess all the parameters specified. Specifies the type of parameter to match. For more information about types and values see Types and Values on page 467. Specifies the value of the parameter to match. For more information about types and values see Types and Values on page 467.

Default
If the exclude keyword is not used, the events will be included by the filter. If severity is not specified, then the filter will use the component default severity threshold (see the note on on page 464 when delete or exclude is specified).

Usage Guidelines
This command controls the incidents that pass a filter by adding, or deleting, a specified set of events that match a list of <type> <value> pairs. This command is an extension of the command configure log filter events, and adds the ability to filter incidents based on matching specified event parameter values to the event. See the configure log filter events command on page 463 for more information on specifying and using filters, on event conditions and components, and on the details of the filtering process. The discussion here is about the concepts of matching <type> <value> pairs to more narrowly define filters.

466

ExtremeWare XOS 11.3 Command Reference

configure log filter events match Types and Values. Each event in ExtremeWare XOS is defined with a message format and zero or more parameter types. The show log events command on page 549 can be used to display event definitions (the event text and parameter types). The syntax for the parameter types (represented by <type> in the command syntax above) is:
[address-family [ipv4-multicast | ipv4-unicast | ipv6-multicast | ipv6-unicast] | bgp-neighbor <ip address> | bgp-routerid <ip address> | eaps <eaps domain name> | {destination | source} [ipaddress <ip address> | L4-port | mac-address ] | esrp <esrp domain name> | {egress | ingress} [slot <slot number> | ports <portlist>] | ipaddress <ip address> | L4-port <L4-port> | mac-address <mac_address> | netmask <netmask> | number <number> | port <portlist> | process <process name> | slot <slotid> | string <match expression> | vlan <vlan name> | vlan tag <vlan tag>]

NOTE
The slot parameters are available only on modular switches.

Beginning with ExtremeWare XOS 11.2, you can specify the ipaddress type as IPv4 or IPv6, depending on the IP version. The following examples show how to configure IPv4 addresses and IPv6 addresses:

IPv4 address To configure an IP address, with a mask of 32 assumed, use the following command:
configure log filter myFilter add events all match ipaddress 12.0.0.1

To configure a range of IP addresses with a mask of 8, use the following command:


configure log filter myFilter add events all match ipaddress 12.0.0.0/8

IPv6 address To configure an IPv6 address, with a mask of 128 assumed, use the following command:
configure log filter myFilter add events all match ipaddress 3ffe::1

To configure a range of IPv6 addresses with a mask of 16, use the following command:
configure log filter myFilter add events all match ipaddress 3ffe::/16

IPv6 scoped address IPv6 scoped addresses consist of an IPv6 address and a VLAN. The following examples identify a link local IPv6 address. To configure a scoped IPv6 address, with a mask of 128 assumed, use the following command:
configure log filter myFilter add events all match ipaddress 3ffe::1%Default

To configure a range of scoped IPv6 addresses with a mask of 16, use the following command:
configure log filter myFilter add events all match ipaddress 3ffe::/16%Default

ExtremeWare XOS 11.3 Command Reference

467

Commands for Status Monitoring and Statistics To configure a scoped IPv6 address with any VLAN, use the following command:
configure log filter myFilter add events all match ipaddress 3ffe::/16%*

To configure any scoped IPv6 address with a specific VLAN, use the following command:
configure log filter myFilter add events all match ipaddress ::/0%Default

NOTE
In the previous example, if you specify the VLAN name, it must be a full match; wild cards are not allowed.

The <value> depends on the parameter type specified. As an example, an event may contain a physical port number, a source MAC address, and a destination MAC address. To allow only those incidents with a specific source MAC address, use the following in the command:
configure log filter myFilter add events aaa.radius.requestInit secerity notice match source mac-address 00:01:30:23:C1:00 configure log filter myFilter add events bridge severity notice match source macaddress 00:01:30:23:C1:00

The string type is used to match a specific string value of an event parameter, such as a user name. A string can be specified as a simple regular expression. Match Versus Strict-Match. The match and strict-match keywords control the filter behavior for incidents whose event definition does not contain all the parameters specified in a configure log filter events match command. This is best explained with an example. Suppose an event in the XYZ component, named XYZ.event5, contains a physical port number, a source MAC address, but no destination MAC address. If you configure a filter to match a source MAC address and a destination MAC address, XYZ.event5 will match the filter when the source MAC address matches regardless of the destination MAC address, since the event contains no destination MAC address. If you specify the strict-match keyword, then the filter will never match, since XYZ.event5 does not contain the destination MAC address. In other words, if the match keyword is specified, an incident will pass a filter so long as all parameter values in the incident match those in the match criteria, but all parameter types in the match criteria need not be present in the event definition. More Information. See the command show log on page 532 for more information about severity levels. To get a listing of the components present in the system, use the following command:
show log components

To get a listing of event condition definitions, use the following command:


show log events

To see the current configuration of a filter, use the following command:


show log configuration filter {<filter name>}

468

ExtremeWare XOS 11.3 Command Reference

configure log filter events match

Example
By default, all log targets are associated with the built-in filter, DefaultFilter. Therefore, the most straightforward way to send additional messages to a log target is to modify DefaultFilter. In the following example, the command modifies the built-in filter to allow incidents in the STP component, and all subcomponents of STP, of severity critical, error, warning, notice and info. For any of these events containing a physical port number as a match parameter, limit the incidents to only those occurring on physical ports 3, 4 and 5 on slot 1, and all ports on slot 2:
configure log filter DefaultFilter add events stp severity info match ports 1:3-1:5, 2:*

If desired, issue the unconfigure log DefaultFilter command to restore the DefaultFilter back to its original configuration.

History
This command was first available in ExtremeWare XOS 10.1. New parameter <type> values, including esrp and eaps were added in ExtremeWare XOS 11.0 and 11.1. Support for IPv6 addresses was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

469

Commands for Status Monitoring and Statistics

configure log target filter


configure log target [console | memory-buffer | primary-msm | backup-msm | nvram | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>} [local0 ... local7]]] filter <filter-name> {severity <severity> {only}}

Description
Associates a filter to a target.

Syntax Description
target console memory-buffer primary-msm backup-msm nvram session syslog all ipaddress ipPort vr_name Specifies the device to send the log entries. Specifies the console display. Specifies the switch memory buffer. Specifies the primary MSM. NOTE: This parameter is available only on modular switches. Specifies the backup MSM. NOTE: This parameter is available only on modular switches. Specifies the switch NVRAM. Specifies the current session (including console display). Specifies a syslog remote server. Specifies all of the syslog remote servers. Specifies the syslog IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch do not support user-created VRs. local0 ... local7 filter-name severity only Specifies the local syslog facility. Specifies the filter to associate with the target. Specifies the minimum severity level to send (if the keyword only is omitted). Specifies that only the specified severity level is to be sent.

Default
If severity is not specified, the severity level for the target is left unchanged. If a virtual router is not specified, VR-Mgmt is used.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

470

ExtremeWare XOS 11.3 Command Reference

configure log target filter This command associates the specified filter and severity with the specified target. A filter limits messages sent to a target. Although each target can be configured with its own filter, by default, all targets are associated with the built-in filter, DefaultFilter. Each target can also be configured with its own severity level. This provides the ability to associate multiple targets with the same filter, while having a configurable severity level for each target. A message is sent to a target if the target has been enabled, the message passes the associated filter, the message is at least as severe as the configured severity level, and the message output matches the regular expression specified. By default, the memory buffer, NVRAM, primary MSM, and backup MSM targets are enabled. For other targets, use the command enable log target on page 520. Table 13describes the default characteristics of each type of target.

Table 13: Default target log characteristics


Target console display memory buffer NVRAM primary MSM backup MSM session syslog Enabled no yes yes yes yes no no Severity Level info debug-data warning error error info debug-data

The built-in filter, DefaultFilter, and a severity level of info are used for each new telnet session. These values may be overridden on a per-session basis using the configure log target filter command and specify the target as session. Use the following form of the command for per-session configuration changes:
configure log target session filter <filter name> {severity <severity> {only}}

Configuration changes to the current session target are in effect only for the duration of the session, and are not saved in FLASH memory. The session option can also be used on the console display, if the changes are desired to be temporary. If changes to the console-display are to be permanent (saved to FLASH memory), use the following form of the command:
configure log target console filter <filter name> {severity <severity> {only}}

Modular Switches Only. If the condition for the backup-msm target is met by a message generated on the primary, the event is sent to the backup MSM. When the backup MSM receives the event, it will see if any of the local targets (nvram, memory, or console) are matched. If so it gets processed. The session and syslog targets are disabled on the backup MSM, as they are handled on the primary. If the condition for the primary-msm target is met by a message generated on the backup, the event is sent to the primary MSM. Note that the backup-msm target is only active on the primary MSM, and the primary-msm target is only active on the backup MSM.

ExtremeWare XOS 11.3 Command Reference

471

Commands for Status Monitoring and Statistics

Example
The following command sends log messages to the previously syslog host at 10.31.8.25, port 8993, and facility local3, that pass the filter myFilter and are of severity warning and above:
configure log target syslog 10.31.8.25:8993 local3 filter myFilter severity warning

The following command sends log messages to the current session, that pass the filter myFilter and are of severity warning and above:
configure log target session filter myFilter severity warning

History
This command was first available in ExtremeWare XOS 10.1. The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0. The ipPort parameter was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

472

ExtremeWare XOS 11.3 Command Reference

configure log target format

configure log target format


configure log target [console | memory-buffer | nvram | session | syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>} {local0 ... local7}]] format [timestamp [seconds | hundredths | none] | date [dd-mm-yyyy | dd-Mmm-yyyy | mm-dd-yyyy | Mmm-dd | yyyy-mm-dd | none] | severity | event-name [component | condition | none | subcomponent] | host-name | priority | process-name | process-slot | source-line

Description
Configures the formats of the displayed message, on a per-target basis.

Syntax Description
console memory-buffer nvram session syslog all ipaddress ipPort vr_name Specifies the console display. Specifies the switch memory buffer. Specifies the switch NVRAM. Specifies the current session (including console display). Specifies a syslog target. Specifies all remote syslog servers. Specifies the syslog IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. local0 ... local7 timestamp date severity event-name host-name priority process-name process-slot source-line Specifies the local syslog facility. Specifies a timestamp formatted to display seconds, hundredths, or none. Specifies a date formatted as specified, or none. Specifies whether to include the severity. Specifies how detailed the event description will be. Choose from none, component, subcomponent, or condition. Specifies whether to include the syslog host name. Specifies whether to include the priority. Specifies whether to include the internal process name. Specifies which slot number the message was generated. NOTE: This parameter is available only on modular switches. Specifies whether to include the source file name and line number.

ExtremeWare XOS 11.3 Command Reference

473

Commands for Status Monitoring and Statistics

Default
The following defaults apply to console display, memory buffer, NVRAM, and session targets:

timestamphundredths datemm-dd-yyyy severityon event-namecondition host-nameoff priorityoff process-nameoff process-slotoff (modular switches only) source-lineoff

The following defaults apply to syslog targets (per RFC 3164):


timestampseconds datemmm-dd severityon event-namenone host-nameoff priorityon process-nameoff process-slotoff (modular switches only) source-lineoff

If a virtual router is not specified, VR-Mgmt is used.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

This command configures the format of the items that make up log messages. You can choose to include or exclude items and set the format for those items, but you cannot vary the order in which the items are assembled. When applied to the targets console or session, the format specified is used for the messages sent to the console display or telnet session. Configuration changes to the session target, be it either a telnet or console display target session, are in effect only for the duration of the session, and are not saved in FLASH. When this command is applied to the target memory-buffer, the format specified is used in subsequent show log and upload log commands. The format configured for the internal memory buffer can be overridden by specifying a format on the show log and upload log commands. When this command is applied to the target syslog, the format specified is used for the messages sent to the specified syslog host.

474

ExtremeWare XOS 11.3 Command Reference

configure log target format Timestamps. Timestamps refer to the time an event occurred, and can be output in either seconds as described in RFC 3164 (for example, 13:42:56), hundredths of a second (for example, 13:42:56.98), or suppressed altogether. To display timestamps as hh:mm:ss, use the seconds keyword, to display as hh:mm:ss.HH, use the hundredths keyword, or to suppress timestamps altogether, use the none keyword. Timestamps are displayed in hundredths by default. Date. The date an event occurred can be output as described in RFC 3164. Dates are output in different formats, depending on the keyword chosen. The following lists the date keyword options, and how the date March 26, 2005 would be output:

Mmm-ddMar 26 mm-dd-yyyy03/26/2005 dd-mm-yyyy26-03-2005 yyyy-mm-dd2005-03-26 dd-Mmm-yyyy26-Mar-2005

Dates are suppressed altogether by specifying none. Dates are displayed as mm-dd-yyyy by default. Severity. A four-letter abbreviation of the severity of the event can be output by specifying severity on or suppressed by specifying severity off. The default setting is severity on. The abbreviations are: Crit, Erro, Warn, Noti, Info, Summ, Verb, and Data. These correspond to: Critical, Error, Warning, Notice, Informational, Debug-Summary, Debug-Verbose, and Debug-Data. Event Names. Event names can be output as the component name only by specifying event-name component and as component and subcomponent name with condition mnemonic by specifying eventname condition, or suppressed by specifying event-name none. The default setting is event-name condition to specify the complete name of the events. Host Name. The configured SNMP name of the switch can be output as HOSTNAME described in RFC 3164 by specifying host-name. The default setting is off. Process Name. For providing detailed information to technical support, the (internal) ExtremeWare XOS task names of the applications detecting the events can be displayed by specifying process-name. The default setting is off. Process Slot. For providing detailed information to technical support, the slot from which the logged message was generated can be displayed by specifying process-slot. The default setting is off. This is available only on modular switches. Process ID. For providing detailed information to technical support, the (internal) ExtremeWare XOS task identifiers of the applications detecting the events can be displayed by specifying process-id. The default setting is off. Source Line. For providing detailed information to technical support, the application source file names and line numbers detecting the events can be displayed by specifying source-line. The default setting is off. You must enable debug mode using the enable log debug-mode command to view the source line information. For messages generated prior to enabling debug mode, the source line information is not displayed.

ExtremeWare XOS 11.3 Command Reference

475

Commands for Status Monitoring and Statistics

Example
In the following example, the switch generates the identical event from the component SNTP, using three different formats. Using the default format for the session target, an example log message might appear as:
05/29/2005 12:15:25.00 <Warn:SNTP.RslvSrvrFail> The SNTP server parameter value (TheWrongServer.example.com) can not be resolved.

If you set the current session format using the following command:
configure log target session format timestamp seconds date mm-dd-yyyy event-name component

The same example would appear as:


05/29/2005 12:16:36 <Warn:SNTP> The SNTP server parameter value (TheWrongServer.example.com) can not be resolved.

To provide some detailed information to technical support, you set the current session format using the following command:
configure log target session format timestamp hundredths date mmm-dd event-name condition source-line process-name

The same example would appear as:


May 29 12:17:20.11 SNTP: <Warn:SNTP.RslvSrvrFail> tSntpc: (sntpcLib.c:606) The SNTP server parameter value (TheWrongServer.example.com) can not be resolved.

History
This command was first available in ExtremeWare XOS 10.1. The ipPort and host-name parameters were first introduced in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

476

ExtremeWare XOS 11.3 Command Reference

configure log target match

configure log target match


configure log target [console | memory-buffer | nvram | primary-msm | backup-msm | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>} [local0 ... local7]]] match [any |<match-expression>]

Description
Associates a match expression to a target.

Syntax Description
console memory-buffer nvram primary-msm backup-msm session syslog all ipaddress ipPort vr_name Specifies the console display. Specifies the switch memory buffer. Specifies the switch NVRAM. Specifies the primary MSM. NOTE: This parameter is available only on modular switches. Specifies the backup MSM. NOTE: This parameter is available only on modular switches. Specifies the current session (including console display). Specifies a syslog target. Specifies all of the remote syslog servers. Specifies the syslog IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. local0 ... local7 any match-expression Specifies the local syslog facility. Specifies that any messages will match. This effectively removes a previously configured match expression. Specifies a regular expression. Only messages that match the regular expression will be sent.

Default
By default, targets do not have a match expression. If a virtual router is not specified, VR-Mgmt is used.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

This command configures the specified target with a match expression. The filter associated with the target is not affected. A message is sent to a target if the target has been enabled, the message passes the

ExtremeWare XOS 11.3 Command Reference

477

Commands for Status Monitoring and Statistics associated filter, the message is at least as severe as the configured severity level, and the message output matches the regular expression specified. See the command show log on page 532 for a detailed description of simple regular expressions. By default, targets do not have a match expression. Specifying any instead of match-expression effectively removes a match expression that had been previously configured, causing any message to be sent that has satisfied all of the other requirements. To see the configuration of a target, use the following command:
show log configuration target {console | memory-buffer | nvram | primary-msm | backupmsm | session | syslog {<ipaddress> | <ipPort> | vr <vr_name>} [local0 ... local7]}

To see the current configuration of a filter, use the following command:


show log configuration filter {<filter name>}

Example
The following command sends log messages to the current session, that pass the current filter and severity level, and contain the string user5:
configure log target session match user5

History
This command was first available in ExtremeWare XOS 10.1. The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0. The ipPort parameter was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

478

ExtremeWare XOS 11.3 Command Reference

configure log target severity

configure log target severity


configure log target [console | memory-buffer | nvram | primary-msm | backup-msm | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>} [local0 ... local7]]] {severity <severity> {only}}

Description
Sets the severity level of messages sent to the target.

Syntax Description
console memory-buffer nvram primary-msm backup-msm session syslog all ipaddress ipPort vr_name Specifies the console display. Specifies the switch memory buffer. Specifies the switch NVRAM. Specifies the primary MSM. NOTE: This parameter is available only on modular switches. Specifies the backup MSM. NOTE: This parameter is available only on modular switches. Specifies the current session (including console display). Specifies a syslog target. Specifies all of the remote syslog servers. Specifies the syslog IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. local0 ... local7 severity only Specifies the local syslog facility. Specifies the least severe level to send (if the keyword only is omitted). Specifies that only the specified severity level is to be sent.

Default
By default, targets are sent messages of the following severity level and above:

console displayinfo memory bufferdebug-data NVRAMwarning sessioninfo syslogdebug-data primary MSMerror (modular switches only) backup MSMerror (modular switches only)

If a virtual router is not specified, VR-Mgmt is used.

ExtremeWare XOS 11.3 Command Reference

479

Commands for Status Monitoring and Statistics

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

This command configures the specified target with a severity level. The filter associated with the target is not affected. A message is sent to a target if the target has been enabled, the message passes the associated filter, the message is at least as severe as the configured severity level, and the message output matches the regular expression specified. See the command show log on page 532 for a detailed description of severity levels. To see the current configuration of a target, use the following command:
show log configuration target {console | memory-buffer | nvram | primary-msm | backupmsm | session | syslog {<ipaddress> | <ipPort> | vr <vr_name>} [local0 ... local7]}

To see the current configuration of a filter, use the following command:


show log configuration filter {<filter name>}

Example
The following command sends log messages to the current session, that pass the current filter at a severity level of info or greater, and contain the string user5:
configure log target session severity info

History
This command was first available in ExtremeWare XOS 10.1. The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0. The ipPort parameter was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

480

ExtremeWare XOS 11.3 Command Reference

configure log target syslog

configure log target syslog


configure log target syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>} {local0 ... local7} from <source-ip-address>

Description
Configures the syslog servers IP address for one or all syslog targets.

Syntax Description
syslog all ipaddress ipPort vr_name Specifies a syslog target. Specifies all of the remote syslog servers. Specifies the syslog servers IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. local0 ... local7 source-ip-address Specifies the local syslog facility. Specifies the local source IP address to use.

Default
If a virtual router is not specified, the following virtual routers are used:

ExtremeWare XOS 10.1VR-0 ExtremeWare XOS 11.0 and laterVR-Mgmt

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Use this command to identify and configure the syslog servers IP address. By configuring a source IP address, the syslog server can identify from which switch it received the log message. Options for configuring the remote syslog server include:

allSpecifies all of the remote syslog server hosts. ipaddressThe IP address of the remote syslog server host. ipPortThe UDP port. vr_nameThe virtual router that can reach the syslog host. local0-local7The syslog facility level for local use. fromThe local source IP address.

ExtremeWare XOS 11.3 Command Reference

481

Commands for Status Monitoring and Statistics If you do not configure a source IP address for the syslog target, the switch uses the IP address in the configured VR that has the closed route to the destination.

Example
The following command configures the IP address for the specified syslog target named orange:
configure log target syslog orange from 10.234.56.78

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

482

ExtremeWare XOS 11.3 Command Reference

configure sflow agent ipaddress

configure sflow agent ipaddress


configure sflow agent {ipaddress} <ip-address>

Description
Configures the sFlow agents IP address.

Syntax Description
ip-address Specifies the IP address from which sFlow data is sent on the switch.

Default
The default configured IP address is 0.0.0.0, but the effective IP address is the management port IP address.

Usage Guidelines
This command allows you to configure the IP address of the sFlow agent. Typically, you would set this to the IP address used to identify the switch in the network management tools that you use. The agent address is stored in the payload of the sFlow data, and is used by the sFlow collector to identify each agent uniquely. The default configured value is 0.0.0.0, but the switch will use the management port IP address if it exists. Both the commands unconfigure sflow and unconfigure sflow agent will reset the agent parameter to the default.

Example
The following command sets the sFlow agents IP address to 10.2.0.1:
configure sflow agent ipaddress 10.2.0.1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

483

Commands for Status Monitoring and Statistics

configure sflow collector ipaddress


configure sflow collector {ipaddress} <ip-address> {port <udp-port-number>} {vr <vrname>}

Description
Configures the sFlow collector IP address.

Syntax Description
ip-address udp-port-number vrname Specifies the IP address to send the sFlow data. Specifies the UDP port to send the sFlow data. Specifies from which virtual router to send the sFlow data. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Default
The following values are the defaults for this command:

UDP port number6343 Virtual routerVR-Mgmt (previously called VR-0).

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

This command allows you to configure where to send the sFlow data. You must specify an IP address for the sFlow data collector, and you may specify a particular UDP port, if your collector uses a nonstandard port. You may also need to specify from which virtual router to send the data. You can configure up to four sFlow collectors. Each unique IP address/UDP port/virtual router combination identifies a collector. Both the commands unconfigure sflow and unconfigure sflow collector will reset the collector parameters to the default.

Example
The following command specifies that sFlow data should be sent to port 6343 at IP address 192.168.57.1 using the virtual router VR-Mgmt:
configure sflow collector ipaddress 192.168.57.1

484

ExtremeWare XOS 11.3 Command Reference

configure sflow collector ipaddress

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

485

Commands for Status Monitoring and Statistics

configure sflow max-cpu-sample-limit


configure sflow max-cpu-sample-limit <rate>

Description
Configures the maximum number of sFlow samples handled by the CPU per second.

Syntax Description
rate Specifies the maximum sFlow samples per second.

Default
The default value is 2000 samples per second.

Usage Guidelines
This command configures the maximum number of samples sent to the CPU per second. If this rate is exceeded, the internal sFlow CPU throttling mechanism kicks in to limit the load on the CPU. Every time the limit is reached, the sample rate is halved (the value of number in the configure sflow sample-rate <number> or configure sflow ports <portlist> sample-rate <number> command is doubled), on the slot on which maximum number of packets were received during the last snapshot. This effectively halves the sampling frequency of all the ports on that slot with a sub-sampling factor of 1. The sampling frequency of ports on that slot with a sub-sampling factor greater than 1 will not change; the sub-sampling factor is also halved so the that the same rate of samples are sent from that port. The maximum CPU sample rate is based on the total number of samples received from all the sources. The valid range is 100 to 5000 samples per second.

Example
The following command specifies that the sFlow maximum CPU sample rate should be set to 4000 samples per second:
configure sflow max-cpu-sample-limit 4000

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

486

ExtremeWare XOS 11.3 Command Reference

configure sflow poll-interval

configure sflow poll-interval


configure sflow poll-interval <seconds>

Description
Configures the sFlow counter polling interval.

Syntax Description
seconds Specifies the number of seconds between polling each counter. The value can range from 0 to 3600 seconds.

Default
The default polling interval is 20 seconds.

Usage Guidelines
Each sFlow statistics counter is polled at regular intervals, and this data is then sent to the sFlow collector. This command is used to set the polling interval. To manage CPU load, polling for sFlow enabled ports are distributed over the polling interval, so that all ports are not polled at the same instant. For example, if the polling interval is 20 seconds and there are twenty counters, data is collected successively every second. Specifying a poll interval of 0 (zero) seconds disables polling.

Example
The following command sets the polling interval to 60 seconds:
configure sflow poll-interval 60

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

487

Commands for Status Monitoring and Statistics

configure sflow ports sample-rate


configure sflow ports <portlist> sample-rate <number>

Description
Configures the sFlow per-port sampling rate.

Syntax Description
portlist number Specifies a list of ports. Specifies the fraction (1/number) of packets to be sampled.

Default
The default number is 8192, unless modified by the configure sflow sample-rate command.

Usage Guidelines
This command configures the sampling rate on a particular set of ports, and overrides the system-wide value set in the configure sflow sample-rate command. The rate is rounded off to the next power of two, so if 400 is specified, the sample rate is configured as 512. The valid range is 1 to 536870912. For BlackDiamond 10K only. At the hardware level, the sampling rate for all ports on a slot is the same. Ports that are configured for fewer samples than other ports on the slot (the number parameter is larger) still take the same amount of samples at the hardware level as ports configured for more samples. The excess samples are discarded. This mechanism is displayed in the show sflow {configuration} command as the sub-sampling factor. For example, if one port is configured for a sample rate of 1024, and a second port on the same slot is configured for a sample rate of 4096, the second ports hardware actually samples one out of 1024 packets, but only saves the information for one out of four of those samples. In this example, the sub-sampling factor is four. Configuring a lower number for the sample rate means that more samples will be taken, increasing the load on the switch. Do not configure the sample rate to a number lower than the default unless you are sure that the traffic rate on the source is low. If the rate of samples going to the CPU exceeds a limit, set with the configure sflow max-cpusample-limit command, then the sample rate number will be doubled, effectively reducing the rate by one-half. Under those conditions, the configured rate may not be the actual rate of sampling. The output of the show sflow configuration command will display the configured and actual rate of sampling. For the Summit X450 only. At the hardware level, all ports on the switch are sampled at the same rate, so if one port is configured to sample less frequently than another, the extra samples are discarded. This is indicated in the output of the show sflow {configuration} command as the sub-sampling factor. For example, if one port is configured to sample one packet per every 8192 packets, and the second port on the same slot is configured to sample one packet per every 16384 packets, the second port will show a sub-sampling factor of two.

488

ExtremeWare XOS 11.3 Command Reference

configure sflow ports sample-rate

Example
The following command sets the sample rate for the ports 4:6 to 4:10 to one packet out of every 16384:
configure sflow ports 4:6-4:10 sample-rate 16384

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

489

Commands for Status Monitoring and Statistics

configure sflow sample-rate


configure sflow sample-rate <number>

Description
Configures the sFlow default sampling rate.

Syntax Description
number Specifies the fraction (1/number) of packets to be sampled.

Default
The default number is 8192.

Usage Guidelines
This command configures the default sampling rate. This is the rate that newly enabled sFlow ports will have their sample rate set to. Changing this rate will not affect currently enabled sFlow ports. The rate is rounded off to the next power of two, so if 400 is specified, the sample rate is configured as 512. The valid range is 1 to 536870912. Configuring a lower number for the sample rate means that more samples will be taken, increasing the load on the switch. Do not configure the sample rate to a number lower than the default unless you are sure that the traffic rate on the source is low.

Example
The following command sets the sample rate to one packet out of every 16384:
configure sflow sample-rate 16384

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

490

ExtremeWare XOS 11.3 Command Reference

configure sys-health-check interval

configure sys-health-check interval


configure sys-health-check interval <interval>

Description
Configures the frequency of sending backplane diagnostic packets and the polling interval.

Syntax Description
interval BlackDiamond 10K switchSpecifies the frequency of sending backplane diagnostic packets and polling the ASIC counters. If backplane diagnostic packets are enabled on a particular slot, the default value for sending diagnostic packets and polling the ASIC counters is 6 seconds on that slot. If only polling occurs (this is the system default), the default value is 60 seconds. The polling interval is interval*10 seconds. BlackDiamond 8800 family of switchesSpecifies the frequency of sending backplane diagnostic packets. If backplane diagnostic packets are enabled on a particular slot, the default value for sending diagnostic packets is 5 seconds on that slot. If only polling occurs (this is the system default), the default value is 5 seconds. (The polling interval is not a user-configured parameter, and polling always occurs.)

Default
Depending upon your platform, the following defaults apply:

BlackDiamond 10K switch:

If backplane diagnostics packets are enabled on a particular slot, the default for sending packets and for polling is 6 seconds on that slot. If only polling occurs, the default polling interval is 60 seconds (interval*10 seconds). If backplane diagnostics are enabled on a particular slot, the default for sending packets is 5 seconds on that slot. The polling interval is always 5 seconds (this is a not a user-configured parameter).

BlackDiamond 8800 family of switches:

Usage Guidelines
Use this command with the guidance of Extreme Networks Technical Support personnel. The system health checker tests I/O modules and the backplane by forwarding backplane diagnostic packets. On the BlackDiamond 10K switch, additional checking for the validity of these packets is completed by performing a checksum. Use this command to configure the amount of time it takes for the packets to be forwarded and returned to the MSM. To enable backplane diagnostic packets, use the enable sys-health-check slot <slot> command. With backplane diagnostic packets enabled on a specific slot, the interval option of the configure

ExtremeWare XOS 11.3 Command Reference

491

Commands for Status Monitoring and Statistics


sys-health-check interval command specifies the frequency of sending backplane diagnostic packets. For example, if you specify an interval of 9, backplane diagnostic packets are sent every 9 seconds on only the enabled slot.

NOTE
Extreme Networks does not recommend configuring an interval of less than the default interval. Doing this can cause excessive CPU utilization.

BlackDiamond 10K Switch Only. If backplane diagnostic packets are disabled, you can use this command to configure the global polling interval on the switch. When you enable backplane diagnostic packets with the enable sys-health-check slot <slot> command, the interval option also specifies the polling frequency on that slot. For example, if you specify an interval of 9, backplane diagnostic packets are sent and polling occurs every 9 seconds for only the enabled slot. You can also use the configure sys-health-check interval command to modify the global polling interval on the switch. With only polling enabled, the interval option specifies the frequency of polling on all slots. Therefore, if you configure the interval to 8 seconds, the polling interval is updated to 80 seconds (interval*10 seconds). If backplane diagnostic packets are enabled on a slot and you modify the polling interval on the switch, the new interval value takes precedence. For example, if you configure the interval to 7 seconds, the polling interval is updated to 70 seconds on all slots with backplane diagnostics disabled. On the slot with backplane diagnostic packets enabled, backplane diagnostic packets are sent and polling occurs every 7 seconds. To return to the default of sending diagnostic packets every 6 seconds and the system polling every 60 seconds, specify 6 for the interval. By default, the system health checker always polls and tracks the ASIC counters that collect correctable and uncorrectable packet memory errors, checksum errors, and parity errors on a per ASIC basis. You must enable the backplane diagnostic packets feature to send backplane diagnostic packets. BlackDiamond 8800 Family of Switches Only. By default, the system health checker always polls the control plane health between MSMs and I/O modules, monitors memory levels on the I/O module, monitors the health of the I/O module, and checks the health of applications and processes running on the I/O module. If the system health checker detects an error, the health checker notifies the MSM. You must enable the backplane diagnostic packets feature to send backplane diagnostic packets. If you enable this feature, the system health checker tests the data link for a specific I/O module every 5 seconds by default. The MSM sends and receives diagnostic packets from the I/O module to determine the state and connectivity. If you disable backplane diagnostics, the system health checker stops sending backplane diagnostic packets.

492

ExtremeWare XOS 11.3 Command Reference

configure sys-health-check interval

Example
The following examples assume that you enabled backplane diagnostic packets on a specific I/O slot. On the BlackDiamond 10K switch, the following command configures the backplane diagnostic packet interval to 8 seconds and the polling interval to 80 seconds:
configure sys-health-check interval 8

On the BlackDiamond 8800 family of switches, the following command configures the backplane diagnostic packet interval to 8 seconds:
configure sys-health-check interval 8

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches.

ExtremeWare XOS 11.3 Command Reference

493

Commands for Status Monitoring and Statistics

configure sys-recovery-level
configure sys-recovery-level [all | none]

Description
Configures a recovery option for instances where an exception occurs in ExtremeWare XOS.

Syntax Description
all none Configures ExtremeWare XOS to log an error into the syslog and either shutdown or reboot the system after any task exception occurs. Configures the level to no recovery. No action is taken when a task exception occurs; there is no system shutdown or reboot.

Default
The default setting is all.

Usage Guidelines
Use this command for system troubleshooting. If the system fails, the switch will automatically reboot or leave the system in its current state. You must specify one of the following parameters for the system to respond to software failures:

allThe system will reboot or shut down if any task exception occurs. noneNo action is taken when a task exception occurs.

The system will always reboot after a task exception when the system recovery level is specified as all. Extreme Networks recommends using the default setting. Displaying the System Recovery Setting. To display the system recovery setting on the switch, use the following command:
show switch

This command displays general switch information, including the system recovery level. The following truncated output displays the system recovery setting (displayed as Recovery Mode):
SysName: SysLocation: SysContact: System MAC: Recovery Mode: System Watchdog: TechPubs Lab support@extremenetworks.com, +1 888 257 3000 00:04:96:1F:A4:0E All Enabled

494

ExtremeWare XOS 11.3 Command Reference

configure sys-recovery-level

Example
The following command configures a switch to not take an action when any task exception occurs:
configure sys-recovery-level none

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

495

Commands for Status Monitoring and Statistics

configure sys-recovery-level slot


configure sys-recovery-level slot <slot_number> [none | reset]

Description
Configures a recovery option for instances where an exception occurs on the specified MSM or I/O module.

Syntax Description
slot_number Specifies the slot of the MSM or I/O module. A and BIndicate an MSM 1 through 10Indicate an I/O module none Configures the MSM or I/O module to maintain its current state regardless of the detected fault. The offending MSM or I/O module is not reset. For more information about the states of an MSM or I/O module see the show slot command. Specifies that the offending MSM or I/O module be reset upon fault detection. For more detailed information, see the Usage Guidelines described below.

reset

Default
The default setting is reset.

Usage Guidelines
Use this command for system troubleshooting. You can configure the MSMs or I/O modules installed in a modular switch to take no action, automatically reset, or if dual MSMs are installed, failover to the other MSM, if the switch detects a faulty MSM or I/O module. This enhanced level of recovery detects faults in the ASICs as well as packet buses. You must specify one of the following parameters for the system to respond to MSM or I/O module failures:

noneConfigures the MSM or I/O module to maintain its current state regardless of the detected

fault. The offending MSM or I/O module is not reset.

resetSpecifies that the offending MSM or I/O module be reset upon fault detection.

To get the most from module recovery, Extreme Networks recommends using the default settings for both system recovery and module recovery. The default setting for system recovery is all, and the default setting for module recovery is reset. For more information about system recovery, see the configure sys-recovery-level [all | none] command. By using the default settings, the switch resets the offending MSM or I/O module if fault detection occurs. An offending MSM is reset any number of times, and the MSM is not permanently taken offline. On the BlackDiamond 10K switch, an offending I/O module is reset a maximum of three times. On the BlackDiamond 8800 family of switches, an offending I/O module is reset a maximum of five times. After the maximum number of resets, the I/O module is permanently taken offline.

496

ExtremeWare XOS 11.3 Command Reference

configure sys-recovery-level slot Module Recovery Actions. Table 14 displays the actions module recovery takes when configured as reset (the default setting) in combination with the system recovery settings all and none.

Table 14: Module recovery actions


Module Recovery Setting and Hardware Configuration Reset Single MSM Dual MSM System Recovery Setting and Action Taken All Resets the MSM. Resets the primary MSM and fails over to the backup MSM. BlackDiamond 10K switch Resets the I/O module a maximum of three times. After the third time, the I/O module is permanently taken offline. BlackDiamond 8800 family of switchesResets the I/O module a maximum of five times. After the fifth time, the I/O module is permanently taken offline. Reset Single MSM Dual MSM I/O Module None Resets the MSM. Fails over to the other installed MSM. Resets the I/O module.

I/O Module

Displaying the Module Recovery Setting. To display the module recovery setting, use the following command:
show slot

If you configure the module recovery setting to none, the output displays an E flag that indicates no corrective actions will occur for the specified MSM or I/O module. The E flag appears only if you configure the module recovery setting to none. Troubleshooting Module Failures. If you experience an I/O module failure, use the following troubleshooting methods when you can bring the switch offline to solve or learn more about the problem:

Restarting the I/O moduleUse the disable slot <slot> command followed by the enable slot <slot> command to restart the offending I/O module. By issuing these commands, the I/O module and its associated fail counter is reset. If the module does not restart, or you continue to experience I/O module failure, please contact Extreme Networks Technical Support.

Running diagnosticsUse the run diagnostics normal <slot> command to run operational diagnostics on the offending I/O module to ensure that you are not experiencing a hardware issue. If the module continues to enter the failed state, please contact Extreme Networks Technical Support.

If you experience an MSM failure, please contact Extreme Networks Technical Support.

ExtremeWare XOS 11.3 Command Reference

497

Commands for Status Monitoring and Statistics

Example
The following command configures a switch to not take an action when any task exception occurs:
configure sys-recovery-level none

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available only on modular switches.

498

ExtremeWare XOS 11.3 Command Reference

configure syslog add

configure syslog add


configure syslog {add} [<ipaddress> | <ipPort>] {vr <vr_name>} [local0 ... local7] {<severity>}

Description
Configures the remote syslog server host address, and filters messages to be sent to the remote syslog target.

Syntax Description
ipaddress ipPort vr_name Specifies the remote syslog server IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. local0 ... local7 severity Specifies the local syslog facility. Specifies a message severity. Severities include critical, error, warning, notice, info, debug-summary, debug-verbose, and debug-data.

Default
If a severity level is not specified, all messages are sent to the remote syslog server target. If a virtual router is not specified, VR-Mgmt is used. If UDP port is not specified, 514 is used.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Options for configuring the remote syslog server include:


ipaddressThe IP address of the remote syslog server host. ipPortThe UDP port. local0-local7The syslog facility level for local use. vr_nameThe virtual router that can reach the syslog host. severityFilters the messages sent to the remote syslog server target to have the selected severity or higher (more critical). Severities include critical, error, warning, notice, info, debug-summary, debugverbose, and debug-data.

The switch log overwrites existing log messages in a wrap-around memory buffer, which may cause you to lose valuable information once the buffer becomes full. The remote syslog server does not overwrite log information, and can store messages in non-volatile files (disks, for example).

ExtremeWare XOS 11.3 Command Reference

499

Commands for Status Monitoring and Statistics The enable syslog command must be issued in order for messages to be sent to the remote syslog server(s). Syslog is disabled by default. A total of four syslog servers can be configured at one time. When a syslog server is added, it is associated with the filter DefaultFilter. Use the configure log target filter command to associate a different filter. The syslog facility level is defined as local0 local7. The facility level is used to group syslog data.

Example
The following command configures the remote syslog server target with a critical severity:
configure syslog 123.45.67.78 local1 critical

History
This command was first available in ExtremeWare XOS 10.1. The ipPort parameter was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

500

ExtremeWare XOS 11.3 Command Reference

configure syslog delete

configure syslog delete


configure syslog delete [all | <ipaddress> | <ipPort>] {vr <vr_name>} {local0 ... local7} configure syslog delete <host name/ip> {: <udp-port>} [local0 ... local7]

Description
Deletes a remote syslog server address.

Syntax Description
all ipaddress ipPort vr_name Specifies all remote syslog servers. Specifies the remote syslog server IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. local0 ... local7 Specifies the local syslog facility.

Default
If a virtual router is not specified, VR-Mgmt is used. If a UDP port number is not specified, 514 is used.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

This command is used to delete a remote syslog server target.

Example
The following command deletes the remote syslog server with an IP address of 10.0.0.1:
configure syslog delete 10.0.0.1 local1

History
This command was first available in ExtremeWare XOS 10.1. The ipPort parameter was first available in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

501

Commands for Status Monitoring and Statistics

Platform Availability
This command is available on all platforms.

502

ExtremeWare XOS 11.3 Command Reference

create log filter

create log filter


create log filter <name> {copy <filter name>}

Description
Creates a log filter with the specified name.

Syntax Description
name copy filter name Specifies the name of the filter to create. Specifies that the new filter is to be copied from an existing one. Specifies the existing filter to copy.

Default
N/A.

Usage Guidelines
This command creates a filter with the name specified. A filter is a customizable list of events to include or exclude, and optional parameter values. The list of events can be configured by component or subcomponent with optional severity, or individual condition, each with optional parameter values. See the commands configure log filter events and configure log filter events match for details on how to add items to the filter. The filter can be associated with one or more targets using the configure log target filter command to control the messages sent to those targets. The system has one built-in filter named DefaultFilter, which itself may be customized. Therefore, the create log filter command can be used if a filter other than DefaultFilter is desired. As its name implies, DefaultFilter initially contains the default level of logging in which every ExtremeWare XOS component and subcomponent has a preassigned severity level. If another filter needs to be created that will be similar to an existing filter, use the copy option to populate the new filter with the configuration of the existing filter. If the copy option is not specified, the new filter will have no events configured and therefore no incidents will pass through it. The total number of supported filters, including DefaultFilter, is 20.

Example
The following command creates the filter named fdb2, copying its configuration from the filter DefaultFilter:
create log filter fdb2 copy DefaultFilter

ExtremeWare XOS 11.3 Command Reference

503

Commands for Status Monitoring and Statistics

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

504

ExtremeWare XOS 11.3 Command Reference

delete log filter

delete log filter


delete log filter [<filter name> | all]

Description
Deletes a log filter with the specified name.

Syntax Description
filter name all Specifies the filter to delete. Specifies that all filters, except DefaultFilter, are to be deleted

Default
N/A.

Usage Guidelines
This command deletes the specified filter, or all filters except for the filter DefaultFilter. The specified filter must not be associated with a target. To remove that association, associate the target with DefaultFilter instead of the filter to be deleted, using the following command:
configure log target <target> filter DefaultFilter

Example
The following command deletes the filter named fdb2:
delete log filter fdb2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

505

Commands for Status Monitoring and Statistics

disable cli-config-logging
disable cli-config-logging

Description
Disables the logging of CLI configuration commands to the switch Syslog.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Every command is displayed in the log window which allows you to view every command executed on the switch. The disable cli-config-logging command discontinues the recording of all switch configuration changes and their sources that are made using the CLI via Telnet or the local console. After you disable configuration logging, no further changes are logged to the system log. To view the status of configuration logging on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for configuration logging.

Example
The following command disables the logging of CLI configuration command to the Syslog:
disable cli-config-logging

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

506

ExtremeWare XOS 11.3 Command Reference

disable log debug-mode

disable log debug-mode


disable log debug-mode

Description
Disables debug mode. The switch stops logging events of severity debug-summary, debug-verbose, and debug-data.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
This command disables debug mode. Debug mode must be enabled prior to logging debug messages, which can severely degrade performance. For typical network device monitoring, debug mode should remain disabled, the default setting. Debug mode should only be enabled when advised by technical support, or when advanced diagnosis is required. The debug mode setting is saved to FLASH. The following configuration options require that debug mode be enabled:

Including a severity of debug-summary, debug-verbose, or debug-data when configuring filters Target format options process-name, process-id, source-function, and source-line

Example
The following command disables debug mode:
disable log debug-mode

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

507

Commands for Status Monitoring and Statistics

disable log display


disable log display

Description
Disables the sending of messages to the console display.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
If the log display is disabled, log information is no longer written to the serial console. This command setting is saved to FLASH and determines the initial setting of the console display at boot up. You can also use the following command to control logging to different targets:
disable log display

The disable log display command is equivalent to disable log target console-display command.

Example
The following command disables the log display:
disable log display

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

508

ExtremeWare XOS 11.3 Command Reference

disable log target

disable log target


disable log target [console | memory-buffer | nvram | primary-msm | backupmsm | session | syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>} [local0 ... local7]]]

Description
Stops sending log messages to the specified target.

Syntax Description
console memory-buffer nvram primary-msm backup-msm session syslog all ipaddress ipPort vr_name Specifies the console display. Specifies the switch memory buffer. Specifies the switch NVRAM. Specifies the primary MSM. NOTE: This parameter is available only on modular switches. Specifies the backup MSM. NOTE: This parameter is available only on modular switches. Specifies the current session (including console display). Specifies a syslog target. Specifies all of the remote syslog servers. Specifies the syslog host name or IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. local0 ... local7 Specifies the local syslog facility.

Default
Enabled, for memory buffer, NVRAM, primary MSM, and backup MSM; all other targets are disabled by default.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

This command stops sending messages to the specified target. By default, the memory buffer, NVRAM, primary MSM, and backup MSM targets are enabled. Other targets must be enabled before messages are sent to those targets.

ExtremeWare XOS 11.3 Command Reference

509

Commands for Status Monitoring and Statistics Configuration changes to the session target are in effect only for the duration of the console display or telnet session, and are not saved in FLASH. Changes to the other targets are saved to FLASH. You can also use the following command to disable displaying the log on the console:
disable log display

The disable log display command is equivalent to disable log target console-display command. Modular Switches Only. Note that the backup-msm target is only active on the primary MSM, and the primary-msm target is only active on the backup MSM.

Example
The following command disables log messages to the current session:
disable log target session

History
This command was first available in ExtremeWare XOS 10.1. The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0. The ipPort parameter was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

510

ExtremeWare XOS 11.3 Command Reference

disable rmon

disable rmon
disable rmon

Description
Disables the collection of RMON statistics on the switch.

Syntax Description
This command has no arguments or variables.

Default
By default, RMON is disabled. However, even in the disabled state, the switch responds to RMON queries and sets for alarms and events.

Usage Guidelines
The switch supports four out of nine groups of Ethernet RMON statistics. In a disabled state, the switch continues to respond queries of statistics. Collecting of history, alarms, and events is stopped; however, the switch still queries old data. To view the status of RMON polling on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for RMON polling. To view the RMON memory usage statistics for a specific memory type (for example, statistics, events, logs, history, or alarms) or for all memory types, use the following command:
show rmon memory {detail | <memoryType>}

Example
The following command disables the collection of RMON statistics on the switch:
disable rmon

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

511

Commands for Status Monitoring and Statistics

disable sflow
disable sflow

Description
Globally disables sFlow statistical packet sampling.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
This command disables sFlow globally on the switch.

Example
The following command disables sFlow sampling globally:
disable sflow

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

512

ExtremeWare XOS 11.3 Command Reference

disable sflow ports

disable sflow ports


disable sflow ports <portlist>

Description
Disables sFlow statistical packet sampling and statistics gathering on a particular list of ports.

Syntax Description
portlist Specifies a list of ports.

Default
Disabled.

Usage Guidelines
This command disables sFlow on a particular list of ports. Once sFlow is disabled on a port, sampling and polling will stops. If sFlow is disabled globally, all sampling and polling stops Use the following command to disable sFlow globally:
disable sflow

Example
The following command disables sFlow sampling on port 3:1:
disable sflow ports 3:1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

513

Commands for Status Monitoring and Statistics

disable sys-health-check
disable sys-health-check slot <slot>

Description
Discontinues sending backplane diagnostic packets.

Syntax Description
slot Specifies the slot to disable sending backplane diagnostic packets.

Default
Polling is enabled, backplane diagnostic packets are disabled. Depending upon your platform, when disabling backplane diagnostic packets, the following defaults apply:

BlackDiamond 10K switchBy default, the system health checker discontinues sending backplane diagnostic packets and returns the polling frequency to 60 seconds on the specified slot. Only polling is enabled. BlackDiamond 8800 family of switchesBy default, the system health checker discontinues sending backplane diagnostic packets to the specified slot. Only polling is enabled.

Usage Guidelines
When you use this command, backplane diagnostic packets are disabled and no longer sent by the system health checker. BlackDiamond 10K Switch Only. If you use this command, in addition to disabling backplane diagnostic packets, the polling frequency returns to the default of 60 seconds for the specified slot. If you modify the interval in the configure sys-health-check interval <interval> command, the polling frequency is interval*10 seconds. For example, if you configured an interval of 7, the polling frequency is now 70 seconds. BlackDiamond 8800 Family of Switches Only. If you modify the interval in the configure syshealth-check interval <interval> command and later disable backplane diagnostics, the configured interval for sending backplane diagnostic packets remains. The next time you enable backplane diagnostic packets, the health checker sends backplane diagnostics packets at the configured interval. For example, if you configure an interval of 8 seconds, the system health checker sends backplane diagnostic packets every 8 seconds. To return to the "default" interval of 5 seconds, configure the frequency of sending backplane diagnostic packets to 5 seconds using the following command:
configure sys-health-check interval 5

514

ExtremeWare XOS 11.3 Command Reference

disable sys-health-check

Example
On the BlackDiamond 10K switch, the following example assumes that you did not modify the interval option in the configure sys-health-check interval <interval> command. The following command disables backplane diagnostic packets on slot 3 and returns the polling frequency on slot 3 to 60 seconds:
disable sys-health-check slot 3

On the BlackDiamond 8800 family of switches, the following example assumes that you did not modify the interval option in the configure sys-health-check interval <interval> command. The following command disables backplane diagnostics on slot 3, polling is always enabled and occurs every 5 seconds.
disable sys-health-check slot 3

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches.

ExtremeWare XOS 11.3 Command Reference

515

Commands for Status Monitoring and Statistics

disable syslog
disable syslog

Description
Disables logging to all remote syslog server targets.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Disables logging to all remote syslog server targets, not to the switch targets. This setting is saved in FLASH, and will be in effect upon boot up.

Example
The following command disables logging to all remote syslog server targets:
disable syslog

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

516

ExtremeWare XOS 11.3 Command Reference

enable cli-config-logging

enable cli-config-logging
enable cli-config-logging

Description
Enables the logging of CLI configuration commands to the Syslog for auditing purposes.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
ExtremeWare XOS allows you to record all configuration changes and their sources that are made using the CLI by way of Telnet or the local console. The changes are logged to the system log. Each log entry includes the user account name that performed the changes and the source IP address of the client (if Telnet was used). Configuration logging applies only to commands that result in a configuration change. To view the status of configuration logging on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for configuration logging.

Example
The following command enables the logging of CLI configuration commands to the Syslog:
enable cli-config-logging

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

517

Commands for Status Monitoring and Statistics

enable log debug-mode


enable log debug-mode

Description
Enables debug mode. The switch allows debug events included in log filters to be logged.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
This command enables debug mode. Debug mode must be enabled prior to logging debug messages, which can severely degrade performance. For typical network device monitoring, debug mode should remain disabled, the default setting. Debug mode should only be enabled when advised by technical support, or when advanced diagnosis is required. The debug mode setting is saved to FLASH. The following configuration options require that debug mode be enabled:

Including a severity of debug-summary, debug-verbose, or debug-data when configuring filters Target format options process-name, process-id, source-function, and source-line

Example
The following command enables debug mode:
enable log debug-mode

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

518

ExtremeWare XOS 11.3 Command Reference

enable log display

enable log display


enable log display

Description
Enables a running real-time display of log messages on the console display.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
If you enable the log display on a terminal connected to the console port, your settings will remain in effect even after your console session is ended (unless you explicitly disable the log display). You configure the messages displayed in the log using the configure log display, or configure log target console-display commands. You can also use the following command to control logging to different targets:
enable log display

The enable log display command is equivalent to enable log target console-display command. To change the log filter association, severity threshold, or match expression for messages sent to the console display, use the configure log target console-display command

Example
The following command enables a real-time display of log messages:
enable log display

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

519

Commands for Status Monitoring and Statistics

enable log target


enable log target [console | memory-buffer | nvram | primary-msm | backupmsm | session | syslog [all | <ipaddress> | <ipPort>] {vr <vr_name>} [local0 ... local7]]]

Description
Starts sending log messages to the specified target.

Syntax Description
console memory-buffer nvram primary-msm backup-msm session syslog all ipaddress ipPort vr_name Specifies the console display. Specifies the switch memory buffer. Specifies the switch NVRAM. Specifies the primary MSM. NOTE: This parameter is available only on modular switches. Specifies the backup MSM. NOTE: This parameter is available only on modular switches. Specifies the current session (including console display). Specifies a syslog target. Specifies all of the remote syslog servers. Specifies the syslog IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. local0 ... local7 Specifies the local syslog facility.

Default
Enabled, for memory buffer and NVRAM; all other targets are disabled by default.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

This command starts sending messages to the specified target. By default, the memory-buffer, NVRAM, primary MSM, and backup MSM targets are enabled. Other targets must be enabled before messages are sent to those targets. Configuration changes to the session target are in effect only for the duration of the console display or Telnet session, and are not saved in FLASH. Others are saved in FLASH.

520

ExtremeWare XOS 11.3 Command Reference

enable log target You can also use the following command to enable displaying the log on the console:
enable log display

The enable log display command is equivalent to the enable log target console-display command. Modular Switches Only. Note that the backup-msm target is only active on the primary MSM, and the primary-msm target is only active on the backup MSM.

Example
The following command enables log messages on the current session:
enable log target session

History
This command was first available in ExtremeWare XOS 10.1. The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0. The ipPort parameter was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

521

Commands for Status Monitoring and Statistics

enable rmon
enable rmon

Description
Enables the collection of RMON statistics on the switch.

Syntax Description
This command has no arguments or variables.

Default
By default, RMON is disabled. However, even in the disabled state, the switch responds to RMON queries and sets for alarms and events. By enabling RMON, the switch begins the processes necessary for collecting switch statistics.

Usage Guidelines
The switch supports four out of nine groups of Ethernet RMON statistics. In an enabled state, the switch responds to the following four groups:

StatisticsThe RMON Ethernet Statistics group provides traffic and error statistics showing packets, bytes, broadcasts, multicasts, and errors on a LAN segment or VLAN. HistoryThe History group provides historical views of network performance by taking periodic samples of the counters supplied by the Statistics group. The group features user-defined sample intervals and bucket counters for complete customization of trend analysis. AlarmsThe Alarms group provides a versatile, general mechanism for setting threshold and sampling intervals to generate events on any RMON variable. Both rising and falling thresholds are supported, and thresholds can be on the absolute value of a variable or its delta value. In addition, alarm thresholds may be auto calibrated or set manually. EventsThe Events group creates entries in an event log and/or sends SNMP traps to the management workstation. An event is triggered by an RMON alarm. The action taken can be configured to ignore it, to log the event, to send an SNMP trap to the receivers listed in the trap receiver table, or to both log and send a trap. The RMON traps are defined in RFC 1757 for rising and falling thresholds.

The switch also supports the following parameters for configuring the RMON agent, as defined in RFC 2021:

probeCapabilitiesIf you configure the probeCapabilities object, you can view the RMON MIB groups supported on at least one interface by the probe. probeSoftwareRevIf you configure the probeSoftwareRev object, you can view the current software version of the monitored device. probeHardwareRevIf you configure the probeHardwareRev object, you can view the current hardware version of the monitored device.

522

ExtremeWare XOS 11.3 Command Reference

enable rmon

probeDateTimeIf you configure the probeDateTime object, you can view the current date and time of the probe. probeResetControlIf you configure the probeResetControl object, you can restart a managed device that is not running normally. Depending on your configuration, you can do one of the following:

Warm bootA warm boot restarts the device using the current configuration saved in nonvolatile memory. Cold bootA cold boot causes the device to reset the configuration parameters stored in nonvolatile memory to the factory defaults and then restarts the device using the restored factory default configuration. NOTE

You can only use the RMON features of the system if you have an RMON management application and have enabled RMON on the switch.

RMON requires one probe per LAN segment, and standalone RMON probes have traditionally been expensive. Therefore, the approach taken by Extreme Networks has been to build an inexpensive RMON probe into the agent of each system. This allows RMON to be widely deployed around the network without costing more than traditional network management. The switch accurately maintains RMON statistics at the maximum line rate of all of its ports. For example, statistics can be related to individual ports. Also, because a probe must be able to see all traffic, a stand-alone probe must be attached to a nonsecure port. Implementing RMON in the switch means that all ports can have security features enabled. To view the status of RMON polling on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for RMON polling. To view the RMON memory usage statistics for a specific memory type (for example, statistics, events, logs, history, or alarms) or for all memory types, use the following command:
show rmon memory {detail | <memoryType>}

Example
The following command enables the collection of RMON statistics on the switch:
enable rmon

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

523

Commands for Status Monitoring and Statistics

enable sflow
enable sflow

Description
Globally enables sFlow statistical packet sampling.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
This command enables sFlow globally on the switch. NOTE
On the BlackDiamond 8800 family of switches, sFlow and mirroring are mutually exclusive. You can enable either sFlow, or mirroring, but not both.

Example
The following command enables sFlow sampling globally:
enable sflow

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

524

ExtremeWare XOS 11.3 Command Reference

enable sflow ports

enable sflow ports


enable sflow ports <port_list>

Description
Enables sFlow statistical packet sampling on a particular list of ports.

Syntax Description
port_list Specifies a list of ports.

Default
Disabled.

Usage Guidelines
This command enables sFlow on a particular list of ports. You will also need to enable sFlow globally in order to gather statistics and send the data to the collector. Once sFlow is enabled globally, and on the ports of interest, sampling and polling will begin. Use the following command to enable sFlow globally:
enable sflow

NOTE
On the BlackDiamond 8800 family of switches and the Summit X450 switch, sFlow and mirroring are mutually exclusive. You can enable either sFlow, or mirroring, but not both.

Example
The following command enables sFlow sampling on the port 3:1:
enable sflow ports 3:1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

525

Commands for Status Monitoring and Statistics

enable sys-health-check
enable sys-health-check slot <slot>

Description
Enables backplane diagnostic packets on the specified slot.

Syntax Description
slot Specifies the slot to participate in sending backplane diagnostic packets.

Default
Polling is enabled, backplane diagnostic packets are disabled. Depending upon your platform, when enabling backplane diagnostic packets, the following defaults apply:

BlackDiamond 10K switchThe system health checker tests the packet path every 6 seconds for the specified slot. BlackDiamond 8800 family of switchesThe system health checker tests the data link every 5 seconds for the specified slot.

Usage Guidelines
Configure the system health checker with guidance from Extreme Networks Technical Support personnel. The system health checker tests I/O modules and the backplane by sending diagnostic packets. On the BlackDiamond 10K switch, additional checking for the validity of these packets is completed by performing a checksum. By isolating faults to a specific module or backplane connection, the system health checker notifies you of a possible hardware failure. System health check errors are reported to the syslog. Syslog output includes the slot number where the problem occurred, the loopback packet ID number, and a notification that the MSM did not receive the last packet. If you see an error, please contact Extreme Networks Technical Support.

NOTE
Enabling backplane diagnostic packets increases CPU utilization and competes with network traffic for resources.

The system health checker continues to periodically forward test packets to failed components. To configure the frequency of the backplane diagnostic packets, use the configure sys-health-check interval command. BlackDiamond 10K Switch Only. If you enable backplane diagnostic packets on a slot, the polling timer changes from its current value to the current backplane diagnostic packet interval configured on that

526

ExtremeWare XOS 11.3 Command Reference

enable sys-health-check slot. For example, if the frequency of sending backplane diagnostic packets is 7 seconds, the polling value is 7 seconds.

Example
The following command enables backplane diagnostic packets on slot 6:
enable sys-health-check slot 6

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available only on modular switches.

ExtremeWare XOS 11.3 Command Reference

527

Commands for Status Monitoring and Statistics

enable syslog
enable syslog

Description
Enables logging to all remote syslog host targets.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
To enable remote logging, you must do the following:

Configure the syslog host to accept and log messages. Enable remote logging by using the enable syslog command. Configure remote logging by using the configure syslog command.

When you use the enable syslog command, the exporting process of the syslog begins. This command also determines the initial state of an added remote syslog target.

Example
The following command enables logging to all remote syslog hosts:
enable syslog

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

528

ExtremeWare XOS 11.3 Command Reference

show fans

show fans
show fans {detail}

Description
Displays the status of the fans in the system.

Syntax Description
detail The detail option is reserved for future use.

Default
N/A.

Usage Guidelines
Use this command to view detailed information about the health of the fans. This status information may be useful for your technical support representative if you have a network problem. The following fan information is collected by the switch:

StateThe current state of the fan. Options are:


Empty: There is no fan installed. Failed: The fan failed. Operational: The fan is installed and working normally.

NumFanThe number of fans in the fan tray.

On modular switches, the output also includes the following information:

PartInfoInformation about the fan tray, including the:


Serial number, a collection of numbers and letters, that make up the serial number of the fan. Part number, a collection of numbers and letters, that make up the part number of the fan.

RevisionThe revision number of the fan. OdometerSpecifies the power-on date and how long the fan tray has been operating since it first powered-on. TemperatureSpecifies, in celsius, the current temperature of the fan. (BlackDiamond 10K switch only.) Fan NameSpecifies the individual state for each fan in a fan tray and its current speed in revolutions per minute (rpm).

ExtremeWare XOS 11.3 Command Reference

529

Commands for Status Monitoring and Statistics

Example
The following command displays the status of the installed fans. If a fan is not installed, the state of the fan is Empty.
show fans

The following is sample output from a BlackDiamond 10K switch:


Right(Rear-facing) FanTray 1 information: State: Operational NumFan: 2 PartInfo: 0340F-00046 454301-00-03 Revision: 3.0 Odometer: 555 days 4 hours 45 minutes 16 seconds since Mar-19-2004 Temperature: 34.25 deg C Upper Fan 1: Operational at 4380 rpms Lower Fan 2: Operational at 4380 rpms Left(Rear-facing) FanTray 2 information: State: Operational NumFan: 2 PartInfo: 0340F-00047 454301-00.03 Odometer: 11845 days 6 hours 55 minutes 39 seconds since Mar-08-2004 Temperature: 28.93 deg C Upper Fan 1: Operational at 4380 rpms Lower Fan 2: Operational at 4320 rpms

The following is sample output from the BlackDiamond 8800 family of switches:
FanTray information: State: NumFan: PartInfo: Revision: Odometer: Upper-Left Fan-1: Middle-Left Fan-2: Lower-Left Fan-3: Upper-Center Fan-4: Center Fan-5: Lower-Center Fan-6: Upper-Right Fan-7: Middle-Right Fan-8: Lower-Right Fan-9: Operational 9 0404X-00015 1.0 111 days 16 Operational Operational Operational Operational Operational Operational Operational Operational Operational

450102-00-01 hours 30 minutes at 2880 RPM at 2820 RPM at 2820 RPM at 2820 RPM at 2820 RPM at 2880 RPM at 2880 RPM at 2820 RPM at 2880 RPM since Oct-13-2004

The following is sample output from a SummitX450 switch:


FanTray information: State: NumFan: Operational 1

History
This command was first available in an ExtremeWare XOS 10.1.

530

ExtremeWare XOS 11.3 Command Reference

show fans Information about the location of the fan tray for the BlackDiamond 10K switch (right or left fan tray) was added to the show fans output in ExtremeWare XOS 11.0. Information about the location of the fan tray for the BlackDiamond 8810 switch (upper-left, middle left, lower-left, upper-center, center, lower-center, upper-right, middle-right, and lower-right) was added to the show fans output in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

531

Commands for Status Monitoring and Statistics

show log
show log {messages [memory-buffer | nvram]} {events {<event-condition> | <event-component>]} {<severity> {only}} {starting [date <date> time <time> | date <date> | time <time>]} {ending [date <date> time <time> | date <date> | time <time>]} {match <regex>} {chronological}

Description
Displays the current log messages.

Syntax Description
messages memory-buffer nvram events event-condition event-component severity only starting date time ending regex chronological Specifies the target location from which to display the log messages. Show messages stored in volatile memory (default). Show messages stored in NVRAM. Show event messages. Specifies the event condition to display. Specifies the event component to display. Specifies the minimum severity level to display (if the keyword only is omitted). Specifies that only the specified severity level is to be displayed Show messages with timestamps equal to or greater than that specified Specifies the date, where date is <month (1-12)> / <day (1-31)> {/ <year (yyyy)>}. Specifies the time, where time is <hour (0-23)> {: <minute (0-59)> {: <seconds (0-59)> {. <hundredths>}}} Show messages with timestamps equal to or less than that specified. Specifies a regular expression. Only messages that match the regular expression will be displayed. Specifies displaying log messages in ascending chronological order (oldest to newest).

Default
The following defaults apply:

messagesmemory buffer eventno restriction (displays user-specified event) severitynone (displays everything stored in the target) starting, endingif not specified, no timestamp restriction matchno restriction chronologicalif not specified, show messages in order from newest to oldest

532

ExtremeWare XOS 11.3 Command Reference

show log

Usage Guidelines
Switch configuration and fault information is filtered and saved to target logs, in a memory buffer, and in NVRAM. Each entry in the log contains the following information:

Timestamprecords the month and day of the event, along with the time (hours, minutes, seconds, and hundredths). Severity Levelindicates the urgency of a condition reported in the log. Table 15 describes the severity levels assigned to events. Component, Subcomponent, and Condition Namedescribes the subsystem in the software that generates the event. This provides a good indication of where a fault might lie. Messagea description of the event occurrence. If the event was caused by a user, the user name is also provided.

This command displays the messages stored in either the internal memory buffer or in NVRAM. The messages shown can be limited by specifying a severity level, a time range, or a match expression. Messages stored in the target have already been filtered as events occurred, and specifying a severity or match expression on the show log command can only further limit the messages shown. If the messages keyword is not present, the messages stored in the memory-buffer target are displayed. Otherwise, the messages stored in the specified target are displayed. If the only keyword is present following the severity value, then only the events at that exact severity are included. Without the only keyword, events at that severity or more urgent are displayed. For example, severity warning implies critical, error, or warning, whereas severity warning only implies only warning. Messages whose timestamps are equal or later than the starting time and are equal or earlier than the specified ending time will be shown if they also pass the severity requirements and match expression, if specified. If a match phrase is specified, the formatted message must match the simple regular expression specified by match-expression for it to be shown. A simple regular expression is a string of single characters including the dot character (.), which are optionally combined with quantifiers and constraints. A dot matches any single character while other characters match only themselves (case is significant). Quantifiers include the star character (*) that matches zero or more occurrences of the immediately preceding character or dot. Constraints include the caret character (^) that matches at the beginning of a message, and the currency character ($) that matches at the end of a message. Bracket expressions are not supported. There are a number of sources available on the Internet and in various language references describing the operation of regular expressions. If the chronological keyword is specified, messages are shown from oldest to newest; otherwise, messages are displayed newest to oldest. Severity Level. The severity levels are critical, error, warning, notice, and info, plus three severity levels for extended debugging, debug-summary, debug-verbose, and debug-data. In log messages, the severity levels are shown by four letter abbreviations. The abbreviated forms are:

CriticalCrit ErrorErro WarningWarn NoticeNoti

ExtremeWare XOS 11.3 Command Reference

533

Commands for Status Monitoring and Statistics


InfoInfo Debug-SummarySumm Debug-VerboseVerb Debug-DataData

The three severity levels for extended debugging, debug-summary, debug-verbose, and debug-data, require that debug mode be enabled (which may cause a performance degradation). See the command enable log debug-mode on page 518. Table 15 describes the security levels.

Table 15: Severity levels assigned by the switch


Level Critical Description A serious problem has been detected that is compromising the operation of the system and that the system cannot function as expected unless the situation is remedied. The switch may need to be reset. A problem has been detected that is interfering with the normal operation of the system and that the system is not functioning as expected. An abnormal condition, not interfering with the normal operation of the system, has been detected that may indicate that the system or the network in general may not be functioning as expected. A normal but significant condition has been detected, which signals that the system is functioning as expected. A normal but potentially interesting condition has been detected, which signals that the system is functioning as expected and simply provides information or confirmation about the condition. A condition has been detected that may interest a developer determining the reason underlying some system behavior. A condition has been detected that may interest a developer analyzing some system behavior at a more verbose level than provided by the debug summary information. A condition has been detected that may interest a developer inspecting the data underlying some system behavior.

Error Warning

Notice Info (Informational)

Debug-Summary Debug-Verbose Debug-Data

Log entries remain in the NVRAM log after a switch reboot. Issuing a clear log command does not remove these static entries. To remove log entries from NVRAM, use the following command:
clear log messages nvram

Example
The following command displays messages with a critical severity:
show log critical

The following command displays messages with warning, error, or critical severity:
show log warning

The following is sample output from a modular switch:


11/12/2004 00:38:10.30 <Warn:dm.Warn> MSM-A: Insufficient Power to power-on Slot-7 11/12/2004 00:38:08.77 <Warn:dm.Warn> MSM-A: Slot-7 being Powered OFF due to insuf ficient power

534

ExtremeWare XOS 11.3 Command Reference

show log
11/12/2004 00:36:23.77 <Warn:dm.Warn> MSM-A: Slot-7 being Powered OFF due to insuf ficient power ... A total of 83 log messages were displayed.

The following command displays messages containing the string slot 2:


show log match "slot 2"

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

535

Commands for Status Monitoring and Statistics

show log components


show log components {<event component>} {version}

Description
Displays the name, description and default severity for all components.

Syntax Description
event component version Specifies the component to display. Specifies the version number of the component.

Default
N/A.

Usage Guidelines
This command displays the name, description, and default severity defined for the specified components or subcomponents. Depending on the software version running on your switch or your switch model, additional or different component information might be displayed.

Example
The following command displays the log components:
show log components

The following is sample output from this command:


Severity Component ------------------AAA RADIUS TACACS ACL CLEARFlow Policy bgp damp event inUpdt keepalive misc msgs outUpdt Title ---------------------------------------------Authentication, Authorization, Accounting Remote Authentication Dial In User Service Terminal Access Controller Access Control Syst ACL CLEARFlow Policy actions Border Gateway Protocol BGP Route Flap Dampening related debug message BGP FSM related events Incoming Update related debug msgs BGP keepalive message Miscellenous debug (Import, Aggregate, NextHop Debug for BGP messages (OPEN, Update, Notifica Transmit Update related debug Threshold ------------Info Error Info Info Info Info Info Error Error Warning Warning Warning Warning Warning

536

ExtremeWare XOS 11.3 Command Reference

show log components


bootp relay server cli shell subagent cm file sys DM Card dosprot ds EAPS SharedPort EDP ELRP Report EPM KLM Msg Upgrade Version ESRP Aware InPdu Nbr OutPdu State System Track Vlan fdb HAL Card FDB IPv4ACL IPv4Adj IPv4FIB IPv4Mc Mirror Msg Port SM Sys VLAN IPMC Snoop VLAN Kern LACP lldp log netTool dnsclient dnsproxy BOOTP, DHCP Component BOOTP Relay trace component DHCP Server subcomponent Command Line Interface CLI configuration shell. CLI application subagent Configuration Manager CM file operation events CM system events Device Manager Device Manager Card State Machine dosprot Directory Services Ethernet Automatic Protection Switching EAPS SharedPort Domain Extreme DIscovery Protocol (EDP) Extreme Loop Recognition Protocol Extreme Process Manager Kernel Loadable Module Manager Message Handler Upgrade Manager Version Manager Extreme Standby Router Protocol Subsystem description Subsystem description Subsystem description Subsystem description ESRP State Transitions Subsystem description Subsystem description Extreme Standby Router Protocol fdb module event Hardware Abstraction Layer Card State Driver Forwarding Database Driver IPv4 Access Control List Driver IPv4 Adjacency Driver IPv4 FIB Driver IPv4 Multicast Driver Mirroring Driver Message Handler I/O Port Driver Switch Manager System Driver VLAN Driver IP Multicast Main Module IP Multicast Snooping Module IP Multicast VLAN Module Kernel messages Link Aggregation Control Protocol Link Layer Discovery Protocol (IEEE 802.1AB) Log server messages netTools framework Dns Client Dns Proxy Error Error Info Info Error Error Warning Warning Warning Info Info Info Error Info Info Error Warning Info Notice Info Info Critical Error Info Info Info Info Warning Warning Warning Info Error Error Info Info Info Info Info Info Error Info Info Info Info Info Info Error Error Error Info Warning Warning Error Error Error

ExtremeWare XOS 11.3 Command Reference

537

Commands for Status Monitoring and Statistics


routeradv sntp nl dot1x mac web NM ospf event hello lsa neighbor spf ospfv3 events lsa nbr pkt route spf pim cache debug hello mcdbg msg nbr rpm pm config POE rip cfg event inUpdt msgs outUpdt sys ripng debug external message route rmon alarm estat event history RtMgr VLAN sflow debug extended msg sample statistics IPv6 Router Advertisements Sntp client Network Login 802.1x-based Network Login MAC-based Network Login Web-based Network Login Node Manager open shortest path first ospf events ospf hello ospf link-state advertisement ospf neighbor ospf shortest path first OSPFv3 related EMS messages OSPF6 events related messages LSA related messages OSPF6 neighbor related EMS messages OSPF6 Packet receive/transmit/processing relat OSPF6 route add/delete related messages SPF computation related messages Pim Protocol Events PIM cache maintenance. PIM debug messages Hello messages multicast forwarding engine Trace for pim control packtes Neighbor creation/deletion etc RP message exchange. Policy Manager Policy file events Inline Power RIP routing rip configuration rip events rip - inbound route updates rip - socket messages in and out rip - outbound route updates rip - exos kernel interface RIPng Protocol Events RIPng debug messages RIPng external interface related messages RIPng control messages Hello messages RMON general info RMON alarm info RMON statistics info RMON event info RMON history Route Manager rtmgr vlan interface Sflow Protocol Events SFLOW debug messages SFLOW extended data collection SFLOW process initializaion related message SFLOW sample collection related messages SFLOW port statistics related message Warning Warning Info Warning Warning Warning Info Error Info Error Error Error Error Warning Error Warning Warning Warning Warning Error Warning Warning Notice Warning Warning Notice Warning Warning Error Info Notice Error Warning Warning Warning Warning Warning Warning Warning Notice Warning Warning Warning Error Error Error Error Error Info Info Warning Notice Notice Warning Warning Warning

538

ExtremeWare XOS 11.3 Command Reference

show log components


STP InBPDU OutBPDU System System telnetd tftpd thttpd trace vlan ack dbg err mac msgs VRRP Advert System Spanning-Tree Protocol STP In Bridge Protocol Data Unit STP Out Bridge Protocol Data Unit STP System XOS system related log messages telnet server tftp server thttp server Debug trace messages Vlan mgr vlan ack Debug information errors Virtual MAC Debugging Messages Config/State messages Subsystem description System/Library messages Error Warning Warning Error Info Info Info Info Warning Info Error Info Error Info Info Warning Warning Warning

A total of 143 component(s) were displayed.

The following command displays the version number of the VRRP component:
show log components vrrp version

The following is sample output from this command:


Component ------------------VRRP Advert System Title Version ---------------------------------------------- ------Config/State messages 2.4 Subsystem description 3.1 System/Library messages 3.2

A total of 3 component(s) were displayed.

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

539

Commands for Status Monitoring and Statistics

show log configuration


show log configuration

Description
Displays the log configuration for switch log settings, and for certain targets.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command displays the log configuration for all targets. The state of the target, enabled or disabled is displayed. For the enabled targets, the associated filter, severity, match expression, and format is displayed. The debug mode state of the switch is also displayed.

Example
The following command displays the configuration of all the log targets and all existing filters:
show log configuration

The following is sample output from this command:


Debug-Mode: Enabled Log Target Enabled ? Filter Name Match regex Severity Format ion> Buffer size Log Target Enabled ? Filter Name Match regex Severity Format ion> Log Target Enabled ? : : : : : : memory-buffer yes DefaultFilter Any Debug-Data (through Critical) MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit

: 1000 messages : : : : : : nvram yes DefaultFilter Any Warning (through Critical) MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit

: console : no

540

ExtremeWare XOS 11.3 Command Reference

show log configuration


Filter Name Match regex Severity Format ion> : : : : DefaultFilter Any Info (through Critical) MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit

Log Filter Name: DefaultFilter I/ E Comp. Sub-comp. Condition - ------- ----------- ----------------------I All Log Filter Name: myFilter I/ E Comp. Sub-comp. Condition - ------- ----------- ----------------------I STP Include/Exclude: Component Unreg: Severity Values: Debug Severity :

Severity CEWNISVD ---------------

Severity CEWNISVD ---------------

I - Include, E - Exclude * - Component/Subcomponent is not currently registered C - Critical, E - Error, W - Warning, N - Notice, I - Info S - Debug-Summary, V - Debug-Verbose, D - Debug-Data + - Debug Severities, but log debug-mode not enabled If Match parameters present: Parameter Flags: S - Source, D - Destination, (as applicable) I - Ingress, E - Egress, B - BGP Parameter Types: Port - Physical Port list, Slot - Physical Slot # MAC - MAC address, IP - IP Address/netmask, Mask - Netmask VID - Virtual LAN ID (tag), VLAN - Virtual LAN name L4 - Layer-4 Port #, Num - Number, Str - String Nbr - Neighbor, Rtr - Routerid, EAPS - EAPS Domain Proc - Process Name Strict Match : Y - every match parameter entered must be present in the event N - match parameters need not be present in the event

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

541

Commands for Status Monitoring and Statistics

show log configuration filter


show log configuration filter {<filter name>}

Description
Displays the log configuration for the specified filter.

Syntax Description
filter name Specifies the filter to display.

Default
If no options are specified, the command displays the configuration for all filters.

Usage Guidelines
This command displays the configuration for filters.

Example
The following command displays the configuration for the filter, myFilter:
show log configuration filter myFilter

The following is sample output from this command:


Log Filter Name: myFilter I/ E Comp. Sub-comp. Condition - ------- ----------- ----------------------I STP I aaa Severity CEWNISVD ----------------------

Include/Exclude: I - Include, E - Exclude Component Unreg: * - Component/Subcomponent is not currently registered Severity Values: C - Critical, E - Error, W - Warning, N - Notice, I - Info * - Pre-assigned severities in effect for specified component Debug Severity : S - Debug-Summary, V - Debug-Verbose, D - Debug-Data + - Debug Severities, but log debug-mode not enabled If Match parameters present: Parameter Flags: S - Source, D - Destination, (as applicable) I - Ingress, E - Egress, B - BGP Parameter Types: Port - Physical Port list, Slot - Physical Slot # MAC - MAC address, IP - IP Address/netmask, Mask - Netmask VID - Virtual LAN ID (tag), VLAN - Virtual LAN name L4 - Layer-4 Port #, Num - Number, Str - String Nbr - Neighbor, Rtr - Routerid, EAPS - EAPS Domain Proc - Process Name

542

ExtremeWare XOS 11.3 Command Reference

show log configuration filter


Strict Match : Y - every match parameter entered must be present in the event N - match parameters need not be present in the event

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

543

Commands for Status Monitoring and Statistics

show log configuration target


show log configuration target {console | memory-buffer | nvram | primarymsm | backup-msm | session | syslog {<ipaddress> | <ipPort> | vr <vr_name>} [local0 ... local7]}

Description
Displays the log configuration for the specified target.

Syntax Description
console memory-buffer nvram primary-msm backup-msm session syslog ipaddress ipPort vr_name Show the log configuration for the console display. Show the log configuration for volatile memory. Show the log configuration for NVRAM. Specifies the primary MSM. NOTE: This parameter is available only on modular switches. Specifies the backup MSM. NOTE: This parameter is available only on modular switches Show the log configuration for the current session (including console display). Show the configuration for the specified syslog target. Specifies the syslog IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. local0 ... local7 Specifies the local syslog facility.

Default
If no options are specified, the command displays the configuration for the current session and console display. If a virtual router is not specified, VR-Mgmt is used.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

This command displays the log configuration for the specified target. The associated filter, severity, match expression, and format is displayed.

544

ExtremeWare XOS 11.3 Command Reference

show log configuration target

Example
The following command displays the log configuration:
show log configuration target

The following is sample output from this command:


Log Target Enabled ? Filter Name Match regex Severity Format ion> Buffer size Log Target Enabled ? Filter Name Match regex Severity Format ion> Log Target Enabled ? Filter Name Match regex Severity Format ion> Log Target Enabled Filter Name Match regex Severity Log Target Enabled Filter Name Match regex Severity : : : : : : memory-buffer yes DefaultFilter Any Debug-Data (through Critical) MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit

: 1000 messages : : : : : : nvram yes DefaultFilter Any Warning (through Critical) MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit

: : : : : :

console no DefaultFilter Any Info (through Critical) MM/DD/YYYY HH:MM:SS.hh <Severity:Component.SubComponent.Condit

: : : : : : : : : :

primary-msm yes DefaultFilter Any Error (through Critical) backup-msm yes DefaultFilter Any Error (through Critical)

History
This command was first available in ExtremeWare XOS 10.1. The primary-msm and backup-msm options were first available in ExtremeWare XOS 11.0. The ipPort parameter was first available in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

545

Commands for Status Monitoring and Statistics

Platform Availability
This command is available on all platforms.

546

ExtremeWare XOS 11.3 Command Reference

show log counters

show log counters


show log counters {<event condition> | [all | <event component>]} {include | notified | occurred} {severity <severity> {only}}}

Description
Displays the incident counters for events.

Syntax Description
event condition all event component include notified occurred severity only Specifies the event condition to display. Specifies that all events are to be displayed. Specifies that all the events associated with a particular component or subcomponent should be displayed. Specifies if one or more targets should be included in this event. Specifies the number of times this event has occurred. Specifies the number of times this event has occurred since the last clear or reboot. Specifies the minimum severity level of events to display (if the keyword only is omitted). Specifies that only events of the specified severity level are to be displayed

Default
If severity is not specified, then events of all severity are displayed.

Usage Guidelines
This command displays the incident counters for each event specified. Two incident counters are displayed. One counter displays the number of times an event has occurred, and the other displays the number of times that notification for the event was made to the system (an incident record was injected into the system for further processing). Both incident counters reflect totals accumulated since reboot or since the counters were cleared using the clear log counters or clear counters command, regardless of whether it was filtered or not. The keywords include, notified, and occurred only display events with non-zero counter values for the corresponding counter. This command also displays a reference count (the column titled Rf in the output). The reference count is the number of enabled targets receiving notifications of this event. See the command show log on page 532 for more information about severity levels. To get a listing of the event conditions in the system, use the following command:
show log events

ExtremeWare XOS 11.3 Command Reference

547

Commands for Status Monitoring and Statistics To get a listing of the components present in the system, use the following command:
show log components

Example
The following command displays the event counters for event conditions of severity debug-summary or greater in the component STP.InBPDU:
show log counters stp.inbpdu severity debug-summary

The following is sample output from this command:


Comp ------STP STP STP SubComp ----------InBPDU InBPDU InBPDU Condition ----------------------Drop Ign Mismatch Severity Occurred ------------- -------Error 0 Debug-Summary 0 Warning 0 In Notified -- -------Y 0 N 0 Y 0

Occurred : Flags : In(cluded): Notified :

# of times this event has occurred since last clear or reboot (*) Not all applications responded in time with there count values Set to Y(es) if one or more targets filter includes this event # of times this event has occurred when 'Included' was Y(es)

The following command displays the event counters for the event condition PDUDrop in the component STP.InBPDU:
show log counters "STP.InBPDU.Drop"

The following is sample output from this command:


Comp SubComp Condition Severity Occurred ------- ----------- ----------------------- ------------- -------STP InBPDU Drop Error 0 Occurred : Flags : In(cluded): Notified : In Notified -- -------Y 0

# of times this event has occurred since last clear or reboot (*) Not all applications responded in time with there count values Set to Y(es) if one or more targets filter includes this event # of times this event has occurred when 'Included' was Y(es)

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

548

ExtremeWare XOS 11.3 Command Reference

show log events

show log events


show log events [<event condition> | [all | <event component>] {severity <severity> {only}}] {details}

Description
Displays information about the individual events (conditions) that can be logged.

Syntax Description
event condition all event component severity only details Specifies the event condition to display. Specifies that all events are to be displayed. Specifies that all the events associated with a particular component should be displayed. Specifies the minimum severity level of events to display (if the keyword only is omitted). Specifies that only events of the specified severity level are to be displayed. Specifies that detailed information, including the message format and parameter types, be displayed.

Default
If severity is not specified, then events of all severity are displayed. If detail is not specified, then summary only information is displayed.

Usage Guidelines
This command displays the mnemonic, message format, severity, and parameter types defined for each condition in the event set specified. See the command show log on page 532 for more information about severity levels. When the detail option is specified, the message format is displayed for the event conditions specified. The message format parameters are replaced by the value of the parameters when the message is generated. To get a listing of the components present in the system, use the following command:
show log components

Example
The following command displays the event conditions of severity debug-summary or greater in the component STP.InBPDU:
show log events stp.inbpdu severity debug-summary

ExtremeWare XOS 11.3 Command Reference

549

Commands for Status Monitoring and Statistics The following is sample output from this command:
Comp ------STP STP STP SubComp ----------InBPDU InBPDU InBPDU Condition ----------------------Drop Ign Mismatch Severity Parameters ------------- ---------Error 2 total Debug-Summary 2 total Warning 2 total

The following command displays the details of the event condition PDUTrace in the component STP.InBPDU:
show log events stp.inbpdu.pdutrace details

The following is sample output from this command:


Comp SubComp Condition Severity Parameters ------- ----------- ----------------------- ------------- ---------STP InBPDU Trace Debug-Verbose 2 total 0 - string 1 - string (printf) Port=%0%: %1%

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

550

ExtremeWare XOS 11.3 Command Reference

show ports rxerrors

show ports rxerrors


show ports {<port_list>} rxerrors {no-refresh}

Description
Displays real-time receive error statistics. The switch automatically refreshes the output unless otherwise specified.

Syntax Description
port_list no-refresh Specifies one or more ports or slots and ports. Specifies that auto-refresh is disabled. The output provides a real-time snapshot of the receive errors at the time the command is issued. This setting is not saved.

Default
The switch automatically refreshes the output.

Usage Guidelines
If you do not specify a port number or range of ports, receive error statistics are displayed for all ports. If you do not specify the no-refresh parameter, the switch automatically refreshes the output (this is the default behavior). If you specify the no-refresh parameter, the output provides a snapshot of the real-time receive error statistics at the time you issue the command and displays the output in page-by-page mode (this was the default behavior in ExtremeWare XOS 11.2 and earlier). This setting is not saved; therefore, you must specify the no-refresh parameter each time you want a snapshot of the port receive errors. This status information may be useful for your technical support representative if you have a network problem. Collected Port Receive Error Information. The switch collects the following port receive error information:

Port Number Link StatusThe current status of the link. Options are:

Active (A)The link is present at this port. Ready (R)The port is ready to accept a link. Not Present (NP)The port is configured, but the module is not installed in the slot (modular switches only).

Receive Bad CRC Frames (RX CRC)The total number of frames received by the port that were of the correct length, but contained a bad FCS value. Receive Oversize Frames (RX Over)The total number of good frames received by the port greater than the supported maximum length of 1,522 bytes.

ExtremeWare XOS 11.3 Command Reference

551

Commands for Status Monitoring and Statistics

Receive Undersize Frames (RX Under)The total number of frames received by the port that were less than 64 bytes long. Receive Fragmented Frames (RX Frag)The total number of frames received by the port were of incorrect length and contained a bad FCS value. Receive Jabber Frames (RX Jabber)The total number of frames received by the port that was of greater than the support maximum length and had a Cyclic Redundancy Check (CRC) error. Receive Alignment Errors (RX Align)The total number of frames received by the port that occurs if a frame has a CRC error and does not contain an integral number of octets. Receive Frames Lost (RX Lost)The total number of frames received by the port that were lost because of buffer overflow in the switch.

Port Monitoring Display Keys. For information about the available port monitoring display keys, see the show ports statistics command.

Example
The following command displays receive error statistics for slot 5, ports 4 through 7 on a modular switch with auto-refresh disabled:
show ports 5:4-5:7 rxerrors no-refresh

The following is sample output from this command:


Port Rx Error monitor Port Link Rx Rx Rx Rx Rx Rx Rx State Crc Over Under Frag Jabber Align Lost ================================================================================ 5:4 R 0 0 0 0 0 0 0 5:5 R 0 0 0 0 0 0 0 5:6 R 0 0 0 0 0 0 0 5:7 R 0 0 0 0 0 0 0 ================================================================================ Link Status: A-Active, R-Ready, NP-Port not present

The following command displays receive error statistics for all ports on the Summit X450 switch with auto-refresh enabled (the default behavior):
show ports rxerrors

The following is sample truncated output from this command:


Port Rx Error Monitor Port Tue Jul 5 15:07:13 UTC 2005

Link Rx Rx Rx Rx Rx Rx Rx State Crc Over Under Frag Jabber Align Lost ================================================================================ 1 R 0 0 0 0 0 0 2 R 0 0 0 0 0 0 3 R 0 0 0 0 0 0 4 R 0 0 0 0 0 0 5 R 0 0 0 0 0 0 6 R 0 0 0 0 0 0 7 R 0 0 0 0 0 0 8 R 0 0 0 0 0 0

0 0 0 0 0 0 0 0

552

ExtremeWare XOS 11.3 Command Reference

show ports rxerrors


9 R 0 0 0 0 0 0 10 R 0 0 0 0 0 0 11 R 0 0 0 0 0 0 12 R 0 0 0 0 0 0 13 R 0 0 0 0 0 0 14 R 0 0 0 0 0 0 15 R 0 0 0 0 0 0 16 R 0 0 0 0 0 0 17 R 0 0 0 0 0 0 ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present 0->Clear Counters U->page up D->page down ESC->exit 0 0 0 0 0 0 0 0 0

History
This command was first available in ExtremeWare XOS 10.1. The link status information was updated to include NP-Port not present in ExtremeWare XOS 11.2. Support for the auto-refresh functionality and the no-refresh parameter were added in ExtremeWare XOS 11.3. Auto-refresh continually updates the display. The no-refresh parameter takes a real-time snapshot of the display at the time you issue the command.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

553

Commands for Status Monitoring and Statistics

show ports statistics


show ports {<port_list>} statistics {no-refresh}

Description
Displays real-time port statistic information. The switch automatically refreshes the output unless otherwise specified.

Syntax Description
port_list no-refresh Specifies one or more ports or slots and ports. Specifies that auto-refresh is disabled. The output provides a real-time snapshot of the port statistics at the time the command is issued. This setting is not saved.

Default
The switch automatically refreshes the output.

Usage Guidelines
If you do not specify a port number or range of ports, statistics are displayed for all ports. If you do not specify the no-refresh parameter, the switch automatically refreshes the output (this is the default behavior). If you specify the no-refresh parameter, the output provides a snapshot of the real-time port statistics at the time you issue the command and displays the output in page-by-page mode (this was the default behavior in ExtremeWare XOS 11.2 and earlier). This setting is not saved; therefore, you must specify the no-refresh parameter each time you want a snapshot of the port statistics. Jumbo frame statistics are displayed for switches only that are configured for jumbo frame support. This status information may be useful for your technical support representative if you have a network problem. Collected Port Statistics. The switch collects the following port statistic information:

Port Number Link StatusThe current status of the link. Options are:

Active (A)The link is present at this port. Ready (R)The port is ready to accept a link. Not Present (NP)The port is configured, but the module is not installed in the slot (modular switches only).

Transmitted Packet Count (Tx Pkt Count)The number of packets that have been successfully transmitted by the port. Transmitted Byte Count (Tx Byte Count)The total number of data bytes successfully transmitted by the port.

554

ExtremeWare XOS 11.3 Command Reference

show ports statistics

Received Packet Count (Rx Pkt Count)The total number of good packets that have been received by the port. Received Byte Count (RX Byte Count)The total number of bytes that were received by the port, including bad or lost frames. This number includes bytes contained in the Frame Check Sequence (FCS), but excludes bytes in the preamble. Received Broadcast (RX Bcast)The total number of frames received by the port that are addressed to a broadcast address. Received Multicast (RX Mcast)The total number of frames received by the port that are addressed to a multicast address.

Port Monitoring Display Keys. Table 16 describes the keys used to control the display that appears if autorefresh is enabled (the default behavior).

Table 16: Port monitoring display keys with auto-refresh enabled


Key(s) U D [Esc] 0 Description Displays the previous page of ports. Displays the next page of ports. Exits from the screen. Clears all counters.

Table 17 describes the keys used to control the display that appears if you auto-refresh is disabled.

Table 17: Port monitoring displays keys with auto-refresh disabled


Key Q [Space] Description Exits from the screen. Displays the next page of ports.

Example
The following command displays port statistics for slot 1, ports 1 through 2 on a modular switch with auto-refresh disabled:
show ports 1:1-1:2 statistics no-refresh

The following is sample output from this command:


Port Statistics Port Link Tx Pkt Tx Byte Rx Pkt Rx Byte Rx Rx Status Count Count Count Count Bcast Mcast ================================================================================ 1:1 A 7241 2722608 14482 3968068 0 0 1:2 R 0 0 0 0 0 0 ================================================================================ Link Status: A-Active, R-Ready, NP-Port not present

The following command displays port statistics for all ports on the Summit X450 switch with autorefresh enabled (the default behavior):
show ports statistics

ExtremeWare XOS 11.3 Command Reference

555

Commands for Status Monitoring and Statistics The following is sample truncated output from this command:
Port Statistics Tue Jul 5 14:18:34 UTC 2005 Port Link Tx Pkt Tx Byte Rx Pkt Rx Byte Rx Rx Status Count Count Count Count Bcast Mcast ================================================================================ 1 R 0 0 0 0 0 0 2 R 0 0 0 0 0 0 3 R 0 0 0 0 0 0 4 R 0 0 0 0 0 0 5 R 0 0 0 0 0 0 6 R 0 0 0 0 0 0 7 R 0 0 0 0 0 0 8 R 0 0 0 0 0 0 9 R 0 0 0 0 0 0 10 R 0 0 0 0 0 0 11 R 0 0 0 0 0 0 12 R 0 0 0 0 0 0 13 R 0 0 0 0 0 0 14 R 0 0 0 0 0 0 15 R 0 0 0 0 0 0 16 R 0 0 0 0 0 0 17 R 0 0 0 0 0 0 ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present 0->Clear Counters U->page up D->page down ESC->exitPort Statistics

History
This command was first available in ExtremeWare XOS 10.1. The link status information was updated to include NP-Port not present in ExtremeWare XOS 11.2. Support for the auto-refresh functionality and the no-refresh parameter were added in ExtremeWare XOS 11.3. Auto-refresh continually updates the display. The no-refresh parameter takes a real-time snapshot of the display at the time you issue the command.

Platform Availability
This command is available on all platforms.

556

ExtremeWare XOS 11.3 Command Reference

show ports txerrors

show ports txerrors


show ports {<port_list>} txerrors {no-refresh}

Description
Displays real-time transmit error statistics. The switch automatically refreshes the output unless otherwise specified.

Syntax Description
port_list no-refresh Specifies one or more ports or slots and ports. Specifies that auto-refresh is disabled. The output provides a real-time snapshot of the transmit errors at the time the command is issued. This setting is not saved.

Default
The switch automatically refreshes the output.

Usage Guidelines
If you do not specify a port number or range of ports, error statistics are displayed for all ports. If you do not specify the no-refresh parameter, the switch automatically refreshes the output (this is the default behavior). If you specify the no-refresh parameter, the output provides a snapshot of the real-time transmit error statistics at the time you issue the command and displays the output in page-by-page mode (this was the default behavior in ExtremeWare XOS 11.2 and earlier). This setting is not saved; therefore, you must specify the no-refresh parameter each time you want a snapshot of the port transmit errors. This status information may be useful for your technical support representative if you have a network problem. Collected Port Transmit Error Information. The switch collects the following port transmit error information:

Port Number Link StatusThe current status of the link. Options are:

Active (A)The link is present at this port. Ready (R)The port is ready to accept a link. Not Present (NP)The port is configured, but the module is not installed in the slot (modular switches only).

Transmit Collisions (TX Coll)The total number of collisions seen by the port, regardless of whether a device connected to the port participated in any of the collisions. Transmit Late Collisions (TX Late Coll)The total number of collisions that have occurred after the ports transmit window has expired.

ExtremeWare XOS 11.3 Command Reference

557

Commands for Status Monitoring and Statistics

Transmit Deferred Frames (TX Deferred)The total number of frames that were transmitted by the port after the first transmission attempt was deferred by other network traffic. Transmit Errored Frames (TX Errors)The total number of frames that were not completely transmitted by the port because of network errors (such as late collisions or excessive collisions). Transmit Lost Frames (TX Lost)The total number of transmit frames that do not get completely transmitted because of buffer problems (FIFO underflow). Transmit Parity Frames (TX Parity)The bit summation has a parity mismatch.

Port Monitoring Display Keys. For information about the available port monitoring display keys, see the show ports statistics command.

Example
The following command displays transmit error statistics for slot 5, ports 4 through 7 on a modular switch with auto-refresh disabled:
show ports 5:4-5:7 txerrors no-refresh

The following is sample output from this command:


Port Transmission errors Port Link Tx Tx Tx Tx Tx Tx State Coll Late coll Deferred Errors Lost Parity ================================================================================ 5:4 R 0 0 0 0 0 0 5:5 R 0 0 0 0 0 0 5:6 R 0 0 0 0 0 0 5:7 R 0 0 0 0 0 0 ================================================================================ Link Status: A-Active, R-Ready, NP-Port not present

The following command displays transmit error statistics for all ports on a Summit X450 switch:
show ports txerrors

The following is sample truncated output from this command:


Port Tx Error Monitor Tue Jul 5 15:07:13 UTC 2005 Port Link Tx Tx Tx Tx Tx Tx State Coll Late coll Deferred Errors Lost Parity ================================================================================ 1 R 0 0 0 0 0 0 2 R 0 0 0 0 0 0 3 R 0 0 0 0 0 0 4 R 0 0 0 0 0 0 5 R 0 0 0 0 0 0 6 R 0 0 0 0 0 0 7 R 0 0 0 0 0 0 8 R 0 0 0 0 0 0 9 R 0 0 0 0 0 0 10 R 0 0 0 0 0 0 11 R 0 0 0 0 0 0 12 R 0 0 0 0 0 0 13 R 0 0 0 0 0 0 14 R 0 0 0 0 0 0

558

ExtremeWare XOS 11.3 Command Reference

show ports txerrors


15 R 0 0 0 0 0 0 16 R 0 0 0 0 0 0 17 R 0 0 0 0 0 0 ================================================================================ Link Status : A-Active, R-Ready, NP-Port Not Present 0->Clear Counters U->page up D->page down ESC->exitPort Tx Error

History
This command was first available in ExtremeWare XOS 10.1. The link status information was updated to include NP-Port not present in ExtremeWare XOS 11.2. Support for the auto-refresh functionality and the no-refresh parameter were added in ExtremeWare XOS 11.3. Auto-refresh continually updates the display. The no-refresh parameter takes a real-time snapshot of the display at the time you issue the command.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

559

Commands for Status Monitoring and Statistics

show rmon memory


show rmon memory {detail | <memoryType>}

Description
Displays RMON specific memory usage and statistics.

Syntax Description
detail memoryType Displays detailed information. Specifies the type of memory usage and statistics to display.

Default
N/A.

Usage Guidelines
If you do not specify the detailed keyword or a enter a specific RMON memory type, the output contains usage information for all memory types.

Example
The following command displays RMON memory statistics:
show rmon memory

The following is sample output from this command:


RMON Memory Information ---------------------Bytes Allocated: 14298032 AllocFailed: 0 Current Memory Utilization Level: GREEN Memory Utilization Statistics ----------------------------Size 16 32 48 64 80 96 112 128 144 176 208 256 384 5 12 768 1024 2048 4096 8192 16384 18432 40960 64000 --------- ------ ------ ------ ------ ------ ------ ------ ------ ------ ------ ----- ------ ------ ----- ------ ------ ------ ------ ------ ------ ------ ------ -----Used Blocks 1558 3 2490 1 0 0 0 1 1 0 63444 1 1869 0 311 0 0 0 0 0 0 0 0 rmonEstat 0 0 0 0 0 0 0 0 0 0 0 0 311 0 0 0 0 0 0 0 0 0 0

560

ExtremeWare XOS 11.3 Command Reference

show rmon memory


rmonOwner 1555 0 0 0 0 0 0 rmonHisc 0 0 0 1244 0 0 0 0 rmonHist 0 63444 0 0 0 0 0 0 rmonAlarm 0 0 0 3 0 0 0 0 rmonLogDescription 0 0 0 0 0 0 0 0 rmonLog 0 0 0 0 0 0 0 0 rmonEvent 0 0 0 0 0 0 0 0 rmonEventDescription 0 0 0 0 0 0 0 rmonEventCommunity 0 0 0 0 0 0 0 0 rmonCommunity 1 0 0 0 0 0 0 0 rmonDs 0 0 0 0 0 311 0 0 rmonDbx 0 0 0 0 0 0 0 0 rmonOid 0 0 0 311 0 0 0 0 rmonMdbIndexOid 2 0 0 0 0 0 0 0 rmonMdbString 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 2490 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

The following command displays RMON event statistics:


show rmon memory rmonEvent

ExtremeWare XOS 11.3 Command Reference

561

Commands for Status Monitoring and Statistics The following is sample output from this command:
RMON Memory Information ---------------------Bytes Allocated: 14298032 AllocFailed: 0 Current Memory Utilization Level: GREEN Memory Utilization Statistics ----------------------------Memory Statistics for rmonEvent -------------------------------Size 16 32 48 64 80 96 112 128 144 176 208 256 384 512 768 1024 2048 4096 8192 16384 18432 40960 64000 --------- ------ ------ ------ ------ ------ ------ ------ ------ ------ ------ ----- ------ ------ ----- ------ ------ ------ ------ ------ ------ ------ ------ -----Alloced 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 AllocedPeak 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 AllocSuccess 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 FreeSuccess 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 AllocFail 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 FreeFail 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

562

ExtremeWare XOS 11.3 Command Reference

show sflow configuration

show sflow configuration


show sflow {configuration}

Description
Displays the current sFlow configuration.

Syntax Description
This command has no arguments or variables

Default
N/A.

Usage Guidelines
This command displays the sFlow configuration of your system. The following fields are displayed:

Global StatussFlow is globally enabled or disabled Polling intervalHow often the hardware is polled for statistics, in seconds Sampling ratePackets are sampled, on average, once for every rate-number of packets Maximum cpu sample limitMaximum number of packets per second sampled before sample throttling takes effect Agent IPIP address inserted into the sFlow data packets to identify the sFlow switch CollectorsTo which IP address and port, and from which virtual router, the sFlow packets are sent Port StatusEnabled or disabled for statistics gathering Port Sample-rateShows the sampling rate configured for the port and the actual rate if CPU throttling has taken effect Port Subsampling factorSee the command configure sflow ports sample-rate for details

Example
To display the sFlow configuration on your system, use the following command:
show sflow

The output from this command is similar to the following:


SFLOW Global Configuration Global Status: enabled Polling interval: 20 Sampling rate: 8192 Maximum cpu sample limit: 2000 SFLOW Configured Agent IP: 10.203.2.38 Operational Agent IP: 10.203.2.38 Collectors

ExtremeWare XOS 11.3 Command Reference

563

Commands for Status Monitoring and Statistics


Collector IP 10.201.6.250, Port 6343, VR "VR-Mgmt" SFLOW Port Configuration Port Status Sample-rate Subsampling Config / Actual factor 1:41 enabled 8192 / 8192 1 2:40 enabled 1024 / 1024 1 2:58 enabled 8192 / 8192 8 2:59 enabled 8192 / 8192 8

History
This command was first available in an ExtremeWare XOS 11.0.

Platform Availability
This command is available on all available platforms.

564

ExtremeWare XOS 11.3 Command Reference

show sflow statistics

show sflow statistics


show sflow statistics

Description
Displays sFlow statistics.

Syntax Description
This command has no arguments or variables

Default
N/A.

Usage Guidelines
This command displays sFlow statistics for your system. The following fields are displayed:

Received framesNumber of frames received on sFlow enabled ports Sampled FramesNumber of packets that have been sampled by sFlow Transmitted FramesNumber of UDP packets sent to remote collector(s) Broadcast FramesNumber of broadcast frames received on sFlow enabled ports Multicast FramesNumber of multicast frames received on sFlow enabled ports Packet DropsNumber of samples dropped

Example
To display sFlow statistics for your system, use the following command:
show sflow statistics

The output from this command is similar to the following:


SFLOW Statistics Received frames Sampled Frames Transmitted Frames Broadcast Frames Multicast Frames Packet Drops : : : : : : 1159044921 104944 10518 0 1055652 0

History
This command was first available in an ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

565

Commands for Status Monitoring and Statistics

Platform Availability
This command is available on all available platforms.

566

ExtremeWare XOS 11.3 Command Reference

show temperature

show temperature
show temperature

Description
Depending on the platform, this command displays the current temperature of the I/O modules, management modules, power supply controllers, XGM-2xn card, and the switch.

Syntax Description
This command has no arguments or variables

Default
N/A.

Usage Guidelines
Depending on the software version running on your switch or your switch model, additional or different temperature information might be displayed. Modular Switches Only. Use this command to display the temperature in Celsius and the current status of the following installed components in the switch:

Management modules (MSM) I/O modules Power controllers

The switch monitors the temperature of each component and generates a warning if the temperature exceeds the normal operating range. If the temperature exceeds the minimum/maximum limits, the switch shuts down the overheated module. Summit X450 Switch Only. Use this command to display the temperature in Celsius and the current status of the following components:

Switch XGM-2xn card

The switch monitors its temperature and generates a warning if the temperature exceeds the normal operating range. If the temperature exceeds the maximum limit, the show switch output indicates the switch in an OPERATIONAL (Overheat) mode, and the show temperature output indicates an error state due to overheat. Displaying the Temperature of Other Installed ComponentsModular Switches Only. You can also view the temperature of the power supplies and the fan trays in the switch. To view the temperature of the power supplies installed in a modular switch, use the following command:
show power {<ps_num>} {detail}

ExtremeWare XOS 11.3 Command Reference

567

Commands for Status Monitoring and Statistics To view the temperature of the fan trays installed in the BlackDiamond 10K switch, use the following command:
show fans {detail}

Example
Depending on the platform, the following command displays the temperature of various switch components:
show temperature

The following is sample output from a modular switch:


Field Replaceable Units Temp (C) Status -----------------------------------------------Slot-1 : 10G6X 36.37 Normal Slot-2 : G60X 35.31 Normal Slot-3 : Slot-4 : Slot-5 : Slot-6 : G60X 34.68 Normal Slot-7 : G60X 34.31 Normal Slot-8 : MSM-A : MSM-1XL 31.37 Normal MSM-B : MSM-1XL 29.75 Normal PSUCTRL-1 : PSUCTRL-2 : 29.00 Normal Temp Range: -10.00 (Min), 0.00-50.00 (Normal), 60.00 (Max)

The following is sample output from a Summit X450 switch:


Field Replaceable Units Temp (C) Status -----------------------------------------------Switch : SummitX450-24x 42.50 Normal XGM-2xn-1 : Temp Range: -10.00 (Min), 0.00-60.50 (Normal), 62.90 (Max)

History
This command was first available in an ExtremeWare XOS 10.1. Information about the power controller(s), a component status column, and the minimum, normal, and maximum temperature ranges of the components was added to the show temperature output in ExtremeWare XOS 11.0. Information about the XGM-2xn card was added to the show temperature output in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

568

ExtremeWare XOS 11.3 Command Reference

show version

show version
show version {detail | process <name> | images {partition <partition>} {msm <slotid>} }

Description
Displays the hardware serial and version numbers, the software version currently running on the switch, and (if applicable) the software version running on the modules and power controllers.

Syntax Description
detail process name images partition slotid Specifies display of slot board name and chassis or platform name. Specifies display of all of the processes on the switch. Specifies display of a specific process on the switch. Specifies the display of installed images. Specifies display of a specific partition (primary or secondary). Specifies display of an MSM in a specific slot (A or B). NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
The following describes the information displayed when you execute the show version or show
version detail commands:

Part NumberA collection of numbers and letters that make up the part number of the switch and when applicable the hardware components installed in a modular switch. Serial NumberA collection of numbers and letters that make up the serial number of the switch and when applicable the hardware components installed in a modular switch. NOTE
For information about the physical location of the serial number on your switch, refer to the section that describes your specific switch model in the Extreme Networks Consolidated XOS Hardware Guide.

ImageThe ExtremeWare XOS software version currently running on the switch. If you have two software images downloaded on the switch, only the currently running ExtremeWare XOS version information is displayed. The information displayed includes the version number, build number, and the software build date. BootROMThe BootROM version currently running on the switch.

Depending on the model of your switch and the software running on your switch, different version information may be displayed.

ExtremeWare XOS 11.3 Command Reference

569

Commands for Status Monitoring and Statistics If you use the process option, you will see the following information about the processes running on the switch:

CardThe location (MSM) where the process is running on a modular switch. Process NameThe name of the process. VersionThe version number of the process. BuiltByThe name of the software build manager. Link DateThe date the executable was linked.

Example
The following command displays the hardware and software versions currently running on the switch:
show version

The following is sample output from a modular switch:


Chassis Slot-1 Slot-2 Slot-3 Slot-4 Slot-5 Slot-6 Slot-7 Slot-8 Slot-9 Slot-10 MSM-A MSM-B PSUCTRL-1 PSUCTRL-2 Image : : : : : : : : : : : : : : : 800129-00-01 04224-00008 Rev 1.0

800115-00-02 04314-00005 Rev 2.0 BootROM: 1.0.0.22 800115-00-02 04314-00061 Rev 2.0 BootROM: 1.0.0.22 800112-00-02 04304-00005 Rev 2.0 BootROM: 1.0.0.20 800113-00-03 04284-00010 Rev 3.0 BootROM: 1.0.0.20 800113-00-03 04304-00031 Rev 3.0 BootROM: 1.0.0.22

IMG: 11.1.0.14 IMG: 11.1.0.14 IMG: 11.1.0.14 IMG: 11.1.0.14 IMG: 11.1.0.14

800112-00-02 04304-00005 Rev 2.0 BootROM: 1.0.0.14 700087-00-03 04254-00033 Rev 3.0 BootROM: 0.0 700087-00-03 04254-00096 Rev 3.0 BootROM: 0.0

IMG: 11.1.0.14 IMG: IMG:

: ExtremeWare XOS version 11.1.0.14 v1110b14 by release-manager on Fri Sep 17 00:33:41 PDT 2004 BootROM : 1.0.0.14

The following is sample output from the Summit X450 switch:


Switch : 800132-00-01 0452G-01524 Rev 1.0 BootROM: 1.0.0.4 XGM-2xn-1 : Image IMG:

: ExtremeWare XOS version 11.2.0.14 v1120b14 by release-manager on Thu Mar 31 09:33:26 PST 2005 BootROM : 1.0.0.4

Using the process option of the show version command produces output similar to the following on a modular switch:
Card Process Name Version BuiltBy Link Date --------------------------------------------------------------------------MSM-A aaa 3.0.0.2 release-manager Thu Mar 31 09:23:54 PST MSM-A acl 3.0.0.2 release-manager Thu Mar 31 09:26:46 PST MSM-A bgp 3.0.0.2 release-manager Thu Mar 31 09:27:54 PST MSM-A cfgmgr 3.0.0.21 release-manager Thu Mar 31 09:23:42 PST

2005 2005 2005 2005

570

ExtremeWare XOS 11.3 Command Reference

show version
MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A MSM-A .... cli devmgr dirser eaps edp elrp ems epm esrp 3.0.0.22 3.0.0.2 3.0.0.2 3.0.0.8 3.0.0.2 3.0.0.1 3.0.0.2 3.0.0.3 3.0.0.4 release-manager release-manager release-manager release-manager release-manager release-manager release-manager release-manager release-manager Thu Thu Thu Thu Thu Thu Thu Thu Thu Mar Mar Mar Mar Mar Mar Mar Mar Mar 31 31 31 31 31 31 31 31 31 09:23:34 09:23:22 09:24:02 09:26:34 09:25:56 09:25:14 09:35:08 09:23:11 09:26:23 PST PST PST PST PST PST PST PST PST 2005 2005 2005 2005 2005 2005 2005 2005 2005

The following is sample output from the Summit X450 switch:


Process Name Version BuiltBy Link Date ---------------------------------------------------------------------aaa 3.0.0.2 release-manager Thu Mar 31 09:34:17 PST 2005 acl 3.0.0.2 release-manager Thu Mar 31 09:38:44 PST 2005 bgp Not Started Unknown Unknown cfgmgr 3.0.0.21 release-manager Thu Mar 31 09:33:58 PST 2005 cli 3.0.0.22 release-manager Thu Mar 31 09:33:45 PST 2005 cna 3.1.0.1 release-manager Thu Mar 31 09:49:28 PST 2005 devmgr 3.0.0.2 release-manager Thu Mar 31 09:33:26 PST 2005 dirser 3.0.0.2 release-manager Thu Mar 31 09:34:31 PST 2005 dosprotect 3.0.0.1 release-manager Thu Mar 31 09:48:58 PST 2005 eaps 3.0.0.8 release-manager Thu Mar 31 09:38:25 PST 2005 edp 3.0.0.2 release-manager Thu Mar 31 09:37:24 PST 2005 elrp 3.0.0.1 release-manager Thu Mar 31 09:36:27 PST 2005 ems 3.0.0.2 release-manager Thu Mar 31 09:50:40 PST 2005 epm 3.0.0.3 release-manager Thu Mar 31 09:33:08 PST 2005 esrp 3.0.0.4 release-manager Thu Mar 31 09:38:07 PST 2005 etmon 1.0.0.1 release-manager Thu Mar 31 09:47:16 PST 2005 ....

If you specify the name option, only the process you select is displayed. Using the images option in the show version command produces output similar to the following on a modular switch:
Card Partition Installation Date Version Name -------------------------------------------------------------------MSM-A primary Wed Jun 30 22:30:22 UTC 2004 11.0.0.24 bd10K-11.0.0.24.xos MSM-A primary Thu Jul 1 03:29:41 UTC 2004 11.0.0.24 bd10K-11.0.0.24-ssh.xmod MSM-A secondary Tue Jun 29 06:09:26 UTC 2004 11.0.0.23 bd10K-11.0.0.23.xos MSM-A secondary Tue Jun 29 06:29:14 UTC 2004 11.0.0.23 bd10K-11.0.0.23-ssh.xmod

The following is sample output from the Summit X450 switch:


Card Partition Installation Date Version Name Branch -----------------------------------------------------------------------------Switch primary Wed Feb 4 06:36:30 UTC 2004 11.2.0.14 summitx450-11.2.0.14.xos v1 120b14 Switch primary Wed Feb 4 07:05:35 UTC 2004 11.2.0.14 summitx450-11.2.0.14-ssh.xm od v1120b14 Switch primary Wed Feb 4 07:09:13 UTC 2004 11.2.0.14 summitx450-11.2.0.14-cna.xm od v1120b14 Switch secondary Mon Jan 19 01:52:28 UTC 2004 11.2.0.10 summitx450-11.2.0.10.xos v 1120b10

ExtremeWare XOS 11.3 Command Reference

571

Commands for Status Monitoring and Statistics


Switch secondary Wed Jan 21 06:50:42 UTC 2004 11.2.0.10 summitx450-11.2.0.10-ssh.x mod v1120b10 Switch secondary Wed Jan 21 06:51:13 UTC 2004 11.2.0.10 summitx450-11.2.0.10-cna.x mod v1120b10

If you specify the partition option, only images on the specified partition is shown.

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

572

ExtremeWare XOS 11.3 Command Reference

unconfigure log filter

unconfigure log filter


unconfigure log filter <filter name>

Description
Resets the log filter to its default values; removes all filter items.

Syntax Description
filter name Specifies the log filter to unconfigure.

Default
N/A.

Usage Guidelines
If the filter name specified is DefaultFilter, this command restores the configuration of DefaultFilter back to its original settings. If the filter name specified is not DefaultFilter, this command sets the filter to have no events configured and therefore, no incidents will pass. This is the configuration of a newly created filter that was not copied from an existing one. See the delete log filter command for information about deleting a filter.

Example
The following command sets the log filter myFilter to stop passing any events:
unconfigure log filter myFilter

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available all platforms.

ExtremeWare XOS 11.3 Command Reference

573

Commands for Status Monitoring and Statistics

unconfigure log target format


unconfigure log target [console | memory-buffer | nvram | session | syslog [all | <ipaddress> | <ipPort> {vr <vr_name>} [local0 ... local7]]] format

Description
Resets the log target format to its default values.

Syntax Description
console memory-buffer nvram session syslog all ipaddress ipPort vr_name Specifies the console display format. Specifies the switch memory buffer format. Specifies the switch NVRAM format. Specifies the current session (including console display) format. Specifies a syslog target format. Specifies all remote syslog servers. Specifies the syslog IP address. Specifies the UDP port number for the syslog target. Specifies the virtual router that can reach the server IP address. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. local0 ... local7 format Specifies the local syslog facility. Specifies that the format for the target will be reset to the default value.

Default
When a target format is unconfigured, it is reset to the default values. The following defaults apply to console display, memory buffer, NVRAM, and session targets:

timestamphundredths datemm-dd-yyyy severityon event-namecondition host-nameoff sequence-numberoff process-nameoff process-sloton (modular switches only) process-idoff source-lineoff

The following defaults apply to syslog targets (per RFC 3164):


timestampseconds datemmm-dd

574

ExtremeWare XOS 11.3 Command Reference

unconfigure log target format


severityon event-namenone host-nameoff sequence-numberoff process-nameoff process-sloton (modular switches only) process-idoff source-lineoff

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Use this command to reset the target format to the default format.

Example
The following command sets the log format for the target session (the current session) to the default:
unconfigure log target session format

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

575

Commands for Status Monitoring and Statistics

unconfigure sflow
unconfigure sflow

Description
Resets all the sFlow values to the default values.

Syntax Description
This command has no arguments or variables

Default
The default values for sFlow are as follows:

sFlow agent IP address0.0.0.0 sampling frequencysample one every 8196 packets polling interval20 seconds maximum CPU sample limit2000 samples per second

sFlow is unconfigured and disabled on all ports.

Usage Guidelines
This command resets sFlow values to default value, and removes any port configurations, and any sFlow collectors configured on the switch.

Example
The following command unconfigures sFlow:
unconfigure sflow

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

576

ExtremeWare XOS 11.3 Command Reference

unconfigure sflow agent

unconfigure sflow agent


unconfigure sflow agent

Description
Resets the sFlow agents IP address to the default value.

Syntax Description
This command has no arguments or variables.

Default
The default IP address is 0.0.0.0.

Usage Guidelines
This command resets the sFlow agent IP address to its default value.

Example
The following command resets the agent IP back to the management IP address:
unconfigure sflow agent

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

577

Commands for Status Monitoring and Statistics

unconfigure sflow collector


unconfigure sflow collector {ipaddress} <ip-address> {port <udp-portnumber>} {vr <vrname>}

Description
Unconfigures the sFlow collector.

Syntax Description
ip-address udp-port-number vrname Specifies the IP address of the collector to reset. Specifies the UDP port. Specifies which virtual router. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Default
The following values are the defaults for this command:

UDP port number6343 Virtual routerVR-Mgmt (previously called VR-0).

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

This command allows you to reset the specified sFlow collector parameters to the default values. Both the commands unconfigure sflow and unconfigure sflow collector will reset the collector parameters to the default.

Example
The following command removes the collector at IP address 192.168.57.1:
unconfigure sflow collector ipaddress 192.168.57.1

History
This command was first available in ExtremeWare XOS 11.0.

578

ExtremeWare XOS 11.3 Command Reference

unconfigure sflow collector

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

579

Commands for Status Monitoring and Statistics

unconfigure sflow ports


unconfigure sflow ports <port_list>

Description
Removes the specified ports from the sFlow configuration, and stops sampling them.

Syntax Description
port_list Specifies one or more ports or slots and ports.

Default
N/A.

Usage Guidelines
This command removes the specified ports from the sFlow configuration, and stops sampling them.

Example
The following command unconfigures sFlow on the ports 2:5-2:7:
unconfigure sflow ports 2:5-2:7

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

580

ExtremeWare XOS 11.3 Command Reference

upload log

upload log
upload log <ipaddress> {vr <vr_name>} <filename> {messages [memory-buffer | nvram] {events {<event-condition> | <event_component>}}} {<severity> {only}} {match <regex>} {chronological}

Description
Uploads the current log messages to a TFTP server.

Syntax Description
ipaddress vr_name Specifies the ipaddress of the TFTP server. Specifies the virtual router that can reach the TFTP server. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. filename messages memory-buffer nvram events event-condition event-component severity only regex chronological Specifies the file name for the log stored on the TFTP server. Specifies the location from which to display the log messages. Show messages stored in volatile memory. Show messages stored in NVRAM Show event messages. Specifies the event condition to display. Specifies the event component to display. Specifies the minimum severity level to display (if the keyword only is omitted). Specifies that only the specified severity level is to be displayed. Specifies a regular expression. Only messages that match the regular expression will be displayed. Specifies uploading log messages in ascending chronological order (oldest to newest).

Default
The following defaults apply:

messagesmemory buffer severitynone (displays everything stored in the target) matchno restriction chronologicalif not specified, show messages in order from newest to oldest

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

ExtremeWare XOS 11.3 Command Reference

581

Commands for Status Monitoring and Statistics This command is similar to the show log command, but instead of displaying the log contents on the command line, this command saves the log to a file on the TFTP server you specify. For more details on most of the options of this command, see the command show log on page 532. Host Name and Remote IP Address Character Restrictions. This section provides information about the characters supported by the switch for host names and remote IP addresses. When specifying a host name or remote IP address, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Permitted only for host names Underscore ( _ ) Permitted only for host names Colon ( : )

When naming or configuring an IP address for your network server, remember the requirements listed above. Remote Filename Character Restrictions. This section provides information about the characters supported by the switch for remote filenames. When specifying a remote filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ ) Slash ( / )

When naming a local or remote file, remember the requirements listed above.

Example
The following command uploads messages with a critical severity to the filename switch4critical.log on TFTP server at 10.31.8.25:
upload log 10.31.8.25 switch4critical.log critical

The following command uploads messages with warning, error, or critical severity to the filename switch4warn.log on TFTP server at 10.31.8.25:
upload log 10.31.8.25 switch4warn.log warning

History
This command was first available in ExtremeWare XOS 10.1.

582

ExtremeWare XOS 11.3 Command Reference

upload log

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

583

Commands for Status Monitoring and Statistics

584

ExtremeWare XOS 11.3 Command Reference

VLAN Commands

This chapter describes commands for:


Creating and deleting VLANs and performing basic VLAN configuration Defining protocol filters for use with VLANs Creating and deleting VMANs and performing basic VMAN configuration

VLANs can be created according to the following criteria:

Physical portA port-based VLAN consists of a group of one or more ports on the switch. A port can be a member of only one port-based VLAN, and is by default a member of the VLAN named Default. 802.1Q tagTagging is most commonly used to create VLANs that span switches. Ethernet, LLC SAP, or LLC/SNAP Ethernet protocol typeProtocol-based VLANs are most often used in situations where network segments contain hosts running multiple protocols. A combination of these criteria.

Beginning with ExtremeWare XOS 11.2, the software supports using IPv6 addresses, in addition to IPv4 addresses.

ExtremeWare XOS 11.3 Command Reference

585

VLAN Commands

configure protocol add


configure protocol <name> add [etype | llc | snap] <hex> {[etype | llc | snap] <hex>} ...

Description
Configures a user-defined protocol filter.

Syntax Description
name hex Specifies a protocol filter name. Specifies a four-digit hexadecimal number between 0 and FFFF that represents: The Ethernet protocol type taken from a list maintained by the IEEE. The DSAP/SSAP combination created by concatenating a two-digit LLC Destination SAP (DSAP) and a two-digit LLC Source SAP (SSAP). The SNAP-encoded Ethernet protocol type.

Default
N/A.

Usage Guidelines
Supported protocol types include:

etype IEEE Ethertype. llc LLC Service Advertising Protocol. snap Ethertype inside an IEEE SNAP packet encapsulation.

A maximum of 15 protocol filters, each containing a maximum of six protocols, can be defined. The protocol filter must already exist before you can use this command: use the create protocol command to create the protocol filter. No more than seven protocols can be active and configured for use.

Example
The following command configures a protocol named Fred by adding protocol type LLC SAP with a value of FFEF:
configure protocol fred add llc 0xfeff

History
This command was first available in ExtremeWare XOS 10.1.

586

ExtremeWare XOS 11.3 Command Reference

configure protocol add

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

587

VLAN Commands

configure protocol delete


configure protocol <name> delete [etype | llc | snap] <hex> {[etype | llc | snap] <hex>} ...

Description
Deletes the specified protocol type from a protocol filter.

Syntax Description
name hex Specifies a protocol filter name. Specifies a four-digit hexadecimal number between 0 and FFFF that represents: The Ethernet protocol type taken from a list maintained by the IEEE. The DSAP/SSAP combination created by concatenating a two-digit LLC Destination SAP (DSAP) and a two-digit LLC Source SAP (SSAP). The SNAP-encoded Ethernet protocol type.

Default
N/A.

Usage Guidelines
Supported protocol types include:

etype IEEE Ethertype. llc LLC Service Advertising Protocol. snap Ethertype inside an IEEE SNAP packet encapsulation.

Example
The following command deletes protocol type LLC SAP with a value of FEFF from protocol fred:
configure protocol fred delete llc feff

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

588

ExtremeWare XOS 11.3 Command Reference

configure vlan add ports

configure vlan add ports


configure vlan <vlan_name> add [ports <port_list> | all] {tagged | untagged} {stpd <stpd_name> {dot1d | emistp | pvst-plus}} {nobroadcast}

Description
Adds one or more ports in a VLAN.

Syntax Description
vlan_name port_list all tagged untagged stpd_name dot1d | emistp | pvst-plus nobroadcast Specifies a VLAN name. Specifies a list of ports or slots and ports. Specifies all ports. Specifies the ports should be configured as tagged. Specifies the ports should be configured as untagged. Specifies an STP domain name. Specifies the BPDU encapsulation mode for these STP ports. Prevents broadcasts, multicasts, and unknown unicast packets from being transmitted on these ports. NOTE: This option is available only on the BlackDiamond 10K switch.

Default
Untagged.

Usage Guidelines
NOTE
You cannot have both VLANs and VMANs on the same module on the BlackDiamond 8800 family of switches (formerly known as Aspen); each module can have only VLANs or VMANs (although these can span modules).

The VLAN must already exist before you can add (or delete) ports: use the create vlan command to create the VLAN. NOTE
The nobroadcast option is available only on the BlackDiamond 10K switch.

If the VLAN uses 802.1Q tagging, you can specify tagged or untagged port(s). If the VLAN is untagged, the ports cannot be tagged. Untagged ports can only be a member of a single VLAN. By default, they are members of the default VLAN (named Default). In order to add untagged ports to a different VLAN, you must first remove them from the default VLAN. You do not need to do this to add them to another VLAN as tagged

ExtremeWare XOS 11.3 Command Reference

589

VLAN Commands ports. if you attempt to add an untagged port to a VLAN prior to removing it from the default VLAN, you see the following error message:
Error: Protocol conflict when adding untagged port 1:2. Either add this port as tagged or assign another protocol to this VLAN.

As each port can belong to only one virtual router, ports within one VLAN must all be in the same virtual router. NOTE
All ports and VLANs are in VR-Default in the BlackDiamond 8800 family of switches and Summit X450 switch and cannot be moved.

Refer to Chapter 19 for more information on configuring Spanning Tree Domains.

NOTE
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.

Example
The following command assigns tagged ports 1:1, 1:2, 1:3, and 1:6 to a VLAN named accounting:
configure vlan accounting add ports 1:1, 1:2, 1:3, 1:6 tagged

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

590

ExtremeWare XOS 11.3 Command Reference

configure vlan delete ports

configure vlan delete ports


configure vlan <vlan_name> delete ports [all | <port_list>]

Description
Deletes one or more ports in a VLAN.

Syntax Description
vlan_name all port_list Specifies a VLAN name. Specifies all ports. A list of ports or slots and ports.

Default
N/A.

Usage Guidelines
None.

Example
The following command removes ports 1:1, 1:2, 4:3, and 5:6 on a modular switch from a VLAN named accounting:
configure accounting delete port 1:1, 1:2, 4:3, 5:6

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

591

VLAN Commands

configure vlan ipaddress


configure vlan <vlan_name> ipaddress [<ipaddress> {<ipNetmask>} | ipv6-link-local | {eui64} <ipv6_address_mask>]

Description
Assigns an IPv4 address and an optional subnet mask or an IPv6 address to the VLAN. Beginning with ExtremeWare XOS version 11.2, you can specify IPv6 addresses. You can assign either an IPv4 address, and IPv6 address, or both to the VLAN. Beginning with ExtremeWare XOS software version 11.3, you can use this command to assign an IP address to a specified VMAN and enable multicasting on that VMAN.

Syntax Description
vlan_name ipaddress ipNetmask ipv6-link-local Specifies a VLAN name. Specifies an IPv4 address. Specifies an IPv4 subnet mask in dotted-quad notation (for example, 255.255.255.0). Specifies IPv6 and configures a link-local address generated by combining the standard link-local prefix with the automatically generated interface in the EUI64 format. Using this option automatically generates an entire IPv6 address; this address is only a link-local, or VLAN-based, IPv6 address, that is, ports on the same segment can communicate using this IP address and do not have to pass through a gateway. Specifies IPv6 and automatically generates the interface ID in the EUI-64 format using the interfaces MAC address. Once you enter this parameter, you must add the following variables: <ipv6_address_mask>. Use this option when you want to enter the 64-bit prefix and use a EUI-64 address for the rest of the IPv6 address. Specify the IPv6 address in the following format: x:x:x:x:x:x:x:x/prefix length, where each x is the hexadecimal value of one of the 8 16-bit pieces of the 128-bit wide address.

eui64

ipv6_address_mask

Default
N/A.

Usage Guidelines
The VLAN must already exist before you can assign an IP address: use the create vlan command to create the VLAN. NOTE
If you plan to use the VLAN as a control VLAN for an EAPS domain, do NOT configure the VLAN with an IP address.

592

ExtremeWare XOS 11.3 Command Reference

configure vlan ipaddress

NOTE
See Chapter 22, IP Unicast Commands, for information on adding secondary IP addresses to VLANs.

Beginning with ExtremeWare XOS software version 11.2, you can specify IPv6 addresses. See Chapter 24, IPv6 Unicast Commands, for information on IPv6 addresses. BlackDiamond 8800 family of switches and Summit X450 switch only. Beginning with ExtremeWare XOS software version 11.3, you can assign an IP address (including IPv6 addresses) to a VMAN. BlackDiamond 10K switch only. Beginning with ExtremeWare XOS software version 11.3, you can assign an IP address (including IPv6 addresses) to a specified VMAN to enable multicasting. You assign an IP address to a specified VMAN using the VMAN name, rather than a VLAN name. To enable multicasting on the specified VMAN once you assigned an IP address, take the following steps: 1 Enable IP multicast forwarding. 2 Enable and configure multicasting. NOTE
See Chapter Chapter 29 for information on configuring and using multicasting.

Example
The following commands are equivalent; both assign an IPv4 address of 10.12.123.1 to a VLAN named accounting:
configure vlan accounting ipaddress 10.12.123.1/24 configure vlan accounting ipaddress 10.12.123.1 255.255.255.0

The following command assigns a link local IPv6 address to a VLAN named management:
configure vlan accounting ipaddress ipv6-link-local

History
This command was first available in ExtremeWare XOS 10.1. The IPv6 parameters were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

593

VLAN Commands

configure vlan name


configure vlan <vlan_name> name <name>

Description
Renames a previously configured VLAN.

Syntax Description
vlan_name name Specifies the current (old) VLAN name. Specifies a new name for the VLAN.

Default
N/A.

Usage Guidelines
You cannot change the name of the default VLAN Default. NOTE
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.

Example
The following command renames VLAN vlan1 to engineering:
configure vlan vlan1 name engineering

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

594

ExtremeWare XOS 11.3 Command Reference

configure vlan protocol

configure vlan protocol


configure vlan <vlan_name> protocol <protocol_name>

Description
Configures a VLAN to use a specific protocol filter.

Syntax Description
vlan_name protocol_name Specifies a VLAN name. Specifies a protocol filter name. This can be the name of a predefined protocol filter, or one you have defined. The following protocol filters are predefined: IP IPv6 IPX NetBIOS DECNet IPX_8022 IPX_SNAP AppleTalk any indicates that this VLAN should act as the default VLAN for its member ports.

Default
Protocol any.

Usage Guidelines
If the keyword any is specified, all packets that cannot be classified into another protocol-based VLAN are assigned to this VLAN as the default for its member ports. Use the configure protocol command to define your own protocol filter.

Example
The following command configures a VLAN named accounting as an IP protocol-based VLAN:
configure accounting protocol ip

ExtremeWare XOS 11.3 Command Reference

595

VLAN Commands

History
This command was first available in ExtremeWare XOS 10.1. The IPv6 parameter was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

596

ExtremeWare XOS 11.3 Command Reference

configure vlan tag

configure vlan tag


configure vlan <vlan_name> tag <tag>

Description
Assigns a unique 802.1Q tag to the VLAN.

Syntax Description
vlan_name tag Specifies a VLAN name. Specifies a value to use as an 802.1Q tag. The valid range is from 2 to 4095.

Default
The default VLAN uses an 802.1Q tag (and an internal VLANid) of 1.

Usage Guidelines
If any of the ports in the VLAN will use an 802.1Q tag, a tag must be assigned to the VLAN. The valid range is from 2 to 4094 (tag 1 is assigned to the default VLAN, and tag 4095 is assigned to the management VLAN). The 802.1Q tag will also be used as the internal VLANid by the switch. You can specify a value that is currently used as an internal VLANid on another VLAN; it will become the VLANid for the VLAN you specify, and a new VLANid will be automatically assigned to the other untagged VLAN.

Example
The following command assigns a tag (and internal VLANid) of 120 to a VLAN named accounting:
configure accounting tag 120

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

597

VLAN Commands

configure vman add ports


configure vman <vman-name> add ports [ all | <port_list> ] {untagged | tagged | nobroadcast }

Description
Adds one or more ports in a VMAN.

Syntax Description
vman-ame all port_list Specifies a VMAN name. Specifies all ports. Specifies a list of ports or slots and ports. NOTE: On the BlackDiamond 8800 family of switches (formerly known as Aspen), ports on a given slot can be either VLAN members or VMAN members, but not both. untagged tagged nobroadcast Specifies that the ports are untagged. Specifies that the ports are tagged. Specifies that the ports do not forward broadcast, multicast, or unknown unicast packets. NOTE: This option is available only on the BlackDiamond 10K switch.

Default
N/A.

Usage Guidelines
If you do not specify a parameter, the default value is untagged. If you specify the parameter nobroadcast, the system used the default value of untagged; you cannot add nobroadcast once you have specified tagged packets. NOTE
The nobroadcast option is available only on the BlackDiamond 10K switch.

The VMAN tunnel begins at the ingress, or customer access, port and terminates at the egress, or trunk, port. Traffic flows from the egress trunk port onto the network thereafter without the VMAN tag. Ensure that all the switch-to-switch ports in the VMAN tunnel are configured as tagged ports. Configure the VMAN ingress, or customer access, port as an untagged port (although this port does accept tagged packets). You must configure the VMAN tunnel egress, or trunk, port as an untagged port so that the VMAN header is stripped from the frame.

598

ExtremeWare XOS 11.3 Command Reference

configure vman add ports

NOTE
You must configure the VMAN tunnel egress, or trunk, port as untagged so that the VMAN header is stripped from the frame.

The VMAN must already exists before you can add (or delete) ports: use the create vman command to create the VLAN. VMAN ports can belong to load-sharing groups. If any port in the load-sharing group is enabled for VMAN, all ports in the group are automatically enabled to handle jumbo size frames. Also, VMAN is automatically enabled on all ports of the untagged load-sharing group. The Extreme Networks default Ethernet type for VMAN is 088a8.

NOTE
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.

BlackDiamond 8800 family of switches (formerly known as Aspen) only. You cannot configure VLANs and VMANs on the same module, or slot. Although VLANs and VMANs can span modules, the cannot coexist on the same module. BlackDiamond 10K only. All VMAN ports are automatically enabled for jumbo frames to accommodate the extra VMAN tag. All ports added to a specified VMAN must be in the same virtual router. For more information on displaying, configuring, and using virtual routers, see Chapter 10.

Example
The following command assigns ports 1:1, 1:2, 1:3, and 1:6 to a VMAN named accounting:
configure vlan accounting add ports 1:1, 1:2, 1:3, 1:6 tag 100

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

599

VLAN Commands

configure vman delete ports


configure vman <vman-name> delete ports [ all | <port_list> ]

Description
Deletes one or more ports in a VMAN.

Syntax Description
vlan_name all port_list Specifies a VMAN name. Specifies all ports. Specifies a list of ports or slots and ports.

Default
N/A.

Usage Guidelines
The VMAN must already exist before you can add (or delete) ports: use the create vman command to create the VLAN.

Example
The following command deletes ports 1:1, 1:2, 1:3, and 1:6 on a modular switch to a VMAN named accounting:
configure vman accounting delete ports 1:1, 1:2, 1:3, 1:6

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

600

ExtremeWare XOS 11.3 Command Reference

configure vman ethertype

configure vman ethertype


configure vman ethertype <value>

Description
Configures the Ethernet type for the VMAN header.

Syntax Description
value Specifies an Ethertype value in the format of 0xffff.

Default
Ethertype value of 0x88a8.

Usage Guidelines
The default VMAN Ethernet type on Extreme devices is 0x88a8. If your VMAN transits a third-party device (other than an Extreme Networks device), you must configure the EtherType for the VMAN tag as the Ethernet type that the third-party device uses. Beginning with ExtremeWare XOS 11.3, the system supports all VMAN EtherTypes, including the standard Ethernet type of 0x8100.

Example
The following command, followed by a switch reboot, changes the Ethertype value to 8100:
configure vman ethertype 0x8100

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

601

VLAN Commands

configure vman tag


configure vman <vman-name> tag <tag>

Description
Assigns a unique 802.1Q tag to the VMAN.

Syntax Description
vlan_name tag Specifies a VMAN name. Specifies a value to use as VMAN tag 802.1Q tag. The valid range is from 2 to 4094.

Default
N/A.

Usage Guidelines
You add a tag value to each VMAN you configure. This is then carried in the 4-byte VMAN header, which is added to all packets (both tagged and untagged) that arrive on the port you added to the VMAN. You can specify a value that is currently used as an internal VLANid on another VLAN; it will become the VLANid for the VLAN you specify, and a new VLANid will be automatically assigned to the other untagged VLAN.

Example
The following command assigns a tag of 120 to a VMAN named accounting:
configure vman accounting tag 120

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

602

ExtremeWare XOS 11.3 Command Reference

create protocol

create protocol
create protocol <name>

Description
Creates a user-defined protocol filter.

Syntax Description
name Specifies a protocol filter name. The protocol filter name can have a maximum of 31 characters.

Usage Guidelines
Protocol-based VLANs enable you to define packet filters that the switch can use as the matching criteria to determine if a particular packet belongs to a particular VLAN. After you create the protocol, you must configure it using the configure protocol command. To assign it to a VLAN, use the configure vlan <vlan_name> protocol <protocol_name> command.

Example
The following command creates a protocol named fred:
create protocol fred

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

603

VLAN Commands

create vlan
create vlan <vlan_name> {vr <vr-name>}

Description
Creates a named VLAN.

Syntax Description
vlan_name vr vr-name Specifies a VLAN name (up to 32 characters). Specifies a virtual router. Specifies in which virtual router to create the VLAN. NOTE: On the BlackDiamond 8800 family of switches and the Summit X450 switch, all VLANs are created in VR-Default and cannot be moved.

Default
A VLAN named Default exists on all new or initialized Extreme switches:

It initially contains all ports on a new or initialized switch, except for the management port(s), if there are any. It has an 802.1Q tag of 1. The default VLAN is untagged on all ports. It uses protocol filter any.

A VLAN named Mgmt exists on switches that have management modules or management ports.

It initially contains the management port(s) the switch. It is assigned the next available internal VLANid as an 802.1Q tag.

If you do not specify the virtual router, the VLAN is created in the current virtual router.

Usage Guidelines
A newly-created VLAN has no member ports, is untagged, and uses protocol filter any until you configure it otherwise. Use the various configure vlan commands to configure the VLAN to your needs. Internal VLANids are assigned automatically using the next available VLANid starting from the high end (4094) of the range. Each VLAN name can be up to 32 standard alphanumeric characters, but must begin with an alphabetical letter. Quotation marks can be used to enclose a VLAN name that does not begin with an alphabetical character, or that contains a space, comma, or other special character.

604

ExtremeWare XOS 11.3 Command Reference

create vlan

NOTE
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.

VLAN names are locally significant. That is, VLAN names used on one switch are only meaningful to that switch. If another switch is connected to it, the VLAN names have no significance to the other switch. You must use mutually exclusive names for:

VLANs VMANs Ipv6 tunnels

If you do not specify a virtual router when you create a VLAN, the system creates that VLAN in the default virtual router (VR-Default). The management VLAN is always in the management virtual router (VR-Mgmt). Once you create virtual routers, ExtremeWare XOS software allows you to designate one of these as the domain in which all your subsequent configuration commands, including VLAN commands, are applied. If you create virtual routers, ensure that you are creating the VLANs in the desired virtualrouter domain.

NOTE
The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch do not support user-created virtual routers; all user-created VLANs are in VR-Default.

For information on configuring virtual routers, see Chapter 10.

Example
The following command creates a VLAN named accounting on the current virtual router:
create vlan accounting

History
This command was first available in ExtremeWare XOS 10.1. The virtual router option vr, was added in ExtremeWare XOS 11.0

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

605

VLAN Commands

create vman
create vman <vman-name> {vr <vr_name>}

Description
Creates a VMAN, which allows you to create a "tunnel" through the public network.

Syntax Description
vman-ame vr vr_name Specifies a VMAN name. Up to 32 characters. Specifies a virtual router. Specifies the virtual router. NOTE: On the BlackDiamond 8800 family of switches and the Summit X450 switch, all VMANs are created in VR-Default and cannot be moved.

Default
N/A

Usage Guidelines
VMANs allow you to establish a private path through the public network. After you create the VMAN, you must configure the VMAN tag plus adding the ports that you want.

NOTE
On the BlackDiamond 10K switch, all VMAN ports are automatically enabled for jumbo frames to accommodate the added VMAN tag. On the BlackDiamond 8800 family of switches and the Summit X450 switch, you must enable jumbo frames on the switch

If you do not specify the virtual router, the VMAN is created in the current virtual router.

NOTE
You cannot have both VLANs and VMANs on the same module on the BlackDiamond 8800 family of switches (formerly known as Aspen). Although both VLANs and VMANs can span modules, they cannot co-exist on the same module.

To configure a VMAN, follow these steps: 1 Create the tunnel by creating the VMAN. 2 If you are working on the BlackDiamond 8800 family of switches or the Summit X450 switch, enable jumbo frames. Use the following command:
enable jumbo-frames ports all

606

ExtremeWare XOS 11.3 Command Reference

create vman 3 Assign a tag value to the VMAN. Use the following command:
configure vman <vman-name> tag <tag>

4 Add the ports in the tunnel to the VMAN. 5 Configure VMAN member ports as tagged on switch-to-switch ports and untagged on the ingress and egress ports of the tunnel. Use the following command:
configure vman <vman-name> add ports [ all | <port_list> ] {untagged | tagged | nobroadcast }

NOTE
You must configure the VMAN tunnel egress, or trunk, port as untagged so that the VMAN header is stripped from the frame.

The Extreme Networks default Ethernet type for VMAN is 088a8. You must use mutually exclusive names for:

VLANs VMANs Ipv6 tunnels NOTE

Beginning with ExtremeWare XOS software version 11.3 you can tunnel multicast traffic on the BlackDiamond 10K series switch. To assign an IP address to a VMAN, use the configure vlan ipaddress command.

Example
The following command creates a VMAN named fred:
create vman fred

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

607

VLAN Commands

delete protocol
delete protocol <name>

Description
Deletes a user-defined protocol.

Syntax Description
name Specifies a protocol name.

Default
N/A.

Usage Guidelines
If you delete a protocol that is in use by a VLAN, the protocol associated with than VLAN will become none.

Example
The following command deletes a protocol named fred:
delete protocol fred

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

608

ExtremeWare XOS 11.3 Command Reference

delete vlan

delete vlan
delete vlan <vlan_name>

Description
Deletes a VLAN.

Syntax Description
vlan_name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
If you delete a VLAN that has untagged port members and you want those ports to be returned to the default VLAN, you must add them back explicitly using the configure vlan add ports command. NOTE
The default VLAN cannot be deleted.

Example
The following command deletes the VLAN accounting:
delete accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

609

VLAN Commands

delete vman
delete vman <vman-name>

Description
Deletes a previously created VMAN.

Syntax Description
vman-name Specifies a VMAN name.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes the VMAN accounting:
delete vman accounting

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

610

ExtremeWare XOS 11.3 Command Reference

disable dot1p examination inner-tag port

disable dot1p examination inner-tag port


disable dot1p examination inner-tag port [all | <port_list>]

Description
Used with VMANs, and instructs the switch to examine the 802.1p value of the outer tag, or added VMAN header, to determine the correct egress queue on the egress port.

Syntax Description
all port_list Specifies all ports. Specifies a list of ports or slots and ports.

Default
Disabled.

Usage Guidelines
Use this command to instruct the system to refer to the 802.1p value contained in the outer tag, or VMAN encapsulation tag, when assigning the packet to an egress queue at the egress port of the VMAN. NOTE
See Chapter 14 for information on configuring and displaying the current 802.1p and DiffServ configuration for the inner, or original header, 802.1p value.

Example
The following command uses the 802.1p value on the outer tag, or VMAN encapsulation, to put the packet in the egress queue on the VMAN egress port:
disable dot1p examination inner-tag port 3:2

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch.

ExtremeWare XOS 11.3 Command Reference

611

VLAN Commands

disable loopback-mode vlan


disable loopback-mode vlan <vlan_name>

Description
Disallows a VLAN to be placed in the UP state without an external active port. This allows (disallows) the VLANs routing interface to become active.

Syntax Description
vlan_name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
Use this command to specify a stable interface as a source interface for routing protocols. This decreases the possibility of route flapping, which can disrupt connectivity.

Example
The following command disallows the VLAN accounting to be placed in the UP state without an external active port:
disable loopback-mode vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

612

ExtremeWare XOS 11.3 Command Reference

enable dot1p examination inner-tag port

enable dot1p examination inner-tag port


enable dot1p examination inner-tag port [all | <port_list>]

Description
Used with VMANs, and instructs the switch to examine the 802.1p value of the inner tag, or header of the original packet, to determine the correct egress queue on the egress port.

Syntax Description
all port_list Specifies all ports. Specifies a list of ports or slots and ports.

Default
Disabled.

Usage Guidelines
Use this command to instruct the system to refer to the 802.1p value contained in the inner, or original, tag when assigning the packet to an egress queue at the egress port of the VMAN. NOTE
See Chapter 14 for information on configuring and displaying the current 802.1p and DiffServ configuration for the inner, or original header, 802.1p value.

Example
The following command puts the packets in the egress queue of the VMAN egress port according to the 802.1p value on the inner tag:
enable dot1p examination inner-tag port 3:2

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches (formerly known as Aspen) family of switches and the Summit X450 switch.

ExtremeWare XOS 11.3 Command Reference

613

VLAN Commands

enable loopback-mode vlan


enable loopback-mode vlan <vlan_name>

Description
Allows a VLAN to be placed in the UP state without an external active port. This allows (disallows) the VLANs routing interface to become active.

Syntax Description
vlan_name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
Use this command to specify a stable interface as a source interface for routing protocols. This decreases the possibility of route flapping, which can disrupt connectivity.

Example
The following command allows the VLAN accounting to be placed in the UP state without an external active port:
enable loopback-mode vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

614

ExtremeWare XOS 11.3 Command Reference

show protocol

show protocol
show protocol {<name>}

Description
Displays protocol filter definitions.

Syntax Description
name Specifies a protocol filter name.

Default
Displays all protocol filters.

Usage Guidelines
Displays the defined protocol filter(s) with the types and values of its component protocols.

Example
The following is an example of the show protocol command:
Protocol Name Type Value -----------------------------------------------IP etype 0x0800 etype 0x0806 ANY ANY 0xffff ipx etype 0x8137 decnet etype 0x6003 etype 0x6004 netbios llc 0xf0f0 llc 0xf0f1 ipx_8022 llc 0xe0e0 ipx_snap snap 0x8137 appletalk snap 0x809b snap 0x80f3

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

615

VLAN Commands

show vlan
show vlan {detail |<vlan_name> {stpd}}

Description
Displays information about VLANs.

Syntax Description
detail vlan_name stpd Specifies that detailed information should be displayed for each VLAN. Specifies a VLAN name. Specifies that STP domains displays for each VLAN.

Default
Summary information for all VLANs on the device.

Usage Guidelines
NOTE
To display IPv6 information, you must issue either the show vlan detail command or show vlan command with the name of the specified VLAN.

Unlike many other VLAN-related commands, the keyword vlan is required in all forms of this command except when requesting information for a specific vlan. Use the command show vlan to display summary information for all VLANs. It shows various configuration options as a series of flags (see the example below). VLAN and protocol names may be abbreviated in this display. Use the command show vlan detail to display detailed information for all VLANs. This displays the same information as for an individual VLAN, but shows every VLAN, one-by-one. After each VLAN display you can elect to continue or quit. Protocol none indicates that this VLAN was configured with a user-defined protocol that has subsequently been deleted.

NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch display the Mgmt VLAN in the VR-Mgmt; they display all other VLANs in the VR-Default.

616

ExtremeWare XOS 11.3 Command Reference

show vlan When an IPv6 address is configured for the VLAN, the system may display one of the following two address types in parentheses after the IPv6 address:

Tentative Duplicate NOTE

See the ExtremeWare XOS Concepts Guide for information on IPv6 address types.

You can display additional useful information on VLANs configured with IPv6 addresses by issuing the show ipconfig ipv6 vlan <vlan_name>. The following is sample output from this command:
BD10K # show ipconfig ipv6 my_ipv6_100 Router Interface on my_ipv6_100 is enabled and up. MTU: 1500 Locally registered unicast addresses: 2001:db8::8:802:200c:417a/64 fe80::230:48ff:fe41:ed97%my_ipv6_100/64 Flags: IPv6 Forwarding: YES Accept recvd RA: NO Send redirects: NO Accept redirects: NO

Example
The following is an example of the show vlan command on the BlackDiamond 10K switch:
-------------------------------------------------------------------------------Name VID Protocol Addr Flags Proto Ports Virtual Active router /Total -------------------------------------------------------------------------------Default 1 -------------------- ---------T--- ANY 0 /771 VR-Default hugheapscontrol 4092 -------------------- ------------C ANY 0 /0 VR-Default Mgmt 4095 -------------------- ------------- ANY 1 /1 VR-Mgmt peggy 4094 10.0.0.1 /8 -L----------- ANY 1 /2 VR-Default santaclara 4091 -------------------- ------------d ANY 0 /1 benton -------------------------------------------------------------------------------Flags : (C) EAPS Control vlan, (E) ESRP Enabled, (f) IP Forwarding Enabled, (i) ISIS Enabled, (I) IP Forwarding lpm-routing Enabled, (L) Loopback Enabled, (m) IPmc Forwarding Enabled, (n) IP Multinetting Enabled, (N) Network LogIn vlan, (o) OSPF Enabled, (p) PIM Enabled, (P) EAPS protected vlan, (r) RIP Enabled, (T) Member of STP Domain, (v) VRRP Enabled, (d) Dynamically created VLAN Total number of Vlan(s) : 5

The following is an example of the show vlan Default command:


VLAN Interface with name Default created by user Tagging: 802.1Q Tag 1 Priority: 802.1P Priority 0 Virtual router: VR-Default Primary IP: 10.0.0.1/8

ExtremeWare XOS 11.3 Command Reference

617

VLAN Commands
Secondary IPs: 12.0.0.5/8 IPv6: None STPD: s0(Disabled,Auto-bind) Protocol: Match all unfiltered protocols Loopback: Disable NetLogIn: Enabled Rate Shape: Disable QosProfile: QP1 Ports: 771. (Number of active ports=0) Untag: 3:2, 4:1, 4:2, 5:1, 5:2, 5:3, 5:4, 5:5, 5:6, 5:7, 5:8, 5:9, 5:10, 5:11, 5:12, 5:13, 5:14, 5:15, 5:16, 5:17, 5:18, 5:19, 5:20, 5:21, 5:22, 5:23, 5:24, 5:25, 5:26, 5:27, 5:28, 5:29, 5:30, 5:31, 5:32, 5:33, 5:34, 5:35, 5:36, 5:37, 5:38, 5:39, 5:40, 5:41, 5:42, 5:43, 5:44, 5:45, 5:46, 5:47, 5:48, 5:49, 5:50, 5:51, 5:52, 5:53, 5:54, 5:55, 5:56, 5:57, 5:58, 5:59, 5:60, 5:61, 5:62, 5:63, 5:64, 5:65, 5:66, 5:67, 5:68, 5:69, 5:70, 5:71, 5:72, 5:73, 5:74, 5:75, 5:76, 5:77, 5:78, 5:79, 5:80, 5:81, 5:82, 5:83, 5:84, 5:85, 5:86, 5:87, 5:88, Flags: (*) Active, (!) Disabled (g) Load Sharing port (b) Port blocked on the vlan, (a) Authenticated NetLogin port (u) Unauthenticated NetLogin port (m) MAC-based port

NOTE
The m flag for MAC-based port represents network login information; it is only supported on the BlackDiamond 8800 family of switches and the Summit X450 switch.

NOTE
The number of active ports line displays the number of ports presently in forwarding state on this VLAN.

The output for the show vlan detail command displays the same information for all VLANs configured on the switch.

NOTE
See Chapter 22 for information on adding secondary IP addresses to VLANs.

History
This command was first available in ExtremeWare XOS 10.1. The IPv6 information was added in ExtremeWare XOS 11.2. The netlogin information was added in ExtremeWare XOS 11.3.

618

ExtremeWare XOS 11.3 Command Reference

show vlan

Platform Availability
This command is available on all platforms. Information on MAC-based ports is available only on the Summit X450 switch and the BlackDiamond 8800 family of switches.

ExtremeWare XOS 11.3 Command Reference

619

VLAN Commands

show vman
show vman {<vlan_name> | etherType | detail}

Description
Displays VMAN information including configuration and Ethertype.

Syntax Description
vlan_name etherType detail Specifies information is displayed for particular VMAN. Specifies that Ethertype information is displayed for each VMAN. Specifies all information is displayed for each VMAN.

Default
Summary information for all VMANs on the device.

Usage Guidelines
None.

Example
The following is an example of the display from the show vman command:
------------------------------------------------------------------------------Name VID Protocol Addr Flags Proto Ports Virtual Active router /Total ------------------------------------------------------------------------------peggy 100 10.10.255.3 /24 f-----m-------- ANY 0 /0 VR-Defaul t ------------------------------------------------------------------------------Flags : (C) EAPS Control vlan, (E) ESRP Enabled, (f) IP Forwarding Enabled, (i) ISIS Enabled, (I) IP Forwarding lpm-routing Enabled, (L) Loopback Enabled, (m) IPmc Forwarding Enabled, (n) IP Multinetting Enabled, (N) Network LogIn vlan, (o) OSPF Enabled, (p) PIM Enabled, (P) EAPS protected vlan, (r) RIP Enabled, (T) Member of STP Domain, (v) VRRP Enabled Total number of Vlan(s) : 6

The following is an example of the display from the show vman <vlan_name> command:
VLAN Interface with name test created by user Tagging:Untagged (Internal tag 4090) Priority: 802.1P Priority 0 Virtual router: VR-Default Primary IP : 10.10.255.3/24

620

ExtremeWare XOS 11.3 Command Reference

show vman
IPv6: NONE STPD: None Protocol: Match all unfiltered protocols Loopback: Disable NetLogIn: Enabled Rate Shape: Disable QosProfile: QP1 Ports: 2. (Number of active ports=2) Flags: (*) Active, (!) Disabled (g) Load Sharing port Untag: *3:1 Tag: *3:2

The following is an example of the display from the show vman etherType command:
vMan EtherType: 0x88a8

The display from the show vman detail command shows all the information shown in the show vman <vlan_name> command, but displays information for all configured VMANs.

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

621

VLAN Commands

unconfigure vlan ipaddress


unconfigure vlan <vlan_name> ipaddress {<ipv6_address_mask>}

Description
Removes the IP address of the VLAN or a VMAN. With no parameters, the command removes the primary IPv4 address on the specified VLAN. Using the IPv6 parameters, you can remove specified IPv6 addresses from the specified VLAN.

Syntax Description
vlan_name ipv6_address_mask Specifies a VLAN name. Specifies an IPv6 address using the format of IPv6-address/prefix-length, where IPv6 is the 128-bit address and the prefix length specifies the number of leftmost bits that comprise the prefix.

Default
Removes the primary IPv4 address from the specified VLAN.

Usage Guidelines
If you do not specify any parameters, this command removes the primary IPv4 address from the VLAN. NOTE
With IPv6, you cannot remove the last link local IPv6 address until all global IPv6 addresses are removed.

Beginning with ExtremeWare XOS software version 11.3, you can use this command to unconfigure the IP address for a VMAN as well.

Example
The following command removes the primary IPv4 address from the VLAN accounting:
unconfigure vlan accounting ipaddress

The following command removes an IPv6 addresses from the VLAN finance:
unconfigure vlan finance ipaddress 3ffe::1

History
This command was first available in ExtremeWare XOS 10.1. The IPv6 parameters were added in ExtremeWare XOS 11.2.

622

ExtremeWare XOS 11.3 Command Reference

unconfigure vlan ipaddress

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

623

VLAN Commands

624

ExtremeWare XOS 11.3 Command Reference

10 Commands for Virtual Routers


This chapter describes commands for:

Creating and deleting virtual routers Configuring and managing virtual routers Displaying information about virtual routers

Virtual Routers
ExtremeWare XOS supports virtual routers. This capability allows a single physical switch to be split into multiple virtual routers. This feature separates the traffic forwarded by a virtual router from the traffic on a different virtual router. There are two types of virtual routers in an ExtremeWare XOS system:

System virtual routers These are the special virtual routers created by ExtremeWare XOS during system boot up, and they cannot be deleted or renamed. There are a total of three of these special virtual routers in the ExtremeWare XOS system.

User virtual routers These are the virtual routers created and named by users. NOTE

User virtual routers are supported only on the BlackDiamond 10K switch.

Each virtual router maintains a separate logical forwarding table, which allows the virtual routers to have overlapping address spaces. Because each virtual router maintains its own separate routing information, packets arriving on one virtual router will never be switched to another. With multiple virtual routers contained on a single physical switch, some commands in ExtremeWare XOS now require you to specify to which virtual router the command applies. For example, when you use the ping command, you must specify from which virtual router the ping packets are generated. Many commands that deal with switch management use the management virtual router by default.

NOTE
The term virtual router is also used with the Virtual Router Redundancy Protocol (VRRP). VRRP uses the term to refer to a single virtual router that spans more than one physical router, which allows multiple switches to provide redundant routing services to users.

ExtremeWare XOS 11.3 Command Reference

625

Commands for Virtual Routers

create virtual-router
create virtual-router <vr-name>

Description
Creates a user virtual router.

Syntax Description
vr-name Specifies the name of the user virtual router.

Default
N/A.

Usage Guidelines
This command creates a new user virtual router. The three default system virtual routers, VR-Mgmt, VR-Control, and VR-Default always exist and cannot be deleted or renamed. A virtual router is identified by a name (up to 32 characters long). The name must be unique among the VLAN and virtual router names on the switch. For backward compatibility, you cannot name a virtual router VR-0, VR-1, or VR-2, as they were the original names of the system virtual routers. Virtual router names are case insensitive. When a new virtual router is created, by default, no ports are assigned, no VLAN interface is created, and no support for any routing protocols is added.-

Example
The following command creates the virtual router vr-acme:
create virtual-router vr-acme

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

626

ExtremeWare XOS 11.3 Command Reference

configure vr add protocol

configure vr add protocol


configure vr <vr-name> add protocol <protocol-name>

Description
Starts the Layer 3 protocol on a virtual router.

Syntax Description
vr-name protocol-name Specifies the name of the virtual router. Specifies the layer 3 protocol.

Default
N/A.

Usage Guidelines
When a new virtual router is created, by default, no ports are assigned, no VLAN interface is created, and no support for any routing protocols is added. Use this command to start the layer 3 protocol specified on the virtual router. The choices for protocol-name are:

RIP OSPF BGP PIM

You cannot add or delete protocols from the system virtual routers, VR-Mgmt, VR-Control, VR-Default.

Example
The following command starts RIP on the virtual router vr-acme:
configure vr vr-acme add protocol rip

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

ExtremeWare XOS 11.3 Command Reference

627

Commands for Virtual Routers

configure vr add ports


configure vr <vr-name> add ports <portlist>

Description
Assigns a list of ports to the virtual router specified.

Syntax Description
vr-name portlist Specifies the name of the virtual router. Specifies the ports to add to the virtual router.

Default
By default, all ports are assigned to the virtual router, VR-Default.

Usage Guidelines
When a new virtual router is created, by default, no ports are assigned, no VLAN interface is created, and no support for any routing protocols is added. Use this command to assign ports to a virtual router. Since all ports are initially assigned to VR-Default, you may need to delete the desired ports first from the virtual router where they reside, before you add them to the desired virtual router.

Example
The following command adds all the ports on slot 2 to the virtual router vr-acme:
configure vr vr-acme add ports 2:*

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

628

ExtremeWare XOS 11.3 Command Reference

configure vr delete protocol

configure vr delete protocol


configure vr <vr-name> delete protocol <protocol-name>

Description
Stops and removes the layer 3 protocol on a virtual router.

Syntax Description
vr-name protocol-name Specifies the name of the virtual router. Specifies the layer 3 protocol.

Default
N/A.

Usage Guidelines
You cannot add or delete protocols from the system virtual routers, VR-Mgmt, VR-Control, VR-Default.

Example
The following command shutdowns and removes RIP from the virtual router vr-acme:
configure vr vr-acme delete protocol rip

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

ExtremeWare XOS 11.3 Command Reference

629

Commands for Virtual Routers

configure vr delete ports


configure vr <vr-name> delete ports <portlist>

Description
Removes a list of ports from the virtual router specified.

Syntax Description
vr-name portlist Specifies the name of the virtual router. Specifies the ports to remove from the virtual router.

Default
By default, all ports are assigned to the virtual router, VR-Default.

Usage Guidelines
When a new virtual router is created, by default, no ports are assigned, no VLAN interface is created, and no support for any routing protocols is added. Use this command to remove ports from a virtual router. Since all ports are initially assigned to VR-Default, you may need to delete the desired ports first from the virtual router where they reside, before you add them to the desired virtual router.

Example
The following command removes all the ports on slot 2 from the virtual router vr-acme:
configure vr vr-acme delete ports 2:*

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

630

ExtremeWare XOS 11.3 Command Reference

delete virtual-router

delete virtual-router
delete virtual-router <vr-name>

Description
Deletes a virtual router.

Syntax Description
vr-name Specifies the name of the virtual router.

Default
N/A.

Usage Guidelines
Only user virtual routers can be deleted. When a virtual router gets deleted, all of the VLANs in the virtual router will be deleted. All of the ports assigned to this virtual router will be deleted and made available to assign to other virtual routers. Any routing protocol that is running on the virtual router will be shutdown and deleted gracefully.

Example
The following command creates the virtual router vr-acme:
delete virtual-router vr-acme

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

ExtremeWare XOS 11.3 Command Reference

631

Commands for Virtual Routers

show virtual-router
show virtual-router {<vr-name>}

Description
Displays information about the virtual routers.

Syntax Description
vr-name Specifies the name of the virtual router.

Default
N/A.

Usage Guidelines
During system boot up, ExtremeWare XOS creates three system virtual routers: VR-Mgmt, VR-Control, and VR-Default (previous to release 11.0 these virtual routers were named VR-0, VR-1, and VR-2, respectively). The following defines each system virtual router:

The management port on both the primary and backup MSMs and the VLAN mgmt belong to VRMgmt. Internal system operations use VR-Control. The default VLAN belongs to VR-Default.

Beginning with release 11.0, you can create additional virtual routers, called user virtual routers. User virtual routers are created without any routing protocols, so the protocols must be added. The protocols on the system virtual routers are predefined and cannot be changed. The output displays, in tabular format, the:

Name of the virtual router Number of VLANs that belong to that virtual router Number of ports that belong to that virtual router Which routing protocols have been added to that virtual router

When you specify a particular virtual router, the output displays:


The number of ports A list of ports The protocols configured The name of the process supporting the protocol on that virtual router

632

ExtremeWare XOS 11.3 Command Reference

show virtual-router

Example
The following command displays the virtual router configurations on the switch:
show virtual-router

The following is sample output from this command:


--------------------------------------------------------Virtual Router Number of Number of Flags Vlans Ports --------------------------------------------------------VR-Control 0 0 ---VR-Default 4 776 bopr VR-Mgmt 1 0 -----------------------------------------------------------Flags : Routing protocols configured on the virtual router (b) BGP, (o) OSPF, (r) RIP, (p) PIM

The following command displays the virtual router helix:


show virtual-router helix

The following is sample output from this command:


Virtual router : helix No of ports : 2 Port List : 3:1-2 Protocols Configured: Protocol: BGP, Process Name: bgp-4 Protocol: RIP, Process Name: rip-4

History
A command similar to this command was available in ExtremeWare XOS 10.1 (show vr). This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

ExtremeWare XOS 11.3 Command Reference

633

Commands for Virtual Routers

virtual-router
virtual-router {<vr-name>}

Description
Changes the virtual router domain context.

Syntax Description
vr-name Specifies the name of the virtual router.

Default
N/A.

Usage Guidelines
Use this command to change the virtual router context for subsequent commands. When you issue the command, the prompt changes to reflect the virtual router domain. Configuration commands for layer 3 routing protocols, creating VLANs, and deleting VLANs apply only to the current virtual router domain. Under a virtual router configuration domain, any virtual router commands are applied only to that virtual router. The virtual router commands consist of all the BGP, OSPF, PIM and RIP commands, and the commands listed in Table 18.

Table 18: Virtual router commands


[enable | disable] ipforwarding clear iparp * clear counters iparp * configure iparp * configure iparp [add | delete] * [enable | disable] iparp * show iparp * configure iproute [add | delete] * show iproute * show ipstats * rtlookup create [vlan | vman] <vlan-name> [enable | disable] igmp [enable | disable] igmp snooping [enable | disable] ipmcforwarding show igmp

634

ExtremeWare XOS 11.3 Command Reference

virtual-router

show igmp snooping show igmp group show igmp snooping cache

* means that other commands are available with these listed. The virtual router configuration domain simplifies configuration because you do not have to specify the virtual router for each individual protocol configuration command. The current configuration domain is indicated in the command line interface (CLI) prompt. For example, if you wish to configure OSPF for the user virtual router vr-manufacturing, you would change the virtual router context to that of vr-manufacturing. All the subsequent OSPF commands would apply to that virtual router, unless the context is changed again. A virtual router is identified by a name (up to 32 characters long). The name must be unique among the VLAN and virtual router names on the switch. For backward compatibility, you cannot name a virtual router VR-0, VR-1, or VR-2. Virtual router names are case insensitive. When a new virtual router is created, by default, no ports are assigned, no VLAN interface is created, and no support for any routing protocols is added.

Example
The following command changes the virtual router context to vr-acme:
virtual-router vr-acme

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

ExtremeWare XOS 11.3 Command Reference

635

Commands for Virtual Routers

636

ExtremeWare XOS 11.3 Command Reference

11 FDB Commands
This chapter describes commands for:

Configuring FDB entries Displaying FDB entries

The switch maintains a database of all media access control (MAC) addresses received on all of its ports. It uses the information in this database to decide whether a frame should be forwarded or filtered. Each FDB entry consists of the MAC address of the device, an identifier for the port on which it was received, and an identifier for the VLAN to which the device belongs. Frames destined for devices that are not in the FDB are flooded to all members of the VLAN. The FDB has three types of entries:

Dynamic entriesInitially, all entries in the database are dynamic. Entries in the database are removed (aged-out) if, after a period of time (aging time), the device has not transmitted. This prevents the database from becoming full of obsolete entries by ensuring that when a device is removed from the network, its entry is deleted from the database. Dynamic entries are deleted from the database if the switch is reset or a power off/on cycle occurs. Static entriesIf the aging time is set to zero, all aging entries in the database are defined as static, nonaging entries. This means that they do not age, but they are still deleted if the switch is reset. Permanent entriesPermanent entries are retained in the database if the switch is reset or a power off/on cycle occurs. The system administrator must create permanent entries. A permanent entry can either be a unicast or multicast MAC address. All entries entered through the command line interface (CLI) are stored as permanent.

Entries are added into the FDB in the following two ways:

The switch can learn entries. The system updates its FDB with the source MAC address from a packet, the VLAN, and the port identifier on which the source packet is received. You can enter and update entries using the CLI.

ExtremeWare XOS 11.3 Command Reference

637

FDB Commands

clear fdb
clear fdb {<mac_addr> | ports <port_list> | <vlan_name> | blackhole}

Description
Clears dynamic FDB entries that match the filter.

Syntax Description
mac_addr port_list vlan_name blackhole Specifies a MAC address, using colon-separated bytes. Specifies one or more ports or slots and ports. Specifies a VLAN name. Specifies the blackhole entries.

Default
Clears all dynamic FDB entries.

Usage Guidelines
This command clears FDB entries based on the specified criteria. When no options are specified, the command clears all dynamic FDB entries.

Example
The following command clears any FDB entries associated with ports 4:3-4:5 on a modular switch:
clear fdb ports 4:3-4:5

The following command clears any FDB entries associated with VLAN corporate:
clear fdb vlan corporate

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

638

ExtremeWare XOS 11.3 Command Reference

configure fdb agingtime

configure fdb agingtime


configure fdb agingtime <seconds>

Description
Configures the FDB aging time for dynamic entries.

Syntax Description
seconds Specifies the aging time in seconds. Range is 15 through 1,000,000. A value of 0 indicates that the entry should never be aged out.

Default
300 seconds.

Usage Guidelines
The range is 15 through 1,000,000 seconds. If the aging time is set to zero, all aging entries in the database are defined as static, nonaging entries. This means that they do not age out, but non-permanent static entries can be deleted if the switch is reset. The software flushes the FDB table once the aging timeout parameter is reached, even if the switch is running traffic and populating addresses in the FDB table.

Example
The following command sets the FDB aging time to 3,000 seconds:
configure fdb agingtime 3000

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

639

FDB Commands

create fdbentry vlan ports


create fdbentry <mac_addr> vlan <vlan_name> ports <port_list>

Description
Creates a permanent static FDB entry, and optionally associates it with an ingress and/or egress QoS profile.

Syntax Description
mac_addr vlan_name port_list Specifies a device MAC address, using colon-separated bytes. Specifies a VLAN name associated with a MAC address. Specifies one or more ports or slots and ports associated with the MAC address.

Default
N/A.

Usage Guidelines
Permanent entries are retained in the database if the switch is reset or a power off/on cycle occurs. A permanent static entry can either be a unicast or multicast MAC address. After they have been created, permanent static entries stay the same as when they were created. If the same MAC address is encountered on another virtual port that is not included in the permanent MAC entry, it is handled as a blackhole entry. The static entry is not updated when any of the following take place:

A VLAN identifier (VLANid) is changed. A port is disabled. A port enters blocking state. A port goes down (link down).

A permanent static FDB entry is deleted when any of the following take place:

A VLAN is deleted. A port mode is changed (tagged/untagged). A port is deleted from a VLAN.

Permanent static entries are designated by spm in the flags field of the show fdb output. You can use the show fdb command to display permanent FDB entries. BlackDiamond 8800 family of switches and Summit X450 switch only. Beginning with ExtremeWare XOS version 11.3, you can create FDB entries to multicast MAC addresses and list one or more ports. If more than one port number is associated with a permanent MAC entry, packets are multicast to the multiple destinations. The following restrictions apply:

Not available for unicast MAC addresses.

640

ExtremeWare XOS 11.3 Command Reference

create fdbentry vlan ports

IGMP snooping rules take precedence over static multicast MAC addresses in the IP multicast range (01:00:5e:xx:xx:xx) unless IGMP snooping is disabled.

Example
The following command adds a permanent, static entry to the FDB for MAC address is 00 E0 2B 12 34 56, in VLAN marketing on slot 2, port 4 on a modular switch:
create fdbentry 00:E0:2B:12:34:56 vlan marketing port 2:4

The following example creates a multicast FDB entry, in VLAN black, on slot 1, ports 1, 2, and 4, on the BlackDiamond 8800 family of switches:
create fdbentry 01:00:00:00:00:01 vlan black port 1:1, 1:2, 1:4

History
This command was first available in ExtremeWare XOS 10.1. The ability to create a multicast FDB with multiple entry ports was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

641

FDB Commands

delete fdbentry
delete fdbentry [all | <mac_address> [vlan <vlan name>]

Description
Deletes one or all permanent FDB entries.

Syntax Description
all mac_address vlan vlan_name Specifies all FDB entries. Specifies a device MAC address, using colon-separated bytes. Specifies a VLAN. Specifies the specific VLAN name.

Default
N/A.

Usage Guidelines
None.

Example
The following example deletes a permanent entry from the FDB:
delete fdbentry 00:E0:2B:12:34:56 vlan marketing

The following example deletes all permanent entries from the FDB:
delete fdbentry all

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

642

ExtremeWare XOS 11.3 Command Reference

disable flooding port

disable flooding port


disable flooding [all_cast | broadcast | multicast | unicast] port [<port_list> | all]

Description
Disables egress flooding on one or more ports. With the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch, you can further identify the type of packets to block flooding on the specified ports. With the BlackDiamond 10K switch, you can only block flooding all packets or no packets.

Syntax Description
all_cast broadcast Specifies disabling egress flooding for all packets on specified ports. Specifies disabling egress flooding only for broadcast packets. NOTE: This parameter is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch. multicast Specifies disabling egress flooding only for multicast packets. NOTE: This parameter is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch. unicast Specifies disabling egress flooding only for unicast packets. NOTE: This parameter is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch. port_list all Specifies one or more ports or slots and ports. Specifies all ports on the switch.

Default
Enabled for all packets.

Usage Guidelines
NOTE
If an application requests specific packets on a specific port, those packets are not affected by the disable flooding port command.

Use this command to enhance security and privacy and to improve network performance by disabling Layer 2, or egress, flooding on some packets. This is particularly useful when you are working on an edge device in the network. Limiting flooded egress packets to selected interfaces is also known as upstream forwarding

NOTE
Disabling egress flooding with static MAC addresses can affect many protocols, such as IP and ARP among others.

ExtremeWare XOS 11.3 Command Reference

643

FDB Commands The following guidelines apply to enabling and disabling egress flooding:

Disabling multicasting egress flooding does not affect those packets within an IGMP membership group at all; those packets are still forwarded out. If IGMP snooping is disabled, multicast packets are not flooded. Egress flooding can be disabled on ports that are in a load-sharing group. If that is the situation, the ports in the group take on the egress flooding state of the master port; each member port of the loadsharing group has the same state as the master port. FDB learning is independent of egress flooding; either can be enabled or disabled independently. Disabling unicast (or all) egress flooding to a port also stops packets with unknown MAC addresses to be flooded to that port. Disabling broadcast (or all) egress flooding to a port also stops broadcast packets to be flooded to that port.

BlackDiamond 8800 family of switches and Summit X450 switch only. You can disable egress flooding for unicast, multicast, or broadcast MAC addresses, as well as for all packets on the ports of the BlackDiamond 8800 family of switches or the Summit X450 switch. BlackDiamond 10K switch only. You must disable egress flooding on all packets on the specified port or ports. You cannot specify broadcast, unicast, or multicast packets; the egress flooding command applies to all packets. NOTE
When you disable egress flooding on the BlackDiamond 10K switch, you also turn off broadcasting.

Example
The following command disables egress flooding on slot 4, ports 5 and 6 on a BlackDiamond 10K switch:
disable flooding all_cast port 4:5-4:6

The following command disables unicast flooding on ports 10-12 on a Summit X450 switch:
disable flooding unicast port 10-27

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

644

ExtremeWare XOS 11.3 Command Reference

enable flooding port

enable flooding port


enable flooding [all_cast | broadcast | multicast | unicast] port [<port_list> | all]

Description
Enables egress flooding on one or more ports. With the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch, you can further identify the type of packets to flood on the specified ports. With the BlackDiamond 10K switch, you can only flood all packets or no packets.

Syntax Description
all_cast broadcast Specifies enabling egress flooding for all packets on specified ports. Specifies enabling egress flooding only for broadcast packets. NOTE: This parameter is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch. multicast Specifies enabling egress flooding only for multicast packets. NOTE: This parameter is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch. unicast Specifies enabling egress flooding only for unicast packets. NOTE: This parameter is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch. port_list all Specifies one or more ports or slots and ports. Specifies all ports on the switch.

Default
Enabled for all packets.

Usage Guidelines
Use this command to enhance security and privacy and to improve network performance by disabling Layer 2, or egress, flooding on some packets. This is particularly useful when you are working on an edge device in the network. Limiting flooded egress packets to selected interfaces is also known as upstream forwarding NOTE
Disabling egress flooding with static MAC addresses can affect many protocols, such as IP and ARP among others.

The following guidelines apply to enabling and disabling egress flooding:

Disabling multicasting egress flooding does not affect those packets within an IGMP membership group at all; those packets are still forwarded out. If IGMP snooping is disabled, multicast packets are not flooded.

ExtremeWare XOS 11.3 Command Reference

645

FDB Commands

Egress flooding can be disabled on ports that are in a load-sharing group. If that is the situation, the ports in the group take on the egress flooding state of the master port; each member port of the loadsharing group has the same state as the master port. FDB learning is independent of egress flooding; either can be enabled or disabled independently. Disabling unicast (or all) egress flooding to a port also stops packets with unknown MAC addresses to be flooded to that port. Disabling broadcast (or all) egress flooding to a port also stops broadcast packets to be flooded to that port.

BlackDiamond 8800 family of switches (formerly known as Aspen) and Summit X450 switch only. You can enable egress flooding for unicast, multicast, or broadcast MAC addresses, as well as for all packets on the ports of the BlackDiamond 8800 family of switches or the Summit X450 switch. BlackDiamond 10K switch only. You must enable egress flooding on all packets on the specified port or ports. You cannot specify broadcast, unicast, or multicast packets; the egress flooding command applies to all packets.

Example
The following command enables egress flooding on slot 1, ports 1 and 2 on a BlackDiamond 10K switch:
enable flooding all_cast port 1:1-1:2

The following command enables unicast flooding on ports 13-17 on a Summit X450 switch:
enable flooding unicast port 13-17

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

646

ExtremeWare XOS 11.3 Command Reference

show fdb

show fdb
show fdb {<mac_addr> {netlogin [all | mac-based]}| permanent {netlogin [all | mac-based]} | ports <port_list> {netlogin [all | mac-based]}| vlan <vlan_name> {netlogin [all | mac-based]} | stats | netlogin {all | macbased]}}

Description
Displays FDB entries.

Syntax Description
mac_addr netlogin Specifies a MAC address, using colon-separated bytes, for which FDB entries should be displayed. Displays all FDBs created as a result of the netlogin process: you can display all of these entries or just the netlogin MAC-based VLAN FDB entries. NOTE: This parameter applies only for the Summit X450 switch and the BlackDiamond 8800 family of switches. See Chapter 16 for more information on netlogin. permanent permanent permanent port_list vlan_name stats Displays all permanent entries, including the ingress and egress QoS profiles. Displays all permanent entries, including the ingress and egress QoS profiles. Displays all permanent entries, including the ingress and egress QoS profiles. Displays the entries for one or more ports or ports and slots. Displays the entries for a specific VLAN. Displays the number of static, permanent, dynamic, and dropped FDB entries, as well as the FDB aging time.

Default
All.

Usage Guidelines
Displays FDB entries as specified, or displays all FDB entries. The show output displays the following information:
Index Mac Vlan Age The FDB hash index, in the format <bucket>-<entry>. The MAC address that defines the entry. The VLAN for the entry. The age of the entry, in seconds (does not appear if the keyword permanent is specified). The age parameter does not display for the backup MSM on modular switches. The number of IP FDB entries that use this MAC address as a next hop or last hop (does not appear if the keyword permanent is specified).

Use

ExtremeWare XOS 11.3 Command Reference

647

FDB Commands

Flags

Flags that define the type of entry: B - Egress Blackhole b - Ingress Blackhole d - Dynamic s - Static p - Permanent m - MAC n - NetLogin (only on the Summit X450 switch and the BlackDiamond 8800 family of switches) l - lockdown MAC M - Mirror i - an entry also exists in the IP FDB x - an entry also exists in the IPX FDBs v - NetLogin MAC-Based VLAN (only on the Summit X450 switch and the BlackDiamond 8800 family of switches)

Port List

The ports on which the MAC address has been learned

Example
The following command displays information about all the entries in the FDB:
show fdb

It produces output similar to the following:


Mac Vlan Age Use Flags Port List -----------------------------------------------------------------------------------00:a0:23:12:34:56 peggy(4094) 0000 0000 spm 5:11 Flags : d - Dynamic, s - Static, p - Permanent, n - NetLongi, m - MAC, i - IP, x - IPX, l - lockdown MAC, M - Mirror, B - Egress Blackhole, b - Ingress Blackhole, v - MAC-based VLAN Total: 1 Static: 1 Perm: 1 Dyn: 0 Dropped: 0 FDB Aging time: 300

History
This command was first available in ExtremeWare XOS 10.1. The stats and netlogin parameters were first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

648

ExtremeWare XOS 11.3 Command Reference

12 Policy Manager Commands


This chapter describes commands for:

Creating and configuring policy files for IP access lists (ACLs) Creating and configuring policy files for routing policies

Policies are a generalized category of features that impact forwarding and route forwarding decisions. Access policies are used primarily for security and quality of service (QoS) purposes. IP access lists (also referred to as Access Lists or ACLs) consist of IP access rules and are used to perform packet filtering and forwarding decisions on traffic traversing the switch. Each packet on an interface is compared to the access list in sequential order and is either forwarded to a specified QoS profile or dropped. Additionally, for the BlackDiamond 8800 family and Summit X450 switches only, packets can be metered using ACLs. Using access lists has no impact on switch performance. Access lists are typically applied to traffic that crosses layer 3 router boundaries, but it is possible to use access lists within a layer 2 VLAN. Extreme products are capable of performing this function with no additional configuration. Routing policies are used to control the advertisement or recognition of routes from routing protocols, such as RIP, OSPF, or BGP. Routing policies can be used to hide entire networks or to trust only specific sources for routes or ranges of routes. The capabilities of routing policies are specific to the type of routing protocol involved, but are sometimes more efficient and easier to implement than access lists.

NOTE
Although ExtremeWare XOS does not prohibit mixing ACL and routing type entries in a policy file, it is strongly recommended that you do not mix the entries, and you use separate policy files for ACL and routing policies.

ExtremeWare XOS 11.3 Command Reference

649

Policy Manager Commands

check policy
check policy <policy-name>

Description
Checks the syntax of the specified policy.

Syntax Description
policy-name Specifies the policy to check.

Default
N/A.

Usage Guidelines
Use this command to check the policy syntax before applying it. If any errors are found, the line number and a description of the syntax error are displayed. A policy that contains syntax errors will not be applied. This command can only determine if the syntax of the policy file is correct and can be loaded into the policy manager database. Since a policy can be used by multiple applications, a particular application may have additional constraints on allowable policies.

Example
The following example checks the syntax of the policy zone5:
check policy zone5

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

650

ExtremeWare XOS 11.3 Command Reference

check policy attribute

check policy attribute


check policy attribute {<attr>}

Description
Displays the syntax of the specified policy attribute.

Syntax Description
attr Specifies the attribute check.

Default
N/A.

Usage Guidelines
Use this command to display the syntax of policy attributes. The command displays any additional keywords to use with this attribute, and the types of values expected. Policy attributes are used in the rule entries that make up a policy file. For each attribute, this command displays which applications use the attribute, and whether the attribute is a match condition or a set (action, action modifier) condition. The current applications are:

ACLaccess-lists RTrouting profiles, route maps CLFCLEAR-Flow

The syntax display does not show the text synonyms for numeric entries. For example, the icmp-type match condition allows you to specify either an integer or a text synonym for the condition. Specifying icmp-type 8 or icmp-type echo-request are equivalent, but the syntax display shows only the numberic option.

NOTE
The syntax displayed is used by the policy manager to verify the syntax of policy files. The individual applications are responsible for implementing the individual attributes. Inclusion of a particular policy attribute in this command output does not imply that the attribute has been implemented by the application. See the documentation of the particular application for detailed lists of supported attributes.

Example
The following example displays the syntax of the policy attribute icmp-type:
check policy attribute icmp-type

ExtremeWare XOS 11.3 Command Reference

651

Policy Manager Commands The following is sample output for this command:
( match ) ( ACL ) icmp-type <uint32 val>

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

652

ExtremeWare XOS 11.3 Command Reference

edit policy

edit policy
edit policy <filename>

Description
Edits a policy text file.

Syntax Description
filename Specifies the filename of the policy text file.

Default
N/A.

Usage Guidelines
This command edits policy text files that are on the switch. All policy files use .pol as the filename extension, so to edit the text file for the policy boundary use boundary.pol as the filename. If you specify the name of a file that does not exist, you will be informed and the file will be created. This command spawns a VI-like editor to edit the named file. For information on using VI, if you are not familiar with it, do a web search for VI editor basic information, and you should find many resources. The following is only a short introduction to the editor. Edit operates in one of two modes; command and input. When a file first opens, you are in the command mode. To write in the file, use the keyboard arrow keys to position your cursor within the file, then press one of the following keys to enter input mode:

i - To insert text ahead of the initial cursor position a- To append text after the initial cursor position

To escape the input mode and return to the command mode, press the Escape key. There are several commands that can be used from the command mode. The following are the most commonly used:

dd - To delete the current line yy - To copy the current line p - To paste the line copied :w - To write (save) the file :q - To quit the file if no changes were made :q! - To forcefully quit the file without saving changes :wq - To write and quit the file

Refresh Policy. After you have edited the text file for a policy that is currently active, you will need to refresh the policy if you want the changes to be reflected in the policy database. When you refresh the

ExtremeWare XOS 11.3 Command Reference

653

Policy Manager Commands policy, the text file is read, the syntax is checked, the policy information is added to the policy manager database, and the policy then takes effect. Use the following command to refresh a policy:
refresh policy <policy-name>

If you just want to check to be sure the policy contains no syntax errors, use the following command:
check policy <policy-name>

Example
The following command allows you to begin editing the text file for the policy boundary:
edit policy boundary.pol

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

654

ExtremeWare XOS 11.3 Command Reference

refresh policy

refresh policy
refresh policy <policy-name>

Description
Refreshes the specified policy.

Syntax Description
policy-name Specifies the policy to refresh.

Default
N/A.

Usage Guidelines
Use this command when a new policy file for a currently active policy has been downloaded to the switch, or when the policy file for an active policy has been edited. This command reprocesses the text file and updates the policy database. If you attempt to refresh a policy that is not currently active, you will receive an error message. For an ACL policy, the command is rejected if there is a configuration error or hardware resources are not available.

Example
The following example refreshes the policy zone5:
refresh policy zone5

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

655

Policy Manager Commands

show policy
show policy {<policy-name> | detail}

Description
Displays the specified policy.

Syntax Description
policy-name detail Specifies the policy to display. Show the policy in detail.

Default
If no policy name is specified, all policies are shown

Usage Guidelines
Use this command to display which clients are using the specified policy. The detail option displays the rules that make up the policy.

Example
The following example displays the policy zone5:
show policy zone5

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

656

ExtremeWare XOS 11.3 Command Reference

13 ACL Commands
This chapter describes commands for:

Creating and configuring IP access lists (ACLs)

IP access lists (also referred to as Access Lists or ACLs) consist of IP access rules and are used to perform packet filtering and forwarding decisions on traffic traversing the switch. Each packet on an interface is compared to the access list in sequential order and is either forwarded to a specified QoS profile or dropped. Additionally, for the BlackDiamond 8800 family and Summit X450 switches only, packets can be metered using ACLs. Using access lists has no impact on switch performance. Access lists are typically applied to traffic that crosses layer 3 router boundaries, but it is possible to use access lists within a layer 2 VLAN. Extreme products are capable of performing this function with no additional configuration.

NOTE
Although ExtremeWare XOS does not prohibit mixing ACL and routing type entries in a policy file, it is strongly recommended that you do not mix the entries, and you use separate policy files for ACL and routing policies.

ExtremeWare XOS 11.3 Command Reference

657

ACL Commands

clear access-list counter


clear access-list {dynamic} counter {<countername>} {any | ports <portlist> | vlan <vlanname>} {ingress | egress}

Description
Clears the specified access list counters.

Syntax Description
dynamic countername any portlist vlanname ingress egress Specifies that the counter is from a dynamic ACL. Specifies the ACL counter to clear. Specifies the wildcard ACL. Specifies to clear the counters on these ports. Specifies to clear the counters on the VLAN. Clear the ACL counter for packets entering the switch on this interface. Clear the ACL counter for packets leaving the switch from this interface (BlackDiamond 10K only).

Default
The default direction is ingress; the default ACL type is non-dynamic.

Usage Guidelines
Use this command to clear the ACL counters. If you do not specify an interface, or the any option, you will clear all the counters.

Example
The following example clears all the counters of the ACL on port 2:1:
clear access-list counter port 2:1

The following example clears the counter counter2 of the ACL on port 2:1
clear access-list counter counter2 port 2:1

History
This command was available in ExtremeWare XOS 10.1. The VLAN option was first available in ExtremeWare XOS 11.0 The egress and dynamic options were first available in ExtremeWare XOS 11.3

658

ExtremeWare XOS 11.3 Command Reference

clear access-list counter

Platform Availability
This command is available on all platforms. The egress option is available on BlackDiamond 10K switches only.

ExtremeWare XOS 11.3 Command Reference

659

ACL Commands

clear access-list meter


clear access-list meter {<metername>} [any | ports <portlist> | vlan <vlanname>]

Description
Clears the specified access list meters.

Syntax Description
metername portlist vlanname Specifies the ACL meter to clear. Specifies to clear the counters on these ports. Specifies to clear the counters on the VLAN.

Default
N/A.

Usage Guidelines
Use this command to clear the out-of-profile counters associated with the meter configuration.

Example
The following example clears all the out-of-profile counters for the meters of the ACL on port 2:1:
clear access-list meter port 2:1

The following example clears the out-of-profile counters for the meter meter2 of the ACL on port 2:1
clear access-list meter meter2 port 2:1

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family and Summit X450 switches.

660

ExtremeWare XOS 11.3 Command Reference

configure access-list

configure access-list
configure access-list <aclname> [any | ports <portlist> | vlan <vlanname>] {ingress | egress}

Description
Configures an access list to the specified interface.

Syntax Description
aclname any portlist vlanname ingress egress Specifies the ACL name. The name can be from 1-32 characters long. Specifies that this ACL is applied to all interfaces as the lowest precedence ACL. Specifies the ports on which this ACL is applied. Specifies the VLAN on which this ACL is applied. Apply the ACL to packets entering the switch on this interface. Apply the ACL to packets leaving the switch from this interface (BlackDiamond 10K only).

Default
The default direction is ingress.

Usage Guidelines
The access list applied in this command is contained in a text file created either externally to the switch or using the edit policy command. The file is transferred to the switch using TFTP before it is applied to the ports. The ACL name is the file name without its .pol extension. For example, the ACL blocknetfour would be in the file blocknetfour.pol. For more information on policy files, see the ExtremeWare XOS Concepts Guide. Specifying the keyword any applies the ACL to all the ports, and is referred to as the wildcard ACL. This ACL is evaluated for ports without a specific ACL applied to it, and is also applied to packets that do not match the ACL applied to the interface.

Example
The following command configures the ACL test to port 1:2 at ingress:
configure access-list test ports 1:2

The following command configures the ACL mydefault as the wildcard ACL:
configure access-list mydefault any

The following command configures the ACL border as the wildcard egress ACL:
configure access-list border any egress

ExtremeWare XOS 11.3 Command Reference

661

ACL Commands

History
This command was available in ExtremeWare XOS 10.1. The VLAN option was first available in ExtremeWare XOS 11.0 The egress options was first available in ExtremeWare XOS 11.3

Platform Availability
This command is available on all platforms. The egress option is available on BlackDiamond 10K switches only.

662

ExtremeWare XOS 11.3 Command Reference

configure access-list add

configure access-list add


configure access-list add <dynamic_rule> [after <rule> | before <rule> | first | last][any | ports <portlist> | vlan <vlanname>] {ingress | egress}

Description
Configures a dynamic ACL rule to the specified interface.

Syntax Description
dynamic_rule after <rule> before <rule> first last any portlist vlanname ingress egress Specifies a dynamic ACL rule. Add the new dynamic rule after an existing dynamic rule. Add the new dynamic rule before an existing dynamic rule. Add the new dynamic rule before all existing dynamic rules. Add the new dynamic rule after all existing dynamic rules. Specifies that this ACL is applied to all interfaces as the lowest precedence dynamic ACL. Specifies the ports on which this ACL is applied. Specifies the VLAN on which this ACL is applied. Apply the ACL to packets entering the switch on this interface. Apply the ACL to packets leaving the switch from this interface (BlackDiamond 10K only).

Default
The default direction is ingress.

Usage Guidelines
The dynamic rule must first be created before it can be applied to an interface. Use the following command to create a dynamic rule:
create access-list <dynamic-rule> <conditions> <actions>

When a dynamic ACL rule is applied to an interface, you will specify its precedence among any previously applied dynamic ACLs. All dynamic ACLs have a higher precedence than any ACLs applied through ACL policy files. Specifying the keyword any applies the ACL to all the ports, and is referred to as the wildcard ACL. This ACL is evaluated for ports without a specific ACL applied to it, and is also applied to packets that do not match the ACL applied to the interface.

Example
The following command applies the dynamic ACL icmp-echo as the first (highest precedence) dynamic ACL to port 1:2 at ingress:

ExtremeWare XOS 11.3 Command Reference

663

ACL Commands
configure access-list add icmp-echo first ports 1:2

The following command applies the dynamic ACL udpdacl to port 1:2, with a higher precedence than rule icmp-echo:
configure access-list add udpacl before icmp-echo ports 1:2

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms. The egress option is available on BlackDiamond 10K switches only.

664

ExtremeWare XOS 11.3 Command Reference

configure access-list delete

configure access-list delete


configure access-list delete <ruleName> [all | any | ports <portlist> | vlan <vlanname>] {ingress | egress}

Description
Removes a dynamic ACL rule from the specified interface.

Syntax Description
ruleName all any portlist vlanname ingress egress Specifies a dynamic ACL rule. Delete this ACL from all interfaces. Delete this ACL as the wildcard ACL. Specifies the ports on which this ACL is deleted. Specifies the VLAN on which this ACL is deleted. Delete the ACL for packets entering the switch on this interface. Delete the ACL for packets leaving the switch from this interface (BlackDiamond 10K only).

Default
The default direction is ingress.

Usage Guidelines
Specifying the keyword all removes the ACL from all interfaces it is used on.

Example
The following command removes the dynamic ACL icmp-echo from the port 1:2:
configure access-list delete icmp-echo ports 1:2

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms. The egress option is available on BlackDiamond 10K switches only.

ExtremeWare XOS 11.3 Command Reference

665

ACL Commands

configure ipv6acl address-mask


configure ipv6acl address-mask [destination <ipv6_address> | source <ipv6_address>]

Description
Configures an address mask for IPv6 ACL matching.

Syntax Description
destination <ipv6_address> source <ipv6_address> Specifies the destination address mask. Mask must ignore 32 bits of the address. Specifies the source address mask.Mask must ignore 32 bits of the address.

Default
The default address mask for both destination and source is 0:ffff:ffff:ffff:0:ffff:ffff:ffff.

Usage Guidelines
The BlackDiamond 10K uses address masks for matching the 128-bit IPv6 addresses in ACLs. The default mask is 0:ffff:ffff:ffff:0:ffff:ffff:ffff, so for purposes of ACL matching the BlackDiamond 10K ignores the bits 1 through 16 and 65 through 80 (counting the highest-order bit as bit 1). There is a separate mask for the IPv6 source and IPv6 destination address. You can change the masks used for ACL matching, but the change will not take effect until you reboot the switch.

Example
The following command configures the source IPv6 mask:
configure ipv6acl address-mask source ff00:ffff:ffff:00ff:0:ffff:ffff:ffff

History
This command was available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on the BlackDiamond 10K platform only.

666

ExtremeWare XOS 11.3 Command Reference

configure meter

configure meter
configure meter <metername> {max-burst-size <burst-size> [Gb | Kb | Mb]} {committed-rate <cir-rate> [Gbps | Mbps | Kbps]} {out-actions [drop | setdrop-precedence {dscp [none | <dscp-value>]}}

Description
Configures an ACL meter.

Syntax Description
metername max-burst-size committed-rate out-actions drop set-drop-precedence dscp none Specifies the ACL meter name. Specifies the maximum burst size. Specifies the committed rate. Specifies actions to take if traffic exceeds the profile. Specifies to drop out of profile traffic. Specifies to mark packet for high drop precedence. Specifies to set DSCP. Specifies to leave the DSCP value unchanged.

Default
By default, a newly committed meter has no maximum burst size, no committed rate, and a default action of drop.

Usage Guidelines
The ACL meter configured with this command will be associated with an ACL by specifying the meter name in the action modifier field of the ACL entry. The deny keyword should not be an action for the ACL, or the packet will be dropped regardless of the metering state. The committed-rate keyword specifies the traffic rate allowed for this meter. The committed traffic rate may be specified in Kbps, Mbps, or Gbps. The committed-rate parameter range is 64Kbps to 1 Gbps for GE ports and 1 Mbps to 10 Gbps for 10GE ports. The max-burst-size keyword specifies the maximum number of consecutive bits that are allowed to be in-profile at wire-speed. The burst-size parameter may be specified in Kb, Mb, or Gb. The specified burst-size will be rounded down to the nearest supported size. For GE ports, the burst sizes are rounded down to the nearest 32Kb, 64Kb, 128Kb, 256Kb, 512Kb, 1Mb, 2Mb, 4Mb, and additionally 8Mb, 16Mb, 32Mb, 64Mb, 128Mb, 256Mb, 512Mb, or 1Gb for 10 GE ports. The keyword out-actions specifies the action that is taken when a packet is out-of-profile. The supported actions include dropping the packet, marking the drop precedence for the packet, or setting the DSCP value in the packet. The keyword drop indicates that any out-of-profile packet is immediately dropped. The keyword set-drop-precedence marks out-of-profile packets with high drop precedence. If the optional keyword set-dscp is specified, the DSCP value, as specified by the parameter dscpvalue, is written into the out-of-profile packet. Setting the DSCP value to none leaves the DSCP value in the packet unchanged.

ExtremeWare XOS 11.3 Command Reference

667

ACL Commands

Example
The following command configures the ACL meter maximum_bandwidth, assigns it a rate of 10 Mbps, and sets the out of profile action to drop:
configure meter maximum_bandwidth committed-rate 10 Mbps out-action drop

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family and Summit X450 switches.

668

ExtremeWare XOS 11.3 Command Reference

create access-list

create access-list
create access-list <dynamic-rule> <conditions> <actions>

Description
Creates a dynamic ACL

Syntax Description
dynamic-rule conditions actions Specifies the dynamic ACL name. The name can be from 1-32 characters long. Specifies the match conditions for the dynamic ACL. Specifies the actions for the dynamic ACLs.

Default
N/A.

Usage Guidelines
This command creates a dynamic ACL rule. Use the configure access-list add command to apply the ACL to an interface. The conditions parameter is a quoted string of match conditions, and the actions parameter is a quoted string of actions. Multiple match conditions or actions are separated by semi-colons. A complete listing of the match conditions and actions is in the ExtremeWare XOS Concepts Guide, in Chapter 13, Access Lists (ACLs). Dynamic ACL rule names must be unique, but can be the same as used in a policy-file based ACL. Any dynamic rule counter names must be unique.

Example
The following command creates a dynamic ACL that drops all ICMP echo-request packets on the interface:
create access-list icmp-echo protocol icmp;icmp-type echo-request deny

The created dynamic ACL will take effect after it has been configured on the interface. The previous example creates a dynamic ACL named icmp-echo that is equivalent to the following ACL policy file entry:
entry icmp-echo { if { protocol icmp; icmp-type echo-request; } then { deny; } }

ExtremeWare XOS 11.3 Command Reference

669

ACL Commands The following command creates a dynamic ACL that accepts all the UDP packets from the 10.203.134.0/ 24 subnet that are destined for the host 140.158.18.16, with source port 190 and a destination port in the range of 1200 to 1250:
create access-list udpacl source-address 10.203.134.0/24;destination-address 140.158.18.16/32;protocol udp;source-port 190;destination-port 1200 - 1250; permit

The previous example creates a dynamic ACL entry named udpacl that is equivalent to the following ACL policy file entry:
entry udpacl { if { source-address 10.203.134.0/24; destination-address 140.158.18.16/32; protocol udp; source-port 190; destination-port 1200 - 1250; } then { permit; } }

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

670

ExtremeWare XOS 11.3 Command Reference

create meter

create meter
create meter <metername>

Description
Creates an ACL meter to limit the rate of packet flow associated with an ACL rule.

Syntax Description
metername Specifies the ACL meter name.

Default
N/A.

Usage Guidelines
The ACL meter created with this command will be associated with an ACL by specifying the meter name in the action modifier field of the ACL entry. The deny keyword should not be an action for the ACL, or the packet will be dropped regardless of the metering state.

Example
The following command creates the ACL meter maximum_bandwidth:
create meter maximum_bandwidth

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family and Summit X450 switches.

ExtremeWare XOS 11.3 Command Reference

671

ACL Commands

delete access-list
delete access-list <dynamic-rule>

Description
Deletes a dynamic ACL

Syntax Description
dynamic-rule Specifies the dynamic ACL name.

Default
N/A.

Usage Guidelines
This command deletes a dynamic ACL rule. Before you delete a dynamic ACL, it must be removed from any interfaces it is applied to. Use the configure access-list delete command to remove the ACL from an interface.

Example
The following command deletes the dynamic ACL icmp-echo:
delete access-list icmp-echo

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

672

ExtremeWare XOS 11.3 Command Reference

delete meter

delete meter
delete meter <metername>

Description
Deletes an ACL meter.

Syntax Description
metername Specifies the ACL meter name.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes the ACL meter maximum_bandwidth:
delete meter maximum_bandwidth

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family and Summit X450 switches.

ExtremeWare XOS 11.3 Command Reference

673

ACL Commands

disable access-list refresh blackhole


disable access-list refresh blackhole

Description
Disables blackholing of packets during ACL refresh.

Syntax Description
This command has no arguments or variables.

Default
The feature is enabled.

Usage Guidelines
When access control lists (ACLs) are refreshed, this feature provides that any packets arriving during the refresh will be blackholed. As the ACL is being refreshed, packets may arrive while the ACL is in an indeterminate state, and packets may be permitted that otherwise are dropped. This feature protects the switch during an ACL refresh. If you disable this feature, you may get unexpected results as the ACL is refreshed. To enable this feature, use the following command:
enable access-list refresh blackhole

Example
The following command disables dropping of packets during an ACL refresh:
disable access-list refresh blackhole

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

674

ExtremeWare XOS 11.3 Command Reference

enable access-list refresh blackhole

enable access-list refresh blackhole


enable access-list refresh blackhole

Description
Enables blackholing of packets during ACL refresh.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
When access control lists (ACLs) are refreshed, this command provides that any packets arriving during the refresh will be blackholed. As the ACL is being refreshed, packets may arrive while the ACL is in an indeterminate state, and packets may be permitted that otherwise are dropped. This feature protects the switch during an ACL refresh. To disable this feature, use the following command:
disable access-list refresh blackhole

Example
The following command enables dropping of packets during an ACL refresh:
enable access-list refresh blackhole

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

675

ACL Commands

show access-list
show access-list {any | ports <portlist> | vlan <vlanname>} {ingress | egress}

Description
Displays the ACLs configured on an interface.

Syntax Description
aclname any portlist vlanname ingress egress Specifies the ACL name. The name can be from 1-32 characters long. Specifies the wildcard ACL. Specifies which ports ACLs to display. Specifies which VLANs ACL to display. Display ingress ACLs. Display egress ACLs (BlackDiamond 10K only).

Default
The default is to display all interfaces, ingress.

Usage Guidelines
The ACL with the port and VLAN displayed as an asterisk (*) is the wildcard ACL. If you do not specify an interface, the policy names for all the interfaces are displayed, except that dynamic ACL rule names are not displayed. To display dynamic ACLs use the following commands:
show access-list dynamic show access-list dynamic rule <rule>

If you specify an interface, all the policy entries, and dynamic policy entries are displayed.

Example
The following command displays all the interfaces configured with an ACL:
show access-list

The output from this command is similar to:


Vlan Name Port Policy Name Dir Rules Dyn Rules ================================================================== * 3:6 TCP_flag ingress 3 2 * 3:8 qos_hongkong ingress 3 0 * 2:1 tc_2.4 ingress 4 0 * 2:7 tcp ingress 1 0 v1 * tcp ingress 1 0

676

ExtremeWare XOS 11.3 Command Reference

show access-list
* * firewall1 ingress 2 1

The following command displays the ingress access list entries configured on the VLAN v1006:
show access-list v1006 ingress

The output from this command is similar to the following:


# RuleNo 1 entry dacl13 { #Dynamic Entry if match all { ethernet-destination-address 00:01:05:00:00:00 ; } then { count c13 ; redirect 1.1.5.100 ; } } # RuleNo 2 entry dacl14 { #Dynamic Entry if match all { ethernet-source-address 00:01:05:00:00:00 ; } then { count c14 ; qosprofile qp7 ; } } # RuleNo 3 entry dacl13 { if match all { ethernet-destination-address 00:01:05:00:00:00 ; } then { count c13 ; redirect 1.1.5.100 ; } }

History
This command was available in ExtremeWare XOS 10.1. The <aclname> option was removed in ExtremeWare XOS 11.1. The ingress,egress,any, ports, and vlan options were added in ExtremeWare XOS 11.3

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

677

ACL Commands

show access-list configuration


show access-list configuration

Description
Displays the ACL configuration. Currently only the state of refresh blackhole is displayed.

Syntax Description
There are no arguments or variables for this command.

Default
N/A.

Usage Guidelines
This command displays the state of the ACL refresh blackhole, set by the enable access-list refresh blackhole command.

Example
The following command displays state of the ACL configuration:
show access-list configuration

The output from this command is similar to:


Access-list Refresh Blackhole: Enabled

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

678

ExtremeWare XOS 11.3 Command Reference

show access-list counter

show access-list counter


show access-list counter {<countername>} {any | ports <portlist> | vlan <vlanname>} {ingress | egress}

Description
Displays the specified access list counters.

Syntax Description
countername portlist vlanname ingress egress Specifies the ACL counter to display. Specifies to display the counters on these ports. Specifies to display the counters on the VLAN. Specifies to display ingress counters. Specifies to display egress counters.

Default
The default direction is ingress.

Usage Guidelines
Use this command to display the ACL counters.

Example
The following example displays all the counters for all ACLs:
show access-list counter

The output of this command is similar to the following:


Policy Name Vlan Name Port Direction Counter Name Packet Count Byte Count ===================================================================== firewall1 * * ingress DENY_SYN 0 0 PERMIT_SYN_ACK 1228300404 1920048848 tc_2.4 * 2:1 ingress arp192 3 204 denyAll 0 0 destIp 0 0 destIp2 0 0 tcp * 2:7 ingress PERMIT_SYN_ACK 0 0 TCP_flag * 3:6 ingress denyAll 0 0 ipArp 0 0

ExtremeWare XOS 11.3 Command Reference

679

ACL Commands
tcpflags-syn qos_hongkong * qp2cnt qp4cnt qp5cnt tcp v1 PERMIT_SYN_ACK 0 3:8 ingress 0 0 0 * ingress 3759119344 0 0 0 0 2217044928

The following example displays all the counters for the ACL on port 2:1
show access-list counter port 2:1

The output of this command is similar to the following:


Policy Name Vlan Name Port Direction Counter Name Packet Count Byte Count ===================================================================== tc_2.4 * 2:1 ingress arp192 3 204 denyAll 0 0 destIp 0 0 destIp2 0 0 History

History
This command was available in ExtremeWare XOS 10.1. The egress options was first available in ExtremeWare XOS 11.3

Platform Availability
This command is available on all platforms. The egress option is available on BlackDiamond 10K switches only.

680

ExtremeWare XOS 11.3 Command Reference

show access-list dynamic

show access-list dynamic


show access-list dynamic

Description
Displays the names of existing dynamic ACLs and a count of how many times each is used.

Syntax Description
There are no arguments or variables for this command.

Default
N/A.

Usage Guidelines
This command displays the names of existing dynamic ACLs, and how many times the ACL is used (bound to an interface). To see the conditions and actions for a dynamic ACL, use the following command:
show access-list dynamic rule <rule>

Example
The following command displays names of all the dynamic ACLs:
show access-list dynamic

The following is sample output for this command:


Dynamic Rules: Udpacl icmp-echo Bound to 1 interfaces Bound to 1 interfaces

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

681

ACL Commands

show access-list dynamic counter


show access-list dynamic counter {{<countername>} any | {<countername>} ports <portlist> | {<countername>} vlan <vlanname>} {ingress | egress}

Description
Displays the dynamic ACL counters.

Syntax Description
countername any portlist vlanname ingress egress Display the counter. Specifies the wildcard ACL. Specifies which ports ACLs to display. Specifies which VLANs ACL to display. Display ingress ACLs. Display egress ACLs (BlackDiamond 10K only).

Default
The default is to display all interfaces, ingress.

Usage Guidelines
None.

Example
The following command displays all the dynamic ACL counters:
show access-list dynamic counter

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

682

ExtremeWare XOS 11.3 Command Reference

show access-list dynamic rule

show access-list dynamic rule


show access-list dynamic rule <rule>

Description
Displays the syntax of a dynamic ACL.

Syntax Description
rule Specifies the rule to display.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays the syntax of the dynamic ACL udpacl:
show access-list dynamic rule updacl

The output of the command is similar to the following:


entry udpacl { if match all { source-address 10.203.134.0/24 ; destination-address 140.158.18.16/32 ; protocol udp ; source-port 190 ; destination-port 1200 - 1250 ; } then { permit ; } }

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

683

ACL Commands

show access-list meter


show access-list counter {<metername>} [any | ports <portlist> | vlan <vlanname>]

Description
Displays the specified access list meter statistics and configurations.

Syntax Description
metername portlist vlanname Specifies the ACL meter to display. Specifies to display the meters on these ports. Specifies to display the meters on the VLAN.

Default
N/A.

Usage Guidelines
Use this command to display the ACL meters.

Example
The following example displays all the counters the ACL on port 7:1
show access-list meter port 2:1

The output of this command is similar to the following:


ACL Name Port Committed Max Burst Out-of-Profile Out-of-Profile Meter Rate (Kbps) Size (K) Action DSCP Packet Count =============================================================================== donacl * 7:1 m1 10000 Max Drop 0 Vlan

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family and Summit X450 switches.

684

ExtremeWare XOS 11.3 Command Reference

unconfigure access-list

unconfigure access-list
unconfigure access-list {any | ports <portlist> | vlan <vlanname>} {ingress | egress}

Description
Removes a policy file ACL from the specified interface.

Syntax Description
aclname portlist vlanname ingress egress Specifies the ACL name. The name can be from 1-32 characters long. Specifies the ports on which this ACL is applied. Specifies the VLAN on which this ACL is applied. Remove the ACL for packets entering the switch on this interface. Remove the ACL for packets leaving the switch from this interface (BlackDiamond 10K only).

Default
The default direction is ingress.

Usage Guidelines
This command removes ACLs that are contained in ACL policy files. To remove dynamic ACLs, use the following command:
configure access-list delete <ruleName> [all | any | ports <portlist> | vlan <vlanname>] {ingress | egress}

To remove all non-dynamic ACLs from all interfaces, do not specify any ports or VLANs.

Example
The following command removes the ACL from port 1:2:
unconfigure access-list ports 1:2

The following command removes the ACLs from ports 1:2-6:3 and 7:1:
unconfigure access-list ports 1:2-6:3,7:1

The following command removes the wildcard ACL:


unconfigure access-list any

The following command removes all ACLs from all the interfaces, including the wildcard ACL:
unconfigure access-list

ExtremeWare XOS 11.3 Command Reference

685

ACL Commands

History
This command was available in ExtremeWare XOS 10.1. The VLAN option was first available in ExtremeWare XOS 11.0 The egress options was first available in ExtremeWare XOS 11.3

Platform Availability
This command is available on all platforms. The egress option is available on BlackDiamond 10K switches only.

686

ExtremeWare XOS 11.3 Command Reference

14 QoS Commands
This chapter describes commands for:

Configuring Quality of Service (QoS) profiles Configuring and displaying bidirectional rate-shaping Creating traffic groupings and assigning the groups to QoS profiles Configuring, enabling and disabling explicit class-of-service traffic groupings (802.1p and DiffServ) Configuring traffic grouping priorities Verifying configuration and performance Configuring and displaying bidirectional rate-shaping Egress traffic rate limiting

Qualify of Service (QoS) is a feature of ExtremeWare XOS that allows you to specify different service levels for outbound and inbound traffic. QoS is an effective control mechanism for networks that have heterogeneous traffic patterns. Using QoS, you can specify the service that a traffic type receives. Policy-based QoS allows you to protect bandwidth for important categories of applications or specifically limit the bandwidth associated with less critical traffic. The switch contains separate hardware queues on every physical port. Each hardware queue is programmed by ExtremeWare XOS with bandwidth management and prioritization parameters, defined as a QoS profile. The bandwidth management and prioritization parameters that modify the forwarding behavior of the switch affect how the switch transmits traffic for a given hardware queue on a physical port. Up to eight physical queues per port are available. With the 11.0 version of the software, you can also assign parameters to traffic ingressing the switch for minimum and maximum bandwidth and priority queuing to the backplane.

NOTE
You cannot queue ingressing traffic to the backplane on the BlackDiamond 8800 family of switches (formerly known as Aspen).

To configure QoS, you define how your switch responds to different categories of traffic by creating and configuring QoS profiles. The service that a particular type of traffic receives is determined by assigning a QoS profile to a traffic grouping or classification. The building blocks are defined as follows:

QoS profileDefines bandwidth and prioritization parameters. Traffic groupingA method of classifying or grouping traffic that has one or more attributes in common. QoS policyThe combination that results from assigning a QoS profile to a traffic grouping.

QoS profiles are assigned to traffic groupings to modify switch-forwarding behavior. When assigned to a traffic grouping, the combination of the traffic grouping and the QoS profile comprise an example of a single policy that is part of Policy-Based QoS.

ExtremeWare XOS 11.3 Command Reference

687

QoS Commands Extreme switch products support explicit Class of Service traffic groupings. This category of traffic groupings describes what is sometimes referred to as explicit packet marking, and includes:

IP DiffServ code points, formerly known as IP TOS bits Prioritization bits used in IEEE 802.1p packets

All Extreme switches support the standard 802.1p priority bits that are part of a tagged Ethernet packet. With the 11.0 version of the software on the BlackDiamond 10K switch, you can also assign parameters to traffic ingressing the switch for minimum and maximum bandwidth and priority queuing to the backplane.

688

ExtremeWare XOS 11.3 Command Reference

configure diffserv examination code-point

configure diffserv examination code-point


configure diffserv examination code-point <code-point> {qosprofile} <qosprofile>

Description
Configures the default ingress DiffServ code points (DSCP) to QoS profile mapping.

Syntax Description
code-point qosprofile Specifies a DiffServ code point (a 6-bit value in the IP-TOS byte in the IP header). Specifies the QoS profile to which the DiffServ code point is mapped.

Default
See Table 19.

Usage Guidelines
You can specify up to 64 different code points for each port. Code point values are grouped and assigned to the default QoS profiles as shown in Table 19.

Table 19: Default DiffServ code point-to-QoS profile mapping


Code point 0-7 8-15 16-23 24-31 32-39 40-47 48-55 56-63 BlackDiamond 10K switch QoS profile QP1 QP2 QP3 QP4 QP5 QP6 QP7 QP8 BlackDiamond 8800 family of switches and Summit X450 switch QoS profile QP1 QP1 QP1 QP1 QP1 QP1 QP1 QP8

BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot set per port DiffServ examination code points. The default VLAN DiffServ examination mappings apply on ports in more than one VR. If you attempt to configure examining DiffServ information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

ExtremeWare XOS 11.3 Command Reference

689

QoS Commands

Example
The following command specifies that code point 25 be assigned to QP2:
configure diffserv examination code-point 25 qosprofile qp2

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

690

ExtremeWare XOS 11.3 Command Reference

configure diffserv replacement

configure diffserv replacement


configure diffserv replacement [{qosprofile} <qosprofile> | priority <value>] code-point <code_point>

Description
Configures the default egress DiffServ replacement mapping.

Syntax Description
qosprofile value code_point Specifies a QoS profile. Specifies the 802.1p priority value. Specifies a 6-bit value to be used as the replacement code point in the DiffServ (IP-TOS byte) of the IP header.

Default
N/A.

Usage Guidelines
NOTE
Extreme Networks recommends that you use the qosprofile <qosprofile> value to configure this parameter.

The default QoS profile to 802.1p priority value to code point mapping is shown in Table 20.

Table 20: Default QoS profile-to-802.1p priority value-to-code point


BlackDiamond 10K switch QoS profile QP1 QP2 QP3 QP4 QP5 QP6 QP7 QP8 BlackDiamond 8800 family of switches and the Summit X450 switch QoS profile QP1 QP1 QP1 QP1 QP1 QP1 QP1 QP8

802.1p priority value 0 1 2 3 4 5 6 7

Code point 0 8 16 24 32 40 48 56

ExtremeWare XOS 11.3 Command Reference

691

QoS Commands BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the DiffServ replacement feature. The default VLAN DiffServ examination mappings apply on ports in more than one VR. If you attempt to configure replacing DiffServ information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

Example
The following command specifies that a code point value of 5 should be used to replace the DiffServ (TOS) bits in packets in QP2:
configure diffserv replacement qosprofile qp2 code-point 5

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

692

ExtremeWare XOS 11.3 Command Reference

configure dot1p type

configure dot1p type


configure dot1p type <dot1p_priority> {qosprofile} <qosprofile>

Description
Configures the default QoS profile to 802.1p priority mapping.

Syntax Description
dot1p_priority qosprofile Specifies the 802.1p priority value. The value is an integer between 0 and 7. Specifies a specific QoS profile.

Default
The default mapping of each 802.1p priority value to QoS profile is shown in Table 21.

Table 21: Default 802.1p priority value-to-QoS profile mapping


Priority value 0 1 2 3 4 5 6 7 BlackDiamond 10K switch QoS profile QP1 QP2 QP3 QP41 QP51 QP6 QP7 QP8 BlackDiamond 8800 family of switches and Summit X450 switch default QoS profile QP1 QP1 QP1 QP1 QP1 QP1 QP1 QP8

Usage Guidelines
An 802.1p priority value seen on ingress can be mapped to a particular QoS profile and with specific bandwidth management and priority behavior. BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the 802.1p feature. If you attempt to configure 802.1p information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

BlackDiamond 8800 family of switches and Summit X450 switch only. You must create the QoS profile first, using the create qosprofile [QP2| QP3 | QP4 | QP5 | QP6 | QP7] command, to map the 802.1p information to QoS profile 2 through 7.

ExtremeWare XOS 11.3 Command Reference

693

QoS Commands

Example
The following commands reassign (from the default) the QoS profiles associated with 802.1p priority values 1 and 2:
configure dot1p type 2 qosprofile qp2 configure dot1p type 1 qosprofile qp3

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

694

ExtremeWare XOS 11.3 Command Reference

configure ports qosprofile

configure ports qosprofile


configure ports <port_list> {qosprofile} <qosprofile>

Description
Configures one or more ports to use a particular egress QoS profile.

Syntax Description
port_list qosprofile Specifies a list of ports or slots and ports. Specifies a QoS profile.

Default
All ports have the default qosprofile of QP1.

Usage Guidelines
Extreme switches support eight QoS profiles (QP1 to QP8) for each port. NOTE
This command applies only to untagged packets.

BlackDiamond 8800 family of switches (formerly known as Aspen) and Summit X450 switch only. You must use this command to assign a QoS profile to ports. This command applies to egress QoS profiles only; the BlackDiamond 8800 family of switches and the Summit X450 switch support only egress QoS profiles. BlackDiamond 10K switch. This command refers to egress QoS profiles; it assigns traffic ingressing this port to a specified egress QoS profile. Use the configure qosprofile ingress ports command to assign the ingress QoS profiles to ports; the ingress QoS profiles assign ingressing traffic to a specified queue to the backplane.

Example
The following command configures port 5 on slot 5 on a modular switch to use QoS profile QP3:
configure ports 5:5 qosprofile QP3

History
This command was first available in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

695

QoS Commands

Platform Availability
This command is available on all platforms.

696

ExtremeWare XOS 11.3 Command Reference

configure ports rate-limit egress

configure ports rate-limit egress


configure ports <port_list> rate-limit egress [no-limit | <cir-rate> [Kbps | Mbps | Gbps] {max-burst-size <burst-size> [Kb | Mb]}]

Description
Configures an egress traffic rate limit for a port or groups of ports.

Syntax Description
port_list no-limit cir-rate max-burst-size Specifies one or more ports or slots and ports. Specifies traffic be transmitted without limit; use to reconfigure or unconfigure previous rate-limiting parameters. Specifies the desired rate limit in Kbps, Mbps, or Gbps. Specifies amount of traffic above the cir-rate that is allowed to burst (for a short duration) from the port in K bits (Kb) or M bits (Mb).

Default
No-limit.

Usage Guidelines
Port speed limits the egress traffic, as follows:

1 Gbps port64 Kbps increments 10 Gbps port1 Mbps increments

If the specified egress limit (cir-rate) is not a multiple of 64 Kbps for a 1 Gbps port or 1 Mbps for a 10 Gbps port, the specified value is rounded down to the nearest appropriate multiple based on the port type. Use the no-limit parameter to:

Unconfigure egress rate limiting on the port(s) Reconfigure existing egress rate limiting on the port(s)

The max-burst-size parameter is the amount of traffic above the value in the cir-rate parameter that is allowed to burst from the port(s) for a short duration.

Example
The following command configures egress rate-limiting on slot 3 port 1 on a modular switch for 3 Mbps and a maximum burst size or 5 M bits:
configure port 3:1 rate-limit egress 3 Mbps max-burst-size 5 Mb

ExtremeWare XOS 11.3 Command Reference

697

QoS Commands

History
This command was available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch.

698

ExtremeWare XOS 11.3 Command Reference

configure qosprofile ingress ports

configure qosprofile ingress ports


configure qosprofile ingress <iqp> [{committed_rate <committed_bps> [k | m]} {maxbw <maxbw_number>} {minbw <minbw_number>} {peak_rate <peak_bps> [k | m} {priority [<priority> | <priority_number]}] ports [<port_list> | all]

Description
Sets the ingress rate shaping parameters, which is an ingress QoS profile.

Syntax Description
iqp Specifies an ingress QoS profile: for 1G I/O modulesiqp1 and iqp2 for 10G I/O modulesiqp1 to iqp8 committed_rate maxbw Specifies an absolute number in K bits or M bits for a guaranteed committed rate and for a minimum rate for this ingress queue to the backplane. Specifies maximum allowed input bandwidth as a percentage of port speed. The range is 0 to 100%, and the default value is 100. Percentages are based on actual or configured port speed. Specifies a guaranteed minimum bandwidth for this ingress QoS queue as a percentage of port speed. The range is 0 to 100%, and the default value is 0. Cumulative percentages of the queue on a given port should not exceed 100%. Percentages are based on actual or configured port speed. Specifies an absolute number in K bits or M bits for a maximum rate for this ingress queue to the backplane. Specifies a service priority setting for the specified ingress queue to the backplane; this priority sets the priorities among the available ingress queues for the specified port. This priority sets the priorities among the available ingress queues for the specified port. The available queues vary according to the I/O module, as follows: 1G I/O module2 queues and 2 priorities available; values are 1 (takes 1-4) or 2 (takes 5-8); or Low and LowHi. 10G module8 queues and 8 priorities available; values are 1 to 8, with 8 being the highest priority, or Low, LowHi, Normal, NormalHi, Medium, MediumHi, High, and HighHi. port_list all Specifies a list of slots and ports to which the parameters apply. May specify in the form 35, 2:5, 2:6-2:8. Specifies this applies to all ports on the device.

minbw

peak_rate priority priority_number

Default
Disabled by default.

Minimum bandwidth0% Maximum bandwidth100%

ExtremeWare XOS 11.3 Command Reference

699

QoS Commands

PriorityBy default, each qosprofile is assigned a different priority level, which varies by I/O module:

1G I/O module:

IQP1 - 1, Low IQP2 - 2, LowHi IQP1 - 1, Low IQP2 - 2, LowHi IQP3 - 3, Normal IQP4 - 4, NormalHi IQP5 - 5, Medium IQP6 - 6, MediumHi IQP7 - 7, High IQP8 - 8, HighHi (highest priority)

10G I/O module:


Usage Guidelines
The number of ingress queues per port varies between the 1G I/O module and the 10G module. On the 1G module, you have two ingress queues per port. The priority values of 1 to 4 map to the first queue, and the priority values of 5 to 8 map to the second queue. On the 10G module, you have eight ingress queues per port. The priority values of 1 to 8 map one to each of the eight queues.

Example
The following command configures the ingress rate shaping parameters of QoS profile IQP3 for specified ports, using bandwidth percentages:
configure qosprofile ingress iqp3 minbw 27 maxbw 57 priority 4 ports 3:2

The following command configures the ingress rate shaping parameters for QoS profile IQP3 for all ports, using absolute values for committed rate and peak rate:
configure qosprofile ingress iqp3 committed-rate 64 k peak-rate 1000 k priority 4 ports all

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
The basic command is available only on the BlackDiamond 10K switch.

700

ExtremeWare XOS 11.3 Command Reference

configure qosprofile ports

configure qosprofile ports


configure qosprofile {egress} <qosprofile> [{committed_rate <committed_bps> [k | m]} {maxbw <maxbw_number>} {minbw <minbw_number>} {peak_rate <peak_bps> [k | m} {priority [<priority> | <priority_number]}] ports [<port_list> | all]

Description
Modifies the default egress QoS profile parameters.

Syntax Description
qosprofile committed_rate maxbw Specifies a QoS profile name. Range is QP1 to QP8. Specifies an absolute number in K bits or M bits for a guaranteed committed rate and for a minimum rate for this egress queue. Specifies maximum allowed input bandwidth as a percentage of port speed. The range is 0 to 100%, and the default value is 100. Percentages are based on actual or configured port speed. Specifies a guaranteed minimum bandwidth for this egress QoS queue as a percentage of port speed. The range is 0 to 100%, and the default value is 0. Cumulative percentages of the queue on a given port should not exceed 100%. Percentages are based on actual or configured port speed. Specifies an absolute number in K bits or M bits for a maximum rate for this egress queue. Specifies a service priority setting for the specified egress queue; this priority sets the priorities among the available egress queues for the specified port. Specifies a service priority setting among the available egress ports for the specified port. Settings are: 1, or Low 2, or LowHi 3, or Normal 4 or NormalHi 5, or Medium 6, or MediumHi 8, or HighHi This is the setting for the egress mode. port_list all Specifies a list of slots and ports to which the parameters apply. May be in the form 3-5, 2:5, 2:6-2:8. Specifies this applies to all ports on the device.

minbw

peak_rate priority priority_number

Default

Minimum bandwidth0% Maximum bandwidth100% PriorityBy default, each qosprofile is assigned a different priority level:

QP1 - 1, Low (the lowest priority)

ExtremeWare XOS 11.3 Command Reference

701

QoS Commands

QP2 - 2, LowHi QP3 - 3, Normal QP4 - 4, NormalHi QP5 - 5, Medium QP6 - 6, MediumHi QP7 - 7, High QP8 - 8, HighHi (highest priority)

Usage Guidelines
None.

Example
The following command configures the egress QoS profile parameters of QoS profile Qp5 for specific ports:
configure qosprofile qp5 minbw 10 maxbw 80 priority HighHi ports 5:5-5:7

History
This command was first available in ExtremeWare XOS 10.1. Committed and peak rates were added in ExtremeWare XOS 11.0. Also in ExtremeWare XOS 11.0, ports were made mandatory.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

702

ExtremeWare XOS 11.3 Command Reference

configure qosprofile weight

configure qosprofile weight


configure qosprofile <qosprofile> {maxbuffer <percent>} {weight <value>}

Description
Modifies the parameters for the default QoS profiles (QP1 and QP8) and defines the parameters for any user-created QoS profiles (QP2, QP3, QP4, QP5, QP6, and/or QP7).

Syntax Description
qosprofile maxbuffer <percent> weight <value> Specifies a QoS profile name. Range is QP1 to QP8; the defaults are QP1 and QP8. Specifies the percentage of the total buffer you are reserving for this QoS profile. The range is 1 to 100; the default setting is 100. Specifies the weight value used for queue service weighting in the weightedround-robin scheduler for this QoS profile. The range is 1 to 16; the default is 1.

Default

QoS profilesQP1 and QP8 Maximum buffer100% Weight1

Usage Guidelines
You must create a QoS profile before you can configure the user-created QoS profiles. You can modify the settings on the default QoS profiles (QP1 and QP8) because they are already created. To assign a QoS profile to a port, use the configure ports <port_list> {qosprofile} <qosprofile> command. If you attempt to configure a QoS profile that you have not created, the system returns an error message. To configure the type of scheduling you want to use for the entire switch, use the configure qosscheduler [strict-priority | weighted-round-robin] command. The maxbuffer parameter configures the maximum amount of packet buffer, by percentage, that the packets associated with the specified QoS profile can consume. Regardless of the setting for this parameter, the system does not drop any packets as long as packet buffer memory remains available and the current buffer use of the specified QoS profile is below the specified maxbuffer setting. The weight parameter configures the relative weighting for each QoS profile. Because each QoS profile has a default weight of 1, all QoS profiles have equal weighting. If you configure a QoS profile with a weight of 4, that specified QoS profile is services 4 times as frequently as the remaining QoS profiles, which still have a weight of 1. If you configure all QoS profiles with a weight of 16, each QoS profile is serviced equally but for a longer period.

ExtremeWare XOS 11.3 Command Reference

703

QoS Commands

Example
The following command configures the QoS profile parameters of QoS profile QP1:
configure qosprofile qp1 maxbuffer 75 weight 4

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch.

704

ExtremeWare XOS 11.3 Command Reference

configure qosscheduler

configure qosscheduler
configure qosscheduler [strict-priority | weighted-round-robin]

Description
Specifies the method the switch uses to service QoS profiles.

Syntax Description
strict-priority weighted-round-robin Specifies the switch services the higher-priority QoS profiles first. Specifies the switch services all QoS profiles based on the configured weighting for each QoS profile.

Default
Strict-priority.

Usage Guidelines
You configure the QoS scheduling algorithm for the entire switch; you cannot configure QoS scheduling for each port separately. NOTE
If you specify strict-priority, lower-priority queues are not serviced at all as long as higher-priority queues have any remaining packets. If you specify weighted-round-robin, the switch services higher-weighted queues more frequently but continues to service lower-weighted queues (even when packets remain in the higher-weighted queues).

Example
The following command configures the switch for weighted-round-robin servicing:
configure qosscheduler weighted-round-robin

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch.

ExtremeWare XOS 11.3 Command Reference

705

QoS Commands

configure vlan qosprofile


configure vlan <vlan_name> {qosprofile} <qosprofile>

Description
Configures a VLAN to use a particular QoS profile.

Syntax Description
vlan_name qosprofile Specifies a VLAN name. Specifies a QoS profile. NOTE: None is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch.

Default
The default for the BlackDiamond 10K switch is QP1, and the default for the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch is none.

Usage Guidelines
Extreme switches support eight QoS profiles (QP1 to QP8) for each port. NOTE
This command applies only to untagged packets.

Example
The following command configures VLAN accounting to use QoS profile QP3:
configure vlan accounting qosprofile qp3

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

706

ExtremeWare XOS 11.3 Command Reference

create qosprofile

create qosprofile
create qosprofile [QP2| QP3 | QP4 | QP5 | QP6 | QP7]

Description
Creates a QoS profile.

Syntax Description
QP1....QP7 Specifies the QoS profile you want to create.

Default
N/A.

Usage Guidelines
The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch allow dynamic creation and deletion of QoS queues, with Q1 and Q8 always available, rather than the 8 fixed queues on the BlackDiamond 10K switch. You must create the QoS profile before you can configure it. or assign it to ports or VLANs. Use the command configure qosprofile <qosprofile> {maxbuffer <percent>} {weight <value>} to configure the QoS profile once you create it. Use the configure ports <port_list> {qosprofile} <qosprofile> command to associate a QoS profile with ports and the configure vlan <vlan_name> {qosprofile} <qosprofile> command to associate a QoS profile with VLANs. QoS profiles QP1 and QP8 are defaults and cannot be deleted.

NOTE
The sFlow application uses QP2 to sample traffic on the BlackDiamond 8800 family of switches and the Summit X450 switch. Any traffic grouping using QP2 may encounter unexpected results when sFlow is enabled.

Example
The following command creates the user-created QoS profile QP3:
create qosprofile qp3

History
This command was first available in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

707

QoS Commands

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch.

708

ExtremeWare XOS 11.3 Command Reference

delete qosprofile

delete qosprofile
delete qosprofile [QP2| QP3 | QP4 | QP5 | QP6 | QP7]

Description
Deletes a user-created QoS profile.

Syntax Description
QP1....QP7 Specifies the user-created QoS profile you want to delete.

Default
N/A.

Usage Guidelines
You cannot delete the default QoS profiles of QP1 and QP8. If you attempt to delete these QoS profiles, the system returns an error. All configuration information associated with the specified QoS profile is removed.

Example
The following command deletes the user-created QoS profile QP3:
delete qosprofile qp3

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch.

ExtremeWare XOS 11.3 Command Reference

709

QoS Commands

disable diffserv examination port


disable diffserv examination port [<port_list> | all]

Description
Disables the examination of the DiffServ field in an IP packet.

Syntax Description
port_list all Specifies a list of ports or slots and ports to which the parameters apply. Specifies that DiffServ examination should be disabled for all ports.

Default
Disabled.

Usage Guidelines
The diffserv examination feature is disabled by default. BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the DiffServ feature. The default VLAN DiffServ examination mappings apply on ports in more than one VR. If you attempt to configure DiffServ.1p information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

Example
The following command disables DiffServ examination on selected ports:
disable diffserv examination ports 5:3,5:5,6:6

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

710

ExtremeWare XOS 11.3 Command Reference

disable diffserv replacement port

disable diffserv replacement port


disable diffserv replacement port [<port_list> | all]

Description
Disables the replacement of DiffServ code points in packets transmitted by the switch.

Syntax Description
port_list all Specifies a list of ports or slots and ports to which the parameters apply. \ Specifies that DiffServ replacement should be disabled for all ports.

Default
N/A.

Usage Guidelines
The DiffServ replacement feature is disabled by default. BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the DiffServ feature. The default VLAN DiffServ examinational mappings apply on ports in more than one VR. If you attempt to configure DiffServ information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

NOTE
The specified ports are the ingress ports.

Example
The following command disables DiffServ replacement on selected ports:
disable diffserv replacement ports 1:2,5:5,6:6

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

711

QoS Commands

disable dot1p replacement ports


disable dot1p replacement ports [<port_list> | all]

Description
Disables the ability to overwrite 802.1p priority values for a given set of ports.

Syntax Description
port_list all Specifies a list of ports or slots and ports to which the parameters apply. Specifies that 802.1p replacement should be disabled for all ports.

Default
N/A.

Usage Guidelines
The dot1p replacement feature is disabled by default. BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the 802.1p feature. If you attempt to configure 802.1p information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

NOTE
The specified ports are ingress ports.

Example
The following command disables 802.1p value replacement on all ports:
disable dot1p replacement ports all

History
This command was available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

712

ExtremeWare XOS 11.3 Command Reference

enable diffserv examination port

enable diffserv examination port


enable diffserv examination port [<port_list> | all]

Description
Enables the DiffServ field of an IP packet to be examined in order to select a QoS profile.

Syntax Description
port_list all Specifies a list of ports or slots and ports to which the parameters apply. Specifies that DiffServ examination is enabled for all ports.

Default
Disabled.

Usage Guidelines
The diffserv examination feature is disabled by default. If you are using DiffServ for QoS parameters, Extreme Networks recommends that you also configure 802.1p or port-based QoS parameters to ensure that high-priority traffic is not dropped prior to reaching the MSM on modular switches. BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the DiffServ feature. The default VLAN DiffServ examination mappings apply on ports in more than one VR. If you attempt to configure DiffServ information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

Example
The following command enables DiffServ examination on selected ports:
enable diffserv examination ports 1:1,5:5,6:2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

713

QoS Commands

enable diffserv replacement ports


enable diffserv replacement ports [<port_list> | all]

Description
Enables the DiffServ code point to be overwritten in IP packets transmitted by the switch.

Syntax Description
port_list all Specifies a list of ports or slots and ports to which the parameters apply. Specifies that DiffServ replacement should be enabled for all ports.

Default
N/A.

Usage Guidelines
The diffserv replacement feature is disabled by default. NOTE
The port in this command is the ingress port.

Eight user-defined DiffServ code points can be configured on each port. The QoS profile is used to select one of the eight code points. If you are using DiffServ for QoS parameters, Extreme Networks recommends that you also configure 802.1p or port-based QoS parameters to ensure that high-priority traffic is not dropped prior to reaching the MSM on modular switches.

NOTE
This command affects only that traffic in traffic groupings based on explicit packet class of service information and physical/logical configuration.

BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the DiffServ feature. The default VLAN DiffServ examination mappings apply on ports in more than one VR. If you attempt to configure DiffServ information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

714

ExtremeWare XOS 11.3 Command Reference

enable diffserv replacement ports

Example
The following command enables DiffServ replacement on selected ports:
enable diffserv replacement ports 5:3,5:5,6:2

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

715

QoS Commands

enable dot1p replacement ports


enable dot1p replacement ports [<port_list> | all]

Description
Allows the 802.1p priority field to be overwritten on egress according to the QoS profile to 802.1p priority mapping for a given set of ports.

Syntax Description
port_list all Specifies a list of ports or slots and ports. Specifies that dot1p replacement should be enabled for all ports.

Default
N/A.

Usage Guidelines
The dot1p replacement feature is disabled by default. By default, 802.1p priority information is not replaced or manipulated, and the information observed on ingress is preserved when transmitting the packet.

NOTE
The port in this command is the ingress port.

If 802.1p replacement is enabled, the 802.1p priority information that is transmitted is determined by the hardware queue that is used when transmitting the packet.

NOTE
This command affects only that traffic in traffic groupings based on explicit packet class of service information and physical/logical configuration.

BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the 802.1p feature. If you attempt to configure 802.1p information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

716

ExtremeWare XOS 11.3 Command Reference

enable dot1p replacement ports

Example
The following command enables dot1p replacement on all ports:
enable dot1p replacement ports all

History
This command was available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

717

QoS Commands

show diffserv
show diffserv [examination | replacement]

Description
Displays the DiffServ-to-QoS profile mapping.

Syntax Description
examination replacement Specifies to display currently configured mapping for each DiffServ code point to QoS profile.

.Specifies to display currently configured code point replacement value.

Default
N/A.

Usage Guidelines
Once you alter the default mappings, the "->" in the display (shown below) becomes "* >".

Examples
The following command displays the current QoS-to-DiffServ mappings for each code point on the switch:
show diffserv examination

The following command displays the current DiffServ-to-QoS mappings on the switch:
show diffserv replacement

Because the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch have 2 default QoS profiles and the BlackDiamond 10K switch has 8 default QoS profiles you see different displays depending on the platform. BlackDiamond 8800 family of switches and Summit X450 switch only. Following is sample output from the show diffserv examination command on the BlackDiamond 8810 switch:
CodePoint->QOSProfile mapping: 00->QP1 01->QP1 02->QP1 08->QP1 09->QP1 10->QP1 16->QP1 17->QP1 18->QP1 24->QP1 25->QP1 26->QP1 32->QP1 33->QP1 34->QP1 40->QP1 41->QP1 42->QP1 48->QP1 49->QP1 50->QP1 56->QP8 57->QP8 58->QP8 03->QP1 11->QP1 19->QP1 27->QP1 35->QP1 43->QP1 51->QP1 59->QP8 04->QP1 12->QP1 20->QP1 28->QP1 36->QP1 44->QP1 52->QP1 60->QP8 05->QP1 13->QP1 21->QP1 29->QP1 37->QP1 45->QP1 53->QP1 61->QP8 06->QP1 14->QP1 22->QP1 30->QP1 38->QP1 46->QP1 54->QP1 62->QP8 07->QP1 15->QP1 23->QP1 31->QP1 39->QP1 47->QP1 55->QP1 63->QP8

718

ExtremeWare XOS 11.3 Command Reference

show diffserv Following is sample output from the show diffserv replacement command on the BlackDiamond 8810 switch:
QOSProfile->CodePoint mapping: QP1->00 QP8->56

BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the DiffServ feature. The default VLAN DiffServ examination mappings apply on ports in more than one VR. If you attempt to configure DiffServ information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

Following is sample output from the show diffserv examination command on the BlackDiamond 10K switch:
CodePoint->QOSProfile mapping: 00->QP1 01->QP1 02->QP1 08->QP2 09->QP2 10->QP2 16->QP3 17->QP3 18->QP3 24->QP4 25->QP4 26->QP4 32->QP5 33->QP5 34->QP5 40->QP6 41->QP6 42->QP6 48->QP7 49->QP7 50->QP7 56->QP8 57->QP8 58->QP8 03->QP1 11->QP2 19->QP3 27->QP4 35->QP5 43->QP6 51->QP7 59->QP8 04->QP1 12->QP2 20->QP3 28->QP4 36->QP5 44->QP6 52->QP7 60->QP8 05->QP1 13->QP2 21->QP3 29->QP4 37->QP5 45->QP6 53->QP7 61->QP8 06->QP1 14->QP2 22->QP3 30->QP4 38->QP5 46->QP6 54->QP7 62->QP8 07->QP1 15->QP2 23->QP3 31->QP4 39->QP5 47->QP6 55->QP7 63->QP8

Following is sample output from the show diffserv replacemement command on the BlackDiamond 10K switch:
QOSProfile->CodePoint mapping: QP1->00 QP2->08 QP3->16 QP4->24 QP5->32 QP6->40 QP7->48 QP8->56

History
This command was first available in ExtremeWare XOS 10.1. The variables were added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

719

QoS Commands

show dot1p
show dot1p

Description
Displays the 802.1p-to-QoS profile mappings.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays the current 802.1p-to-QoS mappings on the switch:
show dot1p

Because the BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch have 2 default QoS profiles and the BlackDiamond 10K switch has 8 default QoS profiles you see different displays depending on the platform. BlackDiamond 8800 family of switches and Summit X450 switch only. Following is sample output from the show dot1p command on the BlackDiamond 8810 switch:
802.1p Priority Value 0 1 2 3 4 5 6 7 QOS Profile QP1 QP1 QP1 QP1 QP1 QP1 QP1 QP8

BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the 802.1p feature. If you attempt to configure 802.1p information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

720

ExtremeWare XOS 11.3 Command Reference

show dot1p Following is sample output from the show dot1p command on the BlackDiamond 10K switch:
802.1p Priority Value 0 1 2 3 4 5 6 7 QOS Profile QP1 QP2 QP3 QP4 QP5 QP6 QP7 QP8

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

721

QoS Commands

show ports qosmonitor


show ports <port_list> qosmonitor {ingress | egress} {no-refresh}

Description
Displays real-time ingress rate shaping statistics in addition to QoS statistics for egress packets on one or more ports.

Syntax Description
port_list egress ingress no-refresh Specifies one or more slots and ports. Specifies to display statistics in egress. Default. Specifies to display statistics on ingress rate shaping. Specifies a static snapshot of data.

Default
Shows QoS statistics for egress unless you specify ingress; shows real-time statistics.

Usage Guidelines
The real-time snapshot scrolls through the given port list to provide statistics. If you do not specify a port number or range of ports, collision statistics are displayed for all ports. If you specify the no-refresh parameter, the system displays a snapshot of the data at the time you issue the command

Examples
The following command shows the QoS egress statistics related to the specified ports:
# show port 1:1-1:2 qosmonitor

Following is sample output from this command:


Port Statistics QP1 QP2 QP3 QP4 QP5 QP6 QP7 QP8 Xmts Xmts Xmts Xmts Xmts Xmts Xmts Xmts =================================================================================== 1:1 100 0 0 0 0 0 0 4 1:2 397 0 0 0 0 0 0 1432 ==================================================================================== Port

The following command shows the QoS ingress statistics related to the specified ports:
# show port 1:1-1:2 qosmonitor ingress

722

ExtremeWare XOS 11.3 Command Reference

show ports qosmonitor Following is sample output from this command:


Port Statistics Port IQP1 IQP2 IQP3 IQP4 IQP5 IQP6 IQP7 IQP8 Xmts Xmts Xmts Xmts Xmts Xmts Xmts Xmts ================================================================================ 1:1 0 0 0 0 0 0 0 0 1:2 0 0 0 0 0 0 0 0 ================================================================================

History
This command was first available in ExtremeWare XOS 10.1. The ingress information was added in ExtremeWare XOS 11.0 Also, you must specify the ports in ExtremeWare XOS 11.0. The egress and no-refresh keywords were added in ExtremeWare 11.3.

Platform Availability
This command is available only on the BlackDiamond 10K switch.

ExtremeWare XOS 11.3 Command Reference

723

QoS Commands

show qosprofile
show qosprofile {ingress | egress} {ports [ all | <port_list>]}

Description
Displays QoS information on the switch.

Syntax Description
Ingress egress ports port_list all Specifies ingress queues. NOTE: This parameter is available only on the BlackDiamond 10K switch. Specifies egress queues; this is the default value. NOTE: This parameter is available only on the BlackDiamond 10K switch. Specifies to display information for specified ports. NOTE: This parameter is available only on the BlackDiamond 10K switch. Specifies a list of slots and ports. NOTE: This parameter is available only on the BlackDiamond 10K switch. Specifies all ports. NOTE: This parameter is available only on the BlackDiamond 10K switch.

Default
Displays egress QoS information for all ports.

Usage Guidelines
The displayed QoS profile information differs depending on the platform you are running on. BlackDiamond 8800 family of switches (formerly known as Aspen) and Summit X450 switch only. The following information displays for these switches:

Available Qos profiles Weight Percentage of maximum buffer

BlackDiamond 10K switch only. If you do not specify the variable ingress, the system displays the information for egress QoS values. The following information displays for the BlackDiamond 10K switch for each QoS profile:

Qos profile Minimum bandwidth Maximum bandwidth Priority

724

ExtremeWare XOS 11.3 Command Reference

show qosprofile

Example
The display varies depending on your platform. BlackDiamond 8800 family of switches and Summit X450 switch only. No arguments are available on the BlackDiamond 8800 family of switches or the Summit X450 switch for this command. Following is sample output from the show qosprofile command:
QP1 QP2 QP8 Weight = Weight = Weight = 1 4 1 Max Buffer Percent = 100 Max Buffer Percent = 90 Max Buffer Percent = 100

BlackDiamond 10K switch only. You can display either the ingress or the egress QoS profiles on the BlackDiamond 10K switch. The number of available ingress QoS profiles differs depending on the module you are displaying. The following shows sample output for the show qosprofile ports 1:1 command, which displays the egress QoS profiles:
Port: 1:1 QP1 QP2 QP3 QP4 QP5 QP6 QP7 QP8 MinBw= MinBw= MinBw= MinBw= MinBw= MinBw= MinBw= MinBw= 0% 0% 0% 0% 0% 0% 0% 0% MaxBw=100% MaxBw=100% MaxBw=100% MaxBw=100% MaxBw=100% MaxBw=100% MaxBw=100% MaxBw=100% Pri=1 Pri=2 Pri=3 Pri=4 Pri=5 Pri=6 Pri=7 Pri=8

The following shows sample output for the show qosprofile ingress ports 8:1 command, which displays the ingress QoS profiles on a 10 G port:
Port: 8:1 IQP1 IQP2 IQP3 IQP4 IQP5 IQP6 IQP7 IQP8 MinBw= MinBw= MinBw= MinBw= MinBw= MinBw= MinBw= MinBw= 0% 0% 0% 0% 0% 0% 0% 0% MaxBw=100% MaxBw=100% MaxBw=100% MaxBw=100% MaxBw=100% MaxBw=100% MaxBw=100% MaxBw=100% Pri=1 Pri=2 Pri=3 Pri=4 Pri=5 Pri=6 Pri=7 Pri=8

The following shows sample output for the show qosprofile ingress ports 2:1 command, which displays the ingress QoS profiles on a 1 G port:
Port: 2:1 IQP1 MinBw= IQP2 MinBw= 0% MaxBw=100% Pri=1 0% MaxBw=100% Pri=2

History
This command was first available in ExtremeWare XOS 10.1. The ingress information was added in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

725

QoS Commands

Platform Availability
This command is available on all platforms. The parameters ingress, egress, and ports are available only on the BlackDiamond 10K switch.

726

ExtremeWare XOS 11.3 Command Reference

unconfigure diffserv

unconfigure diffserv
unconfigure diffserv [examination | replacement]

Description
Uses the default DiffServ examination code point or uses the default DiffServ replacement mapping.

Syntax Description
examination replacement Specifies to unconfigure the DiffServ examination point. Specifies to unconfigure the DiffServ replacement mapping.

Default
N/A.

Usage Guidelines
BlackDiamond 10K switch only. If a port is in more than one virtual router, you cannot use the DiffServ feature. The default VLAN DiffServ examination mappings apply on ports in more than one VR. If you attempt to configure DiffServ information on a port that is in more than one virtual router, the system returns the following message:
Warning: Port belongs to more than one VR. Port properties related to diff serv and code replacement will not take effect.

Example
The following command removes DiffServ code point examination from ports 5:5-5:8 on a modular switch:
unconfigure diffserv examination

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

727

QoS Commands

unconfigure qosprofile
unconfigure qosprofile {ingress | egress} {ports [<port_list>|all]}

Description
Returns the ingress rate shaping parameters, which is an ingress QoS profile, or the egressing QoS values to default values.

Syntax Description
ingress Specifies all ingress QoS profiles for specified ports. The default ingress values are as follows: for 1G I/O modulesIQP1 and IQP2 for 10G I/O modulesIQP1 to IQP8 If you do not specify ingress or egress, the command returns all egress QoS values to default. NOTE: This parameter is available only on the BlackDiamond 10K switch. egress Specifies an egress QoS profile for specified ports. The default egress values are as follows: QP11, Low (the lowest priority) QP22, LowHi QP33, Normal QP44, NormalHi QP55, Medium QP66, MediumHi QP77, High QP88, HighHi (highest priority) If you do not specify ingress or egress, the command returns all egress QoS values to default. NOTE: This parameter is available only on the BlackDiamond 10K switch. ports port_list all Specifies unconfiguring the QoS profiles on specified ports. NOTE: This parameter is available only on the BlackDiamond 10K switch. Specifies a list of slots and ports to which the parameters apply. NOTE: This parameter is available only on the BlackDiamond 10K switch. Specifies that this applies to all ports on the device. NOTE: This parameter is available only on the BlackDiamond 10K switch.

Default
Default values differ by platform. BlackDiamond 8800 family of switches (formerly known as Aspen) and Summit X450 switch only. The default values for the two default egressing QoS profiles (QP1 and QP8) on the BlackDiamond 8800

728

ExtremeWare XOS 11.3 Command Reference

unconfigure qosprofile family of switches and the Summit X450 switch are shown in this section; the BlackDiamond 8800 family of switches and the Summit X450 switch do not support ingressing QoS profiles.

Weight1 Maximum buffer100%

BlackDiamond 10K switch only. the default values for egressing QoS profiles and ingressing QoS profiles on the BlackDiamond 10K switch are shown in this section. Ingress QoS is disabled by default.

Minimum bandwidth0% Maximum bandwidth100% Minimum committed and peak rates1 Kbps Maximum committed and peak ratesvaries by I/O module:

1G I/O module1,000 Mbps 10G I/O module10,000 Mbps

Ingress priorityBy default, each qosprofile is assigned a different priority level, which varies by I/ O module:

1G I/O module:

IQP1 - 1 Low IQP2 - 1, LowHi IQP1 - 1, Low IQP2 - 2, LowHi IQP3 - 3, Normal IQP4 - 4, NormalHi IQP5 - 5, Medium IQP6 - 6, MediumHi IQP7 - 7, High IQP8 - 8, HighHi (highest priority)

10G I/O module:


Egress priority

QP1 - 1, Low QP2 - 2, LowHi QP3 - 3, Normal QP4 - 4, NormalHi QP5 - 5, Medium QP6 - 6, MediumHi QP7 - 7, High QP8 - 8, HighHi (highest priority)

ExtremeWare XOS 11.3 Command Reference

729

QoS Commands

Usage Guidelines
BlackDiamond 10K switch only. The number of ingress queues per port varies between the 1G I/O module and the 10G module. On the 1G module, you have two ingress queues per port. The priority values of 1 to 4 map to the first queue, and the priority values of 5 to 8 map to the second queue. On the 10G module, you have eight ingress queues per port. The priority values of 1 to 8 map one to each of the eight queues.

Example
The following command resets the QoS profiles for all ports to default settings:
unconfigure qosprofile

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms. The parameters ingress, egress, and ports are available only on the BlackDiamond 10K switch.

730

ExtremeWare XOS 11.3 Command Reference

15 Security Commands
This chapter describes commands for:

Managing the switch using SSH2 Configuring switch user authentication through a RADIUS client Configuring switch user authentication through TACACS+ Protecting the switch from Denial of Service attacks

SSH
Secure Shell 2 (SSH2) is a feature of ExtremeWare XOS that allows you to encrypt session data between a network administrator using SSH2 client software and the switch. Configuration and policy files may also be transferred to the switch using the Secure Copy Program 2 (SCP2).

User Authentication
Remote Authentication Dial In User Service (RADIUS, RFC 2138) is a mechanism for authenticating and centrally administrating access to network nodes. The ExtremeWare XOS RADIUS client implementation allows authentication for SSH2, Telnet or console access to the switch. Extreme switches are also capable of sending RADIUS accounting information. You can configure RADIUS accounting servers to be the same as the authentication servers, but this is not required. Terminal Access Controller Access Control System Plus (TACACS+) is a mechanism for providing authentication, authorization, and accounting on a centralized server, similar in function to the RADIUS client. The ExtremeWare XOS version of TACACS+ is used to authenticate prospective users who are attempting to administer the switch. TACACS+ is used to communicate between the switch and an authentication database.

NOTE
You cannot use RADIUS and TACACS+ at the same time.

Denial of Service
You can configure ExtremeWare XOS to protect your Extreme switches in the event of a denial of service attack. During a typical denial of service attack, the CPU on the switch gets flooded with packets from multiple attackers, potentially causing the switch to fail. To protect against this type of attack, you can configure the software so that when the number of packets received is more than the configured threshold limit of packets per second, a hardware ACL is enabled.

ExtremeWare XOS 11.3 Command Reference

731

Security Commands

clear vlan dhcp-address-allocation


clear vlan <vlan_name> dhcp-address-allocation [[all {offered | assigned | declined | expired}] | <ipaddress>]

Description
Removes addresses from the DHCP allocation table.

Syntax Description
vlan_name all offered assigned declined expired ipaddress Specifies the VLAN of the DHCP server. Specifies all IP addresses, or all IP addresses in a particular state. Specifies IP addresses offered to clients. Specifies IP addresses offered to and accepted by clients. Specifies IP addresses declined by clients Specifies IP addresses whose lease has expired and not renewed by the DHCP server. Specifies a particular IP address.

Default
N/A.

Usage Guidelines
You can either delete a single entry, using the IP address, or all entries. If you use the all option, you can additionally delete entries in a specific state.

Example
The following command removes all the declined IP addresses by hosts on the VLAN temporary:
clear vlan temporary dhcp-address-allocation all declined

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

732

ExtremeWare XOS 11.3 Command Reference

configure dos-protect acl-expire

configure dos-protect acl-expire


configure dos-protect acl-expire <seconds>

Description
Configures the denial of service protection ACL expiration time.

Syntax Description
seconds Specifies how long the ACL is in place.

Default
The default is 5 seconds.

Usage Guidelines
This command configures how long the DoS protection ACL remains in place.

Example
This example sets the ACL expiration time to 15 seconds:
configure dos-protect acl-expire 15

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

733

Security Commands

configure dos-protect interval


configure dos-protect interval <seconds>

Description
Configures the denial of service protection interval.

Syntax Description
seconds Specifies how often the DoS protection counter is monitored.

Default
The default is one second.

Usage Guidelines
This command configures how often the DoS protection counter is monitored.

Example
This example sets the interval to 5 seconds:
configure dos-protect interval 5

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

734

ExtremeWare XOS 11.3 Command Reference

configure dos-protect trusted ports

configure dos-protect trusted ports


configure dos-protect trusted-ports [ports [<ports> | all] | add-ports [<ports-to-add> | all] | delete-ports [<ports-to-delete> | all] ]

Description
Configures the list of trusted ports.

Syntax Description
ports ports-to-add all ports-to-delete Specifies the trusted ports list. Specifies the ports to add to the trusted ports list. Specifies all the ports. Specifies the ports to delete from the trusted ports list.

Default
N/A.

Usage Guidelines
Traffic from trusted ports will be ignored when DoS protect counts the packets to the CPU. If we know that a machine connected to a certain port on the switch is a safe "trusted" machine, and we know that we will not get a DoS attack from that machine, the port where this machine is connected to can be configured as a trusted port, even though a large amount of traffic is going through this port.

Example
This example sets the trusted port list to 3:1-3:7:
configure dos-protect trusted-ports ports 3:1-3:7

This example adds the trusted port 3:8 to the current list (use this command with a network administrator machine not connected to the internet that is attached to port 3:8):
configure dos-protect trusted-ports add-ports 3:8

History
This command was first available in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

735

Security Commands

Platform Availability
This command is available on all platforms.

736

ExtremeWare XOS 11.3 Command Reference

configure dos-protect type l3-protect alert-threshold

configure dos-protect type l3-protect alert-threshold


configure dos-protect type l3-protect alert-threshold <packets>

Description
Configures the denial of service protection alert threshold.

Syntax Description
packets Specifies how many packets in an interval will cause an alert.

Default
The default is 4000 packets.

Usage Guidelines
This command configures how many packets received in an interval will cause a DoS protection alert. When an alert occurs, the packets are analyzed, and a temporary ACL is applied to the switch.

Example
This example sets the alert threshold to 8000 packets:
configure dos-protect type l3-protect alert-threshold 8000

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

737

Security Commands

configure dos-protect type l3-protect notify-threshold


configure dos-protect type l3-protect notify-threshold <packets>

Description
Configures the denial of service protection notification threshold.

Syntax Description
packets Specifies how many packets in an interval will cause a notification.

Default
The default is 3500 packets.

Usage Guidelines
This command configures how many packets received in an interval will cause a DoS protection notification.

Example
This example sets the notification threshold to 7500 packets:
configure dos-protect type l3-protect notify-threshold 7500

History
This command was first available in ExtremeWare XOS 11.1

Platform Availability
This command is available on all platforms.

738

ExtremeWare XOS 11.3 Command Reference

configure ports limit-learning lock-learning

configure ports limit-learning lock-learning


configure ports <portlist> vlan <vlan name> [limit-learning <number> | lock-learning | unlimited-learning | unlock-learning]

Description
Configures virtual ports for limited or locked MAC address learning.

Syntax Description
portlist vlan name limit-learning <number> lock-learning unlimited-learning unlock-learning Specifies one or more ports or slots and ports. Specifies the name of the VLAN. Specifies a limit on the number of MAC addresses that can be dynamically learned on the specified ports. Specifies that the current FDB entries for the specified ports should be made permanent static, and no additional learning should be allowed. Specifies that there should not be a limit on MAC addresses that can be learned. Specifies that the port should be unlocked (allow unlimited, dynamic learning).

Default
Unlimited, unlocked learning.

Usage Guidelines
If you have enabled ESRP, see the ExtremeWare XOS Concepts Guide for information about using this feature with ESRP. Limited learning. The limited learning feature allows you to limit the number of dynamically-learned MAC addresses per VLAN. When the learned limit is reached, all new source MAC addresses are blackholed at both the ingress and egress points. This prevent these MAC addresses from learning and responding to Internet control message protocol (ICMP) and address resolution protocol (ARP) packets. If the limit you configure is greater than the current number of learned entries, all the current learned entries are purged. Dynamically learned entries still get aged, and can be cleared. If entries are cleared or aged out after the learning limit has been reached, new entries will then be able to be learned until the limit is reached again. Permanent static and permanent dynamic entries can still be added and deleted using the create fdbentry and delete fdbentry commands. These override any dynamically learned entries.

ExtremeWare XOS 11.3 Command Reference

739

Security Commands For ports that have a learning limit in place, the following traffic still flows to the port:

Packets destined for permanent MACs and other non-blackholed MACs Broadcast traffic EDP traffic

Traffic from the permanent MAC and any other non-blackholed MACs will still flow from the virtual port. If you configure a MAC address limit on VLANS that participate in an Extreme Standby Router Protocol (ESRP) domain, you should add an additional back-to-back link (that has no MAC address limit on these ports) between the ESRP-enabled switches. Doing so prevents ESRP protocol data units (PDUs) from being dropped due to MAC address limit settings. Port lockdown. The port lockdown feature allows you to prevent any additional learning on the virtual port, keeping existing learned entries intact. This is equivalent to making the dynamically-learned entries permanent static, and setting the learning limit to zero. All new source MAC addresses are blackholed. Locked entries do not get aged, but can be deleted like any other permanent FDB entries. The maximum number of permanent lockdown entries is 1024. Any FDB entries above will be flushed and blackholed during lockdown. For ports that have lockdown in effect, the following traffic still flows to the port:

Packets destined for the permanent MAC and other non-blackholed MACs Broadcast traffic EDP traffic

Traffic from the permanent MAC will still flow from the virtual port. Once the port is locked down, all the entries become permanent and will be saved across reboot. When you remove the lockdown using the unlock-learning option, the learning-limit is reset to unlimited, and all associated entries in the FDB are flushed. To verify the MAC security configuration for the specified VLAN or ports, use the following commands:
show vlan <vlan name> security show ports <portlist> info detail

Example
The following command limits the number of MAC addresses that can be learned on ports 1, 2, 3, and 6 in a VLAN named accounting, to 128 addresses:
configure ports 1, 2, 3, 6 vlan accounting learning-limit 128

The following command locks ports 4 and 5 of VLAN accounting, converting any FDB entries to static entries, and prevents any additional address learning on these ports:
configure ports 4,5 vlan accounting lock-learning

740

ExtremeWare XOS 11.3 Command Reference

configure ports limit-learning lock-learning The following command removes the learning limit from the specified ports:
configure ports 1, 2, vlan accounting unlimited-learning

The following command unlocks the FDB entries for the specified ports:
configure ports 4,5 vlan accounting unlock-learning

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

741

Security Commands

configure radius server


configure radius {mgmt-access | netlogin} [primary | secondary] server [<ipaddress> | <hostname>] {<udp_port>} client-ip [<ipaddress>] {vr <vr_name>}

Description
Configures the primary and secondary RADIUS authentication server.

Syntax Description
mgmt-access netlogin primary secondary ipaddress hostname udp_port ipaddress vr_name Specifies the RADIUS authentication server for switch management. Specifies the RADIUS authentication server for network login. Configures the primary RADIUS authentication server. Configures the secondary RADIUS authentication server. The IP address of the server being configured. The host name of the server being configured. The UDP port to use to contact the RADIUS authentication server. The IP address used by the switch to identify itself when communicating with the RADIUS authentication server. Specifies the virtual router on which the client IP is located. NOTE: The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch do not support user-created VRs.

Default
The following lists the default behavior of this command:

The UDP port setting is 1812 The virtual router used is VR-Mgmt, the management virtual router Switch management and network login use the same primary and secondary RADIUS servers for authentication.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Use this command to specify RADIUS server information. Use of the <hostname> parameter requires that DNS be enabled. The RADIUS server defined by this command is used for user name authentication and CLI command authentication.

742

ExtremeWare XOS 11.3 Command Reference

configure radius server Beginning with ExtremeWare XOS 11.2, you can specify one pair of RADIUS authentication servers for switch management and another pair for network login. To specify RADIUS authentication servers for switch management (Telnet, SSH, and console sessions), use the mgmt-access keyword. To specify RADIUS authentication servers for network login, use the netlogin keyword. If you do not specify a keyword, switch management and network login use the same pair of RADIUS authentication servers. If you are running ExtremeWare XOS 11.1 or earlier and upgrade to ExtremeWare XOS 11.2, you do not loose your existing RADIUS server configuration. Both switch management and network login use the RADIUS authentication server specified in the older configuration.

Example
The following command configures the primary RADIUS server on host radius1 using the default UDP port (1812) for use by the RADIUS client on switch 10.10.20.30 using a virtual router interface of VRDefault:
configure radius primary server radius1 client-ip 10.10.20.30 vr vr-Default

The following command configures the primary RADIUS server for network login authentication on host netlog1 using the default UDP port for use by the RADIUS client on switch 10.10.20.31 using, by default, the management virtual router interface:
configure radius netlogin primary server netlog1 client-ip 10.10.20.31

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

743

Security Commands

configure radius shared-secret


configure radius {mgmt-access | netlogin} [primary | secondary] sharedsecret {encrypted} <string>

Description
Configures the authentication string used to communicate with the RADIUS authentication server.

Syntax Description
mgmt-access netlogin primary secondary encrypted string Specifies the switch management RADIUS authentication server. Specifies the network login RADIUS authentication server. Configures the authentication string for the primary RADIUS server. Configures the authentication string for the secondary RADIUS server. Indicates that the string is already encrypted. The string to be used for authentication.

Default
Unconfigured.

Usage Guidelines
The secret must be the same between the client switch and the RADIUS server. The RADIUS server must first be configured for use with the switch as a RADIUS client. The mgmt-access keyword specifies the RADIUS server used for switch management authentication. The netlogin keyword specifies the RADIUS server used for network login authentication. If you do not specify the mgmt-access or netlogin keywords, the secret applies to both the primary or secondary switch management and netlogin RADIUS servers. The encrypted keyword is primarily for the output of the show configuration command, so the shared secret is not revealed in the command output. Do not use it to set the shared secret.

Example
The following command configures the shared secret as purplegreen on the primary RADIUS server for both switch management and network login:
configure radius primary shared-secret purplegreen

The following command configures the shared secret as redblue on the primary switch management RADIUS server:
configure radius mgmt-access primary shared-secret redblue

744

ExtremeWare XOS 11.3 Command Reference

configure radius shared-secret

History
This command was first available in ExtremeWare XOS 10.1. The encrypted keyword was added in ExtremeWare XOS 11.0. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

745

Security Commands

configure radius timeout


configure radius {mgmt-access | netlogin} timeout <seconds>

Description
Configures the timeout interval for RADIUS authentication requests.

Syntax Description
mgmt-access netlogin seconds Specifies the switch management RADIUS authentication server. Specifies the network login RADIUS authentication server. Specifies the number of seconds for authentication requests. Range is 3 to 120 seconds

Default
The default is 3 seconds.

Usage Guidelines
This command configures the timeout interval for RADIUS authentication requests. When the timeout has expired, another authentication attempt will be made. After three failed attempts to authenticate, the alternate server will be used. After six failed attempts, local user authentication will be used. The mgmt-access keyword specifies the RADIUS server used for switch management authentication. The netlogin keyword specifies the RADIUS server used for network login authentication. If you do not specify the mgmt-access or netlogin keywords, the timeout interval applies to both switch management and netlogin RADIUS servers.

Example
The following command configures the timeout interval for RADIUS authentication to 10 seconds. After 30 seconds (three attempts), the alternate RADIUS server will be used. After 60 seconds (six attempts) local user authentication is used.
configure radius timeout 10

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

746

ExtremeWare XOS 11.3 Command Reference

configure radius timeout

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

747

Security Commands

configure radius-accounting server


configure radius-accounting {mgmt-access | netlogin} [primary | secondary] server [<ipaddress> | <hostname>] {<tcp_port>} client-ip [<ipaddress>] {vr <vr_name>}

Description
Configures the RADIUS accounting server.

Syntax Description
mgmt-access netlogin primary secondary ipaddress hostname tcp_port ipaddress vr_name Specifies the RADIUS accounting server for switch management. Specifies the RADIUS accounting server for network login. Configure the primary RADIUS accounting server. Configure the secondary RADIUS accounting server. The IP address of the accounting server being configured. The host name of the accounting server being configured. The UDP port to use to contact the RADIUS accounting server. The IP address used by the switch to identify itself when communicating with the RADIUS accounting server. Specifies the virtual router on which the client IP is located. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Default
The following lists the default behavior of this command:

The UDP port setting is 1813 The virtual router used is VR-Mgmt, the management virtual router Switch management and network login use the same RADIUS accounting server.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Use this command to specify the radius accounting server. The accounting server and the RADIUS authentication server can be the same. Use of the <hostname> parameter requires that DNS be enabled. Beginning with ExtremeWare XOS 11.2, you can specify one pair of RADIUS accounting servers for switch management and another pair for network login. To specify RADIUS accounting servers for

748

ExtremeWare XOS 11.3 Command Reference

configure radius-accounting server switch management (Telnet, SSH, and console sessions), use the mgmt-access keyword. To specify RADIUS accounting servers for network login, use the netlogin keyword. If you do not specify a keyword, switch management and network login use the same pair of RADIUS accounting servers. If you are running ExtremeWare XOS 11.1 or earlier and upgrade to ExtremeWare XOS 11.2, you do not loose your existing RADIUS accounting server configuration. Both switch management and network login use the RADIUS accounting server specified in the older configuration.

Example
The following command configures RADIUS accounting on host radius1 using the default UDP port (1813) for use by the RADIUS client on switch 10.10.20.30 using a virtual router interface of VR-Default for both management and network login:
configure radius-accounting primary server radius1 client-ip 10.10.20.30 vr vr-Default

The following command configures RADIUS accounting for network login on host netlog1 using the default UDP port for use by the RADIUS client on switch 10.10.20.31 using the default virtual router interface:
configure radius-accounting netlogin primary server netlog1 client-ip 10.10.20.31

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

749

Security Commands

configure radius-accounting shared-secret


configure radius-accounting {mgmt-access | netlogin} [primary | secondary] shared-secret {encrypted} <string>

Description
Configures the authentication string used to communicate with the RADIUS accounting server.

Syntax Description
mgmt-access netlogin primary secondary encrypted string Specifies the switch management RADIUS accounting server. Specifies the network login RADIUS accounting server. Configures the authentication string for the primary RADIUS accounting server. Configures the authentication string for the secondary RADIUS accounting server. Indicates that the string is already encrypted. The string to be used for authentication.

Default
Unconfigured.

Usage Guidelines
The secret must be the same between the client switch and the RADIUS accounting server. The mgmt-access keyword specifies the RADIUS accounting server used for switch management. The netlogin keyword specifies the RADIUS accounting server used for network login. If you do not specify the mgmt-access or netlogin keywords, the secret applies to both the primary or secondary switch management and netlogin RADIUS accounting servers. The encrypted keyword is primarily for the output of the show configuration command, so the shared secret is not revealed in the command output. Do not use it to set the shared secret.

Example
The following command configures the shared secret as purpleaccount on the primary RADIUS accounting server for both management and network login:
configure radius primary shared-secret purpleaccount

The following command configures the shared secret as greenaccount on the primary management RADIUS accounting server:
configure radius mgmt-access primary shared-secret greenaccount

750

ExtremeWare XOS 11.3 Command Reference

configure radius-accounting shared-secret

History
This command was first available in ExtremeWare XOS 10.1. The encrypted keyword was added in ExtremeWare XOS 11.0. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

751

Security Commands

configure radius-accounting timeout


configure radius-accounting {mgmt-access | netlogin} timeout <seconds>

Description
Configures the timeout interval for RADIUS-Accounting authentication requests.

Syntax Description
mgmt-access netlogin seconds Specifies the switch management RADIUS accounting server. Specifies the network login RADIUS accounting server. Specifies the number of seconds for accounting requests. Range is 3 to 120 seconds.

Default
The default is 3 seconds.

Usage Guidelines
This command configures the timeout interval for RADIUS-Accounting authentication requests. When the timeout has expired, another authentication attempt will be made. After three failed attempts to authenticate, the alternate server will be used. The mgmt-access keyword specifies the RADIUS accounting server used for switch management. The netlogin keyword specifies the RADIUS accounting server used for network login. If you do not specify the mgmt-access or netlogin keywords, the timeout interval applies to both switch management and netlogin RADIUS accounting servers.

Example
This example configures the timeout interval for RADIUS-Accounting authentication to 10 seconds. After 30 seconds (three attempts), the alternate RADIUS server will be used:
configure radius-accounting timeout 10

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

752

ExtremeWare XOS 11.3 Command Reference

configure ssh2 key

configure ssh2 key


configure ssh2 key {pregenerated}

Description
Generates the Secure Shell 2 (SSH2) host key.

Syntax Description
pregenerated Indicates that the SSH2 authentication key has already been generated. The user will be prompted to enter the existing key.

Default
The switch generates a key for each SSH2 session.

Usage Guidelines
Secure Shell 2 (SSH2) is a feature of ExtremeWare that allows you to encrypt session data between a network administrator using SSH2 client software and the switch or to send encrypted data from the switch to an SSH2 client on a remote system. Configuration and policy files may also be transferred to the switch using the Secure Copy Program 2 (SCP2) SSH2 functionality is not present in the base ExtremeWare XOS software image, but is available as an additional, installable module. Before you can access any SSH2 commands, you must install the module. Without the module, the SSH2 commands do not appear on the command line. To install the module, see the instructions in Appendix A, Software Upgrade and Boot Options. After you have installed the SSH2 module, you must generate a host key and enable SSH2. To generate an SSH2 host key, use the configure ssh2 key command. To enable SSH2, use the enable ssh2 command. An authentication key must be generated before the switch can accept incoming SSH2 sessions. This can be done automatically by the switch, or you can enter a previously generated key. If you elect to have the key generated, the key generation process can take up to ten minutes, and cannot be canceled after it has started. Once the key has been generated, you should save your configuration to preserve the key. To use a key that has been previously created, use the pregenerated keyword. You are prompted to enter the pregenerated key. You can use the show configuration command to list the previously generated key then copy and paste it after the configure ssh2 key {pregenerated} command. NOTE
Keys generated by ExtremeWare XOS cannot be used on switches running ExtremeWare images, and keys generated by ExtremeWare cannot be used on switches running ExtremeWare XOS images.

ExtremeWare XOS 11.3 Command Reference

753

Security Commands The key generation process generates the SSH2 private host key. The SSH2 public host key is derived from the private host key, and is automatically transmitted to the SSH2 client at the beginning of an SSH2 session. To view the status of SSH2 on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for SSH2 sessions, whether a valid key is present, and the TCP port and virtual router that is being used

Example
The following command generates an authentication key for the SSH2 session:
configure ssh2 key

The command responds with the following messages:


WARNING: Generating new server host key This will take approximately 10 minutes and cannot be canceled. Continue? (y/n)

If you respond yes, the command begins the process. To configure an SSH2 session using a previously generated key, use the following command:
configure ssh2 key pregenerated 2d:2d:2d:2d:20:42:45:47:

Enter the previously-generated key (you can copy and paste it from the saved configuration file).

History
This command was first available in the ExtremeWare XOS 11.0 SSH module.

Platform Availability
This command is available on all platforms.

754

ExtremeWare XOS 11.3 Command Reference

configure ssl certificate pregenerated

configure ssl certificate pregenerated


configure ssl certificate pregenerated

Description
Obtains the pre-generated certificate from the user.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
You must upload or generate a certificate for SSL server use. With this command, you copy and paste the certificate into the command line followed by a blank line to end the command. The following security algorithms are supported:

RSA for public key cryptography (generation of certificate and public-private key pair, certificate signing). RSA key size between 1024 and 4096 bits. Symmetric ciphers (for data encryption): RC4, DES, and 3DES. Message Authentication Code (MAC) algorithms: MD5 and SHA.

This command is also used when downloading or uploading the configuration. Do not modify the certificate stored in the uploaded configuration file because the certificate is signed using the issuers private key. The certificate and private key file should be in PEM format and generated using RSA as the cryptography algorithm. Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL. If you try to execute SSL commands without installing the module first, the switch notifies you to download and install the module. To install the module, see the instructions in Appendix A of the ExtremeWare XOS Concepts Guide. The Converged Network Analyzer (CNA) Agent requires SSL to encrypt communication between the CNA Agent and the CNA Server. For more information about the CNA Agent, see Appendix C, CNA Agent.

ExtremeWare XOS 11.3 Command Reference

755

Security Commands

Example
The following command obtains the pre-generated certificate from the user:
configure ssl certificate pregenerated

Next, you open the certificate and then copy and paste the certificate into the console/Telnet session, followed by a blank line to end the command.

History
This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module.

Platform Availability
This command is available on all platforms.

756

ExtremeWare XOS 11.3 Command Reference

configure ssl certificate privkeylen

configure ssl certificate privkeylen


configure ssl certificate privkeylen <length> country <code> organization <org_name> common-name <name>

Description
Creates a self signed certificate and private key that can be saved in the EEPROM.

Syntax Description
length code org_name name Specifies the private key length in bytes. Valid values are between 1024 and 4096. Specifies the country code in 2-character form. Specifies the organization name. The organization name can be up to 64 characters long. Specifies the common name. The common name can be up to 64 characters long.

Default
N/A.

Usage Guidelines
This command creates a self signed certificate and private key that can be saved in the EEPROM. The certificate generated is in the PEM format. Any existing certificate and private key is overwritten. The size of the certificate depends on the RSA key length (privkeylen) and the length of the other parameters (country, organization name, and so forth) supplied by the user. If the RSA key length is 1024, then the certificate is approximately 1 kb. For an RSA key length of 4096, the certificate length is approximately 2 kb, and the private key length is approximately 3 kb. Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL. If you try to execute SSL commands without installing the module first, the switch notifies you to download and install the module. To install the module, see the instructions in Appendix A of the ExtremeWare XOS Concepts Guide. The CNA Agent requires SSL to encrypt communication between the CNA Agent and the CNA Server. For more information about the CNA Agent, see Appendix C, CNA Agent Commands.

Example
The following command creates an SSL certificate in the USA for a website called bigcats:
configure ssl certificate privkeylen 2048 country US organization IEEE common-name bigcats

ExtremeWare XOS 11.3 Command Reference

757

Security Commands

History
This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module.

Platform Availability
This command is available on all platforms.

758

ExtremeWare XOS 11.3 Command Reference

configure ssl privkey pregenerated

configure ssl privkey pregenerated


configure ssl privkey pregenerated

Description
Obtains the pre-generated private key from the user.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command is also used when downloading or uploading the configuration. The private key is stored in the EEPROM, and the certificate is stored in the configuration file. With this command, you copy and paste the private key into the command line followed by a blank line to end the command. The following security algorithms are supported:

RSA for public key cryptography (generation of certificate and public-private key pair, certificate signing). RSA key size between 1024 and 4096 bits. Symmetric ciphers (for data encryption): RC4, DES, and 3DES. Message Authentication Code (MAC) algorithms: MD5 and SHA.

The certificate and private key file should be in PEM format and generated using RSA as the cryptography algorithm. Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL. If you try to execute SSL commands without installing the module first, the switch notifies you to download and install the module. To install the module, see the instructions in Appendix A of the ExtremeWare XOS Concepts Guide. The CNA Agent requires SSL to encrypt communication between the CNA Agent and the CNA Server. For more information about the CNA Agent, see Appendix C, CNA Agent Commands.

Example
The following command obtains the pre-generated private key from the user:
configure ssl privkey pregenerated

Next, you the open the certificate and then copy and paste the certificate into the console/Telnet session, followed by a blank line to end the command.

ExtremeWare XOS 11.3 Command Reference

759

Security Commands

History
This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module.

Platform Availability
This command is available on all platforms.

760

ExtremeWare XOS 11.3 Command Reference

configure tacacs server

configure tacacs server


configure tacacs [primary | secondary] server [<ipaddress> | <hostname>] {<tcp_port>} client-ip <ipaddress> {vr <vr_name>}

Description
Configures the server information for a TACACS+ authentication server.

Syntax Description
primary secondary ipaddress hostname tcp_port ipaddress vr_name Configures the primary TACACS+ server. Configures the secondary TACACS+ server. The IP address of the TACACS+ server being configured. The host name of the TACACS+ server being configured. The TCP port to use to contact the TACACS+ server. The IP address used by the switch to identify itself when communicating with the TACACS+ server. Specifies the virtual router on which the client IP is located. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Default
TACACS+ uses TCP port 49. The default virtual router is VR-Mgmt, the management virtual router

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Use this command to configure the server information for a TACACS+ server. To remove a server, use the following command:
unconfigure tacacs server [primary | secondary]

Use of the <hostname> parameter requires that DNS be enabled.

Example
The following command configures server tacacs1 as the primary TACACS+ server for client switch 10.10.20.35 using a virtual router interface of VR-Default:
configure tacacs primary server tacacs1 client-ip 10.10.20.35 vr vr-Default

ExtremeWare XOS 11.3 Command Reference

761

Security Commands

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

762

ExtremeWare XOS 11.3 Command Reference

configure tacacs shared-secret

configure tacacs shared-secret


configure tacacs [primary | secondary] shared-secret {encrypted} <string>

Description
Configures the shared secret string used to communicate with the TACACS+ authentication server.

Syntax Description
primary secondary encrypted string Configures the authentication string for the primary TACACS+ server. Configures the authentication string for the secondary TACACS+ server. Indicates that the string is already encrypted. The string to be used for authentication.

Default
N/A.

Usage Guidelines
The secret must be the same between the client switch and the TACACS+ server. The encrypted keyword is primarily for the output of the show configuration command, so the shared secret is not revealed in the command output. Do not use it to set the shared secret.

Example
The following command configures the shared secret as purplegreen on the primary TACACS+ server:
configure tacacs-accounting primary shared-secret purplegreen

History
This command was first available in ExtremeWare XOS 10.1. The encrypted keyword was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

763

Security Commands

configure tacacs timeout


configure tacacs timeout <seconds>

Description
Configures the timeout interval for TACAS+ authentication requests.

Syntax Description
seconds Specifies the number of seconds for authentication requests. Range is 3 to 120 seconds.

Default
The default is 3 seconds.

Usage Guidelines
Use this command to configure the timeout interval for TACACS+ authentication requests. To detect and recover from a TACACS+ server failure when the timeout has expired, the switch makes one authentication attempt before trying the next designated TACACS+ server or reverting to the local database for authentication. In the event that the switch still has IP connectivity to the TACACS+ server, but a TCP session cannot be established, (such as a failed TACACS+ daemon on the server), failover happens immediately regardless of the configured timeout value. For example, if the timeout value is set for 3 seconds (the default value), it will take 3 seconds to fail over from the primary TACACS+ server to the secondary TACACS+ server. If both the primary and the secondary servers fail or are unavailable, it takes approximately 6 seconds to revert to the local database for authentication.

Example
The following command configures the timeout interval for TACACS+ authentication to 10 seconds:
configure tacacs timeout 10

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

764

ExtremeWare XOS 11.3 Command Reference

configure tacacs-accounting server

configure tacacs-accounting server


configure tacacs-accounting [primary | secondary] server [<ipaddress> | <hostname>] {<udp_port>} client-ip <ipaddress> {vr <vr_name>}

Description
Configures the TACACS+ accounting server.

Syntax Description
primary secondary ipaddress hostname tcp_port ipaddress vr_name Configures the primary TACACS+ accounting server. Configures the secondary TACACS+ accounting server. The IP address of the TACACS+ accounting server being configured. The host name of the TACACS+ accounting server being configured. The TCP port to use to contact the TACACS+ server. The IP address used by the switch to identify itself when communicating with the TACACS+ accounting server. Specifies the virtual router on which the client IP is located. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Default
Unconfigured. The default virtual router is VR-Mgmt, the management virtual router.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

You can use the same TACACS+ server for accounting and authentication. To remove a server, use the following command:
unconfigure tacacs server [primary | secondary]

Example
The following command configures server tacacs1 as the primary TACACS+ accounting server for client switch 10.10.20.35 using a virtual router interface of VR-Default:
configure tacacs-accounting primary server tacacs1 client-ip 10.10.20.35 vr vr-Default

ExtremeWare XOS 11.3 Command Reference

765

Security Commands

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

766

ExtremeWare XOS 11.3 Command Reference

configure tacacs-accounting shared-secret

configure tacacs-accounting shared-secret


configure tacacs-accounting [primary | secondary] shared-secret {encrypted} <string>

Description
Configures the shared secret string used to communicate with the TACACS+ accounting server.

Syntax Description
primary secondary string Configures the authentication string for the primary TACACS+ accounting server. Configures the authentication string for the secondary TACACS+ accounting server. The string to be used for authentication.

Default
N/A.

Usage Guidelines
Secret needs to be the same as on the TACACS+ server. The encrypted keyword is primarily for the output of the show configuration command, so the shared secret is not revealed in the command output. Do not use it to set the shared secret.

Example
The following command configures the shared secret as tacacsaccount on the primary TACACS+ accounting server:
configure tacacs-accounting primary shared-secret tacacsaccount

History
This command was first available in ExtremeWare XOS 10.1. The encrypted keyword was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

767

Security Commands

configure tacacs-accounting timeout


configure tacacs-accounting timeout <seconds>

Description
Configures the timeout interval for TACACS+ accounting authentication requests.

Syntax Description
seconds Specifies the number of seconds for accounting requests. Range is 3 to 120 seconds

Default
The default is 3 seconds.

Usage Guidelines
This command configures the timeout interval for TACACS+ accounting authentication requests. To detect and recover from a TACACS+ accounting server failure when the timeout has expired, the switch makes one authentication attempt before trying the next designated TACACS+ accounting server or reverting to the local database for authentication. In the event that the switch still has IP connectivity to the TACACS+ accounting server, but a TCP session cannot be established, (such as a failed TACACS+ daemon on the accounting server), failover happens immediately regardless of the configured timeout value. For example, if the timeout value is set for 3 seconds (the default value), it takes 3 seconds to fail over from the primary TACACS+ accounting server to the secondary TACACS+ accounting server. If both the primary and the secondary servers fail or are unavailable, it takes approximately 6 seconds to revert to the local database for authentication.

Example
The following command configures the timeout interval for TACACS+ accounting authentication to 10 seconds:
configure tacacs-accounting timeout 10

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

768

ExtremeWare XOS 11.3 Command Reference

configure vlan dhcp-address-range

configure vlan dhcp-address-range


configure vlan <vlan_name> dhcp-address-range <ipaddress1> - <ipaddress2>

Description
Configures a set of DHCP addresses for a VLAN.

Syntax Description
vlan_name ipaddress1 ipaddress2 Specifies the VLAN on whose ports DHCP will be enabled. Specifies the first IP address in the DHCP address range to be assigned to this VLAN. Specifies the last IP address in the DHCP address range to be assigned to this VLAN.

Default
N/A.

Usage Guidelines
The following error conditions are checked: ipaddress2 >= ipaddress1, the range must be in the VLAN's network, the range does not contain the VLAN's IP address, and the VLAN has an IP address assigned.

Example
The following command allocates the IP addresses between 192.168.0.20 and 192.168.0.100 for use by the VLAN temporary:
configure temporary dhcp-address-range 192.168.0.20 - 192.168.0.100

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

769

Security Commands

configure vlan dhcp-lease-timer


configure vlan <vlan_name> dhcp-lease-timer <lease-timer>

Description
Configures the timer value in seconds returned as part of the DHCP response.

Syntax Description
name lease-timer Specifies the VLAN on whose ports netlogin should be disabled. Specifies the timer value, in seconds.

Default
N/A.

Usage Guidelines
The timer value is specified in seconds. The timer value range is 0 - 4294967295, where 0 indicates the default (not configured) value of 7200 second.

Example
The following command configures the DHCP lease timer value for VLAN corp:
configure vlan corp dhcp-lease-timer <lease-timer>

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

770

ExtremeWare XOS 11.3 Command Reference

configure vlan dhcp-options

configure vlan dhcp-options


configure vlan <vlan_name> dhcp-options [default-gateway | dns-server | wins-server] <ipaddress>

Description
Configures the DHCP options returned as part of the DHCP response by a switch configured as a DHCP server.

Syntax Description
name default-gateway dns-server wins-server ipaddress Specifies a VLAN name. Specifies the router option. Specifies the Domain Name Server (DNS) option. Specifies the NetBIOS name server (NBNS) option. The IP address associated with the specified option.

Default
N/A.

Usage Guidelines
This command configures the DHCP options that can be returned to the DHCP client. For the defaultgateway option you are only allowed to configure an IP address that is in the VLAN's network range. For the other options, any IP address is allowed. The options below represent the following BOOTP options specified by RFC2132:

default-gatewayRouter option, number 3 dns-serverDomain Name Server option, number 6 wins-serverNetBIOS over TCP/IP Name Server option, number 44

Example
The following command configures the DHCP server to return the IP address 10.10.20.8 as the router option:
configure vlan <name> dhcp-options default-gateway 10.10.20.8

History
This command was first available in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

771

Security Commands

Platform Availability
This command is available on all platforms.

772

ExtremeWare XOS 11.3 Command Reference

disable dos-protect

disable dos-protect
disable dos-protect

Description
Disables denial of service protection.

Syntax Description
There are no arguments or variables for this command.

Default
Default is disabled.

Usage Guidelines
None.

Example
The following command disables denial of service protection.
disable dos-protect

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

773

Security Commands

disable dhcp ports vlan


disable dhcp ports <portlist> vlan <vlan name>

Description
Disables DHCP on a specified port in a VLAN.

Syntax Description
portlist vlan name Specifies the ports for which DHCP should be disabled. Specifies the VLAN on whose ports DHCP should be disabled.

Default
N/A.

Usage Guidelines
None.

Example
The following command disables DHCP for port 6:9 in VLAN corp:
disable dhcp ports 6:9 vlan corp

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

774

ExtremeWare XOS 11.3 Command Reference

disable radius

disable radius
disable radius {mgmt-access | netlogin}

Description
Disables the RADIUS client.

Syntax Description
mgmt-access netlogin Specifies the switch management RADIUS authentication server. Specifies the network login RADIUS authentication server.

Default
RADIUS authentication is disabled for both switch management and network login by default.

Usage Guidelines
Use the mgmt-access keyword to disable RADIUS authentication for switch management functions. Use the netlogin keyword to disable RADIUS authentication for network login. If you do not specify a keyword, RADIUS authentication is disabled on the switch for both management and network login.

Example
The following command disables RADIUS authentication on the switch for both management and network login:
disable radius

The following command disables RADIUS authentication on the switch for network login:
disable radius netlogin

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

775

Security Commands

disable radius-accounting
disable radius-accounting {mgmt-access | netlogin}

Description
Disables RADIUS accounting.

Syntax Description
mgmt-access netlogin Specifies the switch management RADIUS accounting server. Specifies the network login RADIUS accounting server.

Default
RADIUS accounting is disabled for both switch management and network login by default.

Usage Guidelines
Use the mgmt-access keyword to disable RADIUS accounting for switch management functions. Use the netlogin keyword to disable RADIUS accounting for network login. If you do not specify a keyword, RADIUS accounting is disabled on the switch for both management and network login.

Example
The following command disables RADIUS accounting on the switch for both management and network login:
disable radius-accounting

The following command disables RADIUS accounting on the switch for network login:
disable radius-accounting netlogin

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

776

ExtremeWare XOS 11.3 Command Reference

disable ssh2

disable ssh2
disable ssh2

Description
Disables the SSH2 server for incoming SSH2 sessions to switch.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
SSH2 options (non-default port setting) are not saved when SSH2 is disabled. To view the status of SSH2 on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for SSH2.

Example
The following command disables the SSH2 server:
disable ssh2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

777

Security Commands

disable tacacs
disable tacacs

Description
Disables TACACS+ authentication.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command disables TACACS+ authentication for the switch:
disable tacacs

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

778

ExtremeWare XOS 11.3 Command Reference

disable tacacs-accounting

disable tacacs-accounting
disable tacacs-accounting

Description
Disables TACACS+ accounting.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command disables TACACS+ accounting:
disable tacacs-accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

779

Security Commands

disable tacacs-authorization
disable tacacs-authorization

Description
Disables TACACS+ authorization.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This disables CLI command authorization but leaves user authentication enabled.

Example
The following command disables TACACS+ CLI command authorization:
disable tacacs-authorization

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

780

ExtremeWare XOS 11.3 Command Reference

disable web https

disable web https


disable web https

Description
Disables the secure socket layer (SSL) access to the switch on the default port (443).

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Use this command to disable SSL before changing the certificate or private key. Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL. If you try to execute SSL commands without installing the module first, the switch notifies you to download and install the module. To install the module, see the instructions in Appendix A of the ExtremeWare XOS Concepts Guide.

Example
The following command disables SSL on the default port:
disable web https

History
This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

781

Security Commands

download ssl certificate


download ssl <ip_address> certificate <cert file>

Description
Permits downloading of a certificate key from files stored in a TFTP server.

Syntax Description
ip_address cert file Specifies the IP address of the TFTP server. Specifies the name of the certificate key.

Default
N/A.

Usage Guidelines
If the download operation is successful, any existing certificate is overwritten. After a successful download, the software attempts to match the public key in the certificate against the private key stored. If the private and public keys do not match, the switch displays a warning message similar to the following: Warning: The Private Key does not match with the Public Key in the certificate. This warning acts as a reminder to also download the private key. NOTE
You can only download a certificate key in the VR-Mgmt virtual router.

Downloaded certificates and keys are not saved across switch reboots unless you save your current switch configuration. Once you issue the save command, the downloaded certificate is stored in the configuration file and the private key is stored in the EEPROM. Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL. If you try to execute SSL commands without installing the module first, the switch notifies you to download and install the module. To install the module, see the instructions in Appendix A of the ExtremeWare XOS Concepts Guide. You can purchase and obtain SSL certificates from Internet security vendors. Remote IP Address Character Restrictions. This section provides information about the characters supported by the switch for remote IP addresses. When specifying a remote IP address, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9)

782

ExtremeWare XOS 11.3 Command Reference

download ssl certificate


Period ( . ) Colon ( : )

When configuring an IP address for your network server, remember the requirements listed above. Remote Filename Character Restrictions. This section provides information about the characters supported by the switch for remote filenames. When specifying a remote filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ ) Slash ( / )

When naming a remote file, remember the requirements listed above.

Example
The following command downloads a certificate from a TFTP server with the IP address of 123.45.6.78:
download ssl 123.45.6.78 certificate g0ethner1

History
This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

783

Security Commands

download ssl privkey


download ssl <ip_address> privkey <key file>

Description
Permits downloading of a private key from files stored in a TFTP server.

Syntax Description
ip_address key file Specifies the IP address of the TFTP server. Specifies the name of the private key file.

Default
N/A.

Usage Guidelines
If the operation is successful, the existing private key is overwritten. After a successful download, a check is performed to find out whether the private key downloaded matches the public key stored in the certificate. If the private and public keys do not match, the switch displays a warning similar to the following: Warning: The Private Key does not match with the Public Key in the certificate. This warning acts as a reminder to also download the corresponding certificate. The certificate and private key file should be in PEM format and generated using RSA as the cryptography algorithm. Downloaded certificates and keys are not saved across switch reboots unless you save your current switch configuration. Once you issue the save command, the downloaded certificate is stored in the configuration file and the private key is stored in the EEPROM. Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL. If you try to execute SSL commands without installing the module first, the switch notifies you to download and install the module. To install the module, see the instructions in Appendix A of the ExtremeWare XOS Concepts Guide. Remote IP Address Character Restrictions. This section provides information about the characters supported by the switch for remote IP addresses. When specifying a remote IP address, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9)

784

ExtremeWare XOS 11.3 Command Reference

download ssl privkey


Period ( . ) Colon ( : )

When configuring an IP address for your network server, remember the requirements listed above. Remote Filename Character Restrictions. This section provides information about the characters supported by the switch for remote filenames. When specifying a remote filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ ) Slash ( / )

When naming a remote file, remember the requirements listed above.

Example
The following command downloads a private key from a TFTP server with the IP address of 123.45.6.78:
download ssl 123.45.6.78 privkey t00Ts1e

History
This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

785

Security Commands

enable dos-protect
enable dos-protect

Description
Enables denial of service protection.

Syntax Description
This command has no arguments or variables.

Default
The default is disabled.

Usage Guidelines
None.

Example
The following command enables denial of service protection.
enable dos-protect

History
This command was first available in ExtremeWare XOS 11.1

Platform Availability
This command is available on all platforms.

786

ExtremeWare XOS 11.3 Command Reference

enable dos-protect simulated

enable dos-protect simulated


enable dos-protect simulated

Description
Enables simulated denial of service protection.

Syntax Description
This command has no arguments or variables.

Default
The default is disabled.

Usage Guidelines
If simulated denial of service is enabled, no ACLs are created. This mode is useful to gather information about normal traffic levels on the switch. This will assist in configuring denial of service protection so that legitimate traffic is not blocked.

Example
The following command enables simulated denial of service protection.
enable dos-protect simulated

History
This command was first available in ExtremeWare XOS 11.3

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

787

Security Commands

enable dhcp ports vlan


enable dhcp ports <portlist> vlan <vlan_name>

Description
Enables DHCP on a specified port in a VLAN.

Syntax Description
portlist vlan_name Specifies the ports for which DHCP should be disabled. Specifies the VLAN on whose ports DHCP should be disabled.

Default
N/A.

Usage Guidelines
None.

Example
The following command enables DHCP for port 5:9 in VLAN corp:
disable dhcp ports 5:9 vlan corp

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

788

ExtremeWare XOS 11.3 Command Reference

enable radius

enable radius
enable radius {mgmt-access | netlogin}

Description
Enables the RADIUS client on the switch.

Syntax Description
mgmt-access netlogin Specifies the switch management RADIUS authentication server. Specifies the network login RADIUS authentication server.

Default
RADIUS authentication is disabled for both switch management and network login by default.

Usage Guidelines
Before you enable RADIUS on the switch, you must configure the servers used for authentication and configure the authentication string (shared secret) used to communicate with the RADIUS authentication server. To configure the RADIUS authentication servers, use the following command: configure radius
{mgmt-access | netlogin} [primary | secondary] server [<ipaddress> | <hostname>] {<udp_port>} client-ip [<ipaddress>] {vr <vr_name>}

To configure the shared secret, use the following command: configure radius {mgmt-access | netlogin} [primary | secondary] shared-secret {encrypted} <string> If you do not specify a keyword, RADIUS authentication is enabled on the switch for both management and network login. When enabled, all web, Telnet, and SSH logins are sent to the RADIUS servers for authentication. When used with a RADIUS server that supports ExtremeWare XOS CLI authorization, each CLI command is sent to the RADIUS server for authorization before it is executed. Use the mgmt-access keyword to enable RADIUS authentication for switch management functions. Use the netlogin keyword to enable RADIUS authentication for network login.

Example
The following command enables RADIUS authentication on the switch for both management and network login:
enable radius

The following command enables RADIUS authentication on the switch for network login:
enable radius netlogin

ExtremeWare XOS 11.3 Command Reference

789

Security Commands

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

790

ExtremeWare XOS 11.3 Command Reference

enable radius-accounting

enable radius-accounting
enable radius-accounting {mgmt-access | netlogin}

Description
Enables RADIUS accounting.

Syntax Description
mgmt-access netlogin Specifies the switch management RADIUS accounting server. Specifies the network login RADIUS accounting server.

Default
RADIUS accounting is disabled for both switch management and network login by default.

Usage Guidelines
The RADIUS client must also be enabled. Before you enable RADIUS accounting on the switch, you must configure the servers used for accounting and configure the authentication string (shared secret) used to communicate with the RADIUS accounting server. To configure the RADIUS accounting servers, use the following command: configure radiusaccounting {mgmt-access | netlogin} [primary | secondary] server [<ipaddress> | <hostname>] {<tcp_port>} client-ip [<ipaddress>] {vr <vr_name>}

To configure the shared secret, use the following command: configure radius-accounting {mgmtaccess | netlogin} [primary | secondary] shared-secret {encrypted} <string> If you do not specify a keyword, RADIUS accounting is enabled on the switch for both management and network login. Use the mgmt-access keyword to enable RADIUS accounting for switch management functions. Use the netlogin keyword to enable RADIUS accounting for network login.

Example
The following command enables RADIUS accounting on the switch for both management and network login:
enable radius-accounting

The following command enables RADIUS accounting for network login:


enable radius-accounting netlogin

ExtremeWare XOS 11.3 Command Reference

791

Security Commands

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

792

ExtremeWare XOS 11.3 Command Reference

enable ssh2

enable ssh2
enable ssh2 {access-profile [<access_profile> | none]} {port <tcp_port_number>} {vr [<vr_name> | all | default]}

Description
Enables SSH2 server to accept incoming sessions from SSH2 clients.

Syntax Description
access_profile none port vr_name Specifies an ACL policy. Cancels a previously configured ACL policy. Specifies a TCP port number. The default is port 22. Specifies a virtual router name. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. all default Specifies that SSH is enabled on all virtual routers. Specifies that SSH is enabled on the default virtual router.

Default
The SSH2 feature is disabled by default.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

SSH2 enables the encryption of session data. You must be logged in as an administrator to enable SSH2. SSH2 functionality is not present in the base ExtremeWare XOS software image, but is in an additional, installable module. Before you can access any SSH2 commands, you must install the module. Without the module, the commands do not appear on the command line. To install the module, see the instructions in Appendix A, Software Upgrade and Boot Options. After you have installed the SSH2 module, you must generate a host key and enable SSH2. To generate an SSH2 host key, use the configure ssh2 key command. To enable SSH2, use the enable ssh2 command. Use the port option to specify a TCP port number other than the default port of 22. You can only specify ports 22 and 1024 through 65535. Using ACLs to Control SSH Access. You can specify a list of predefined clients that are allowed SSH2 access to the switch. To do this, you configure an ACL policy to permit or deny a specific list of IP addresses and subnet masks for the SSH port. You must create an ACL policy file before you can use

ExtremeWare XOS 11.3 Command Reference

793

Security Commands the access-profile option. If the ACL policy file does not exist on the switch, the switch returns an error message indicating that the file does not exist. Use the none option to cancel a previously configured ACL. Creating an ACL Policy File. To create an ACL policy file, use the edit policy command. For more information about creating and implementing ACL policy files, see Chapter 12, Policy Manager and Chapter 13, Access Lists (ACLs), in the ExtremeWare XOS Concepts Guide. If you attempt to implement a policy that does not exist on the switch, an error message similar to the following appears:
Error: Policy /config/MyAccessProfile_2.pol does not exist on file system

If this occurs, make sure the policy you want to implement exists on the switch. To confirm the policies on the switch, use the ls command. If the policy does not exist, create the ACL policy file. Viewing SSH Information. To view the status of SSH2 sessions on the switch, use the show management command. The show management command displays information about the switch including the enable/disable state for SSH2 sessions and whether a valid key is present.

Example
The following command enables the SSH2 feature:
enable ssh2

The next example assumes you have already created an ACL to apply to SSH. The following command applies the ACL MyAccessProfile_2 to SSH:
enable ssh2 access-profile MyAccessProfile_2

History
This command was first available in the ExtremeWare XOS 11.0 SSH module. The access-profile and none options were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

794

ExtremeWare XOS 11.3 Command Reference

enable tacacs

enable tacacs
enable tacacs

Description
Enables TACACS+ authentication.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
After they have been enabled, all web and Telnet logins are sent to one of the two TACACS+ servers for login name authentication.

Example
The following command enables TACACS+ user authentication:
enable tacacs

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

795

Security Commands

enable tacacs-accounting
enable tacacs-accounting

Description
Enables TACACS+ accounting.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
If accounting is used, the TACACS+ client must also be enabled.

Example
The following command enables TACACS+ accounting for the switch:
enable tacacs-accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

796

ExtremeWare XOS 11.3 Command Reference

enable tacacs-authorization

enable tacacs-authorization
enable tacacs-authorization

Description
Enables CLI command authorization.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
When enabled, each command is transmitted to the remote TACACS+ server for authorization before the command is executed. TACACS+ authentication must also be enabled to use TACACS+ authorization. Use the following command to enable authentication:
enable tacacs

Example
The following command enables TACACS+ command authorization for the switch:
enable tacacs-authorization

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

797

Security Commands

enable web https


enable web https

Description
Enables secure socket layer (SSL) access to the switch on the default port (443).

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Use this command to allow users to connect using a more secure connection. Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL. If you try to execute SSL commands without installing the modul first, the switch notifies you to download and install the module. To install the module, see the instructions in Appendix A of the ExtremeWare XOS Concepts Guide. To use secure HTTP access (HTTPS) for web-based login connections, you must specify HTTPS as the protocol when configuring the redirect URL. For more information about configuring the redirect URL, see the configure netlogin redirect-page command. Prior to ExtremeWare XOS 11.2, the SSH module did not include SSL. To use SSL, you must download and install the current SSH module. If you are currently running SSH with ExtremeWare XOS 11.0 or 11.1, and you want to use SSL for secure HTTPS web-based login, you must upgrade your core software image to ExtremeWare XOS 11.2 or later, install the SSH module that works in concert with that core software image, and reboot the switch.

Example
The following command enables SSL on the default port:
enable web https

History
This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module.

798

ExtremeWare XOS 11.3 Command Reference

enable web https

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

799

Security Commands

scp2
scp2 {cipher [3des | blowfish]} {port <portnum>} {debug <debug_level>} <user>@ [<hostname> | <ipaddress>]:<remote_file> <local_file> {vr <vr_name>} or scp2 {cipher [3des | blowfish]} {port <portnum>} {debug <debug_level>} <local_file> <user>@ [<hostname> | <ipaddress>]:<remote_file> {vr <vr_name>}

Description
The first command initiates an SCP2 client session to a remote SCP2 server and copies a configuration or policy file from the remote system to the switch. The second command initiates an SCP2 client session to a remote SCP2 server and copies a configuration or policy file from the switch to a remote system.

Syntax Description
3des blowfish portnum debug_level user hostname ipaddress remote_file local_file vr_name Specifies that the 3des cipher should be used for encryption. This is the default. Specifies that the blowfish cipher should be used for encryption. Specifies the TCP port number to be used for communicating with the SSH2 client. The default is port 22. Specifies a debug level. The default is 0. With a default of 0, the range is 1 through 3. Specifies a login name for the remote host. Specifies the name of the remote host. Specifies the IP address of the remote host. Specifies the name of the remote file (configuration file, policy file) to be transferred. Specifies the name of the local file (configuration file, policy file) to be transferred. Specifies the virtual router. The default virtual router is VR-Mgmt. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Default
The default settings for SSH2 parameters are as follows:

cipher3des encryption port22 compressionoff debug_level0 (zero) vr_nameVR-Mgmt

800

ExtremeWare XOS 11.3 Command Reference

scp2

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

You must be running the SSH2 module (ssh.xmod), which is under Export Control, in order to use the SCP2 command. SSH2 does not need to be enabled on the switch in order to use this command. This command logs into the remote host as <user> and accesses the file <remote_file>. You will be prompted for a password from the remote host, if required. Host Name, User Name, and Remote IP Address Character Restrictions. This section provides information about the characters supported by the switch for host names and remote IP addresses. When specifying a host name, user name, or remote IP address, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Permitted for host and user names Underscore ( _ ) Permitted for host and user names Colon ( : ) At symbol ( @ ) Permitted only for user names Slash ( / ) Permitted only for user names

When naming the host, creating a user name, or configuring the IP address, remember the requirements listed above. Remote Filename Character Restrictions. This section provides information about the characters supported by the switch for remote filenames. When specifying a remote filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ ) Slash ( / )

When naming a remote file, remember the requirements listed above.

Example
The following command copies the configuration file test.cfg on host system1 to the switch:
scp2 admin@system1:/config/test.cfg localtest.cfg

ExtremeWare XOS 11.3 Command Reference

801

Security Commands The following command copies the configuration file engineering.cfg from the switch to host system1:
scp2 engineering.cfg admin@system1:/config/engineering.cfg

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

802

ExtremeWare XOS 11.3 Command Reference

show dhcp-server

show dhcp-server
show dhcp-server {vlan <vlan_name>}

Description
Displays the DHCP servers configuration and address allocation on a specified VLAN.

Syntax Description
vlan_name Specifies the VLAN of the DHCP server of interest.

Default
N/A.

Usage Guidelines
If no VLAN is specified, the configuration and address allocation for the servers on all the VLANs is displayed.

Example
The following command displays the configuration and address allocation for the DHCP server for the VLAN corp:
show dhcp-server vlan corp

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

803

Security Commands

show dos-protect
show dos-protect {detail}

Description
Displays DoS protection configuration and state.

Syntax Description
detail Specifies to display statistics in addition to configuration and state.

Default
N/A.

Usage Guidelines
Use this command to display the DoS protection settings. Using the detail option will also display the following cumulative statistics:

trusted notify alerts

Example
The following command displays the DoS protection settings for the switch:
show dos-protect

The following is sample output from this command:


dos-protect is disabled dos-protect settings: interval: 1 (measurement interval secs) acl expire time: 5 (secs) trusted ports: no trusted ports configured type L3-Protect: notify threshold: alert threshold:

3500 4000

(level to log a message) (level to generate an ACL)

804

ExtremeWare XOS 11.3 Command Reference

show dos-protect The following command displays detailed DoS protection settings for the switch:
show dos-protect detail

The following is sample output from this command:


dos-protect is enabled dos-protect settings: interval: 1 (measurement interval secs) acl expire time: 5 (secs) trusted ports: 1:2 type L3-Protect: notify threshold: alert threshold: dos-protect statistics: trusted: 1301 notify: 0 alerts: 0

3500 4000

(level to log a message) (level to generate an ACL)

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

805

Security Commands

show radius
show radius {mgmt-access | netlogin}

Description
Displays the current RADIUS client configuration and statistics.

Syntax Description
mgmt-access netlogin Specifies configuration and statistics for the switch management RADIUS authentication server. Specifies configuration and statistics for the network login RADIUS authentication server.

Default
N/A.

Usage Guidelines
If you do not specify a keyword, configuration details related to both management and network login are displayed. The output from this command displays the status of RADIUS and RADIUS accounting (enabled or disabled) and the primary and secondary servers for RADIUS and RADIUS accounting. Use the mgmt-access keyword to display only RADIUS configuration details related to management access. Use the netlogin keyword to only RADIUS configuration details related to network login.

Example
The following command displays the current RADIUS client configuration and statistics for both management and network login:
show radius

The following is sample output from this command:


Switch Management Radius: enabled Switch Management Radius server connect time out: 3 seconds Switch Management Radius Accounting: disabled Switch Management Radius Accounting server connect time out: 3 seconds Netlogin Radius: enabled Netlogin Radius server connect time out: 3 seconds Netlogin Radius Accounting: disabled Netlogin Radius Accounting server connect time out: 3 seconds Primary Switch Management Radius server: Server name :

806

ExtremeWare XOS 11.3 Command Reference

show radius
IP address : Server IP Port: Client address: Shared secret : Access Requests : Access Rejects : Access Retransmits: Bad authenticators: Round Trip Time : 10.100.1.100 1812 10.116.3.101 (VR-Mgmt) g~`#uovpkkpvi~` 0 Access Accepts 0 Access Challenges 0 Client timeouts 0 Unknown types 0

: : : :

0 0 0 0

Secondary Switch Management Radius server: Server name : IP address : 10.100.1.101 Server IP Port: 1812 Client address: 10.116.3.101 (VR-Mgmt) Shared secret : g~`#uovpkkpvi~` Access Requests : 0 Access Accepts Access Rejects : 0 Access Challenges Access Retransmits: 0 Client timeouts Bad authenticators: 0 Unknown types Round Trip Time : 0 Primary Netlogin Radius server: Server name : IP address : 10.100.1.200 Server IP Port: 1812 Client address: 10.116.3.101 (VR-Mgmt) Shared secret : g~`#uovpkkpvi~` Access Requests : 0 Access Accepts Access Rejects : 0 Access Challenges Access Retransmits: 0 Client timeouts Bad authenticators: 0 Unknown types Round Trip Time : 0 Secondary Netlogin Radius server: Server name : IP address : 10.100.1.201 Server IP Port: 1812 Client address: 10.116.3.101 (VR-Mgmt) Shared secret : g~`#uovpkkpvi~` Access Requests : 0 Access Accepts Access Rejects : 0 Access Challenges Access Retransmits: 0 Client timeouts Bad authenticators: 0 Unknown types Round Trip Time : 0

: : : :

0 0 0 0

: : : :

0 0 0 0

: : : :

0 0 0 0

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

807

Security Commands

Platform Availability
This command is available on all platforms.

808

ExtremeWare XOS 11.3 Command Reference

show radius-accounting

show radius-accounting
show radius-accounting {mgmt-access | netlogin}

Description
Displays the current RADIUS accounting client configuration and statistics.

Syntax Description
mgmt-access netlogin Specifies configuration and statistics for the switch management RADIUS accounting server. Specifies configuration and statistics for the network login RADIUS accounting server.

Default
N/A.

Usage Guidelines
If you do not specify a keyword, configuration details related to both management and network login are displayed. The output from this command displays information about the status and configuration of RADIUS accounting. Use the mgmt-access keyword to display only RADIUS accounting configuration details related to management access. Use the netlogin keyword to display only RADIUS accounting configuration details related to network login.

Example
The following command displays RADIUS accounting client configuration and statistics for both management and network login:
show radius-accounting

The following is sample output from this command:


Switch Management Radius Accounting: disabled Switch Management Radius Accounting server connect time out: 3 seconds Netlogin Radius Accounting: disabled Netlogin Radius Accounting server connect time out: 3 seconds Primary Switch Management Accounting server: Server name : IP address : 10.100.1.100 Server IP Port: 1813 Client address: 10.116.3.101 (VR-Mgmt)

ExtremeWare XOS 11.3 Command Reference

809

Security Commands
Shared secret : Acct Requests : Acct Retransmits : g~`#uovpkkpvi~` 0 Acct Responses 0 Timeouts

: :

0 0

Secondary Switch Management Accounting server: Server name : IP address : 10.100.1.101 Server IP Port: 1813 Client address: 10.116.3.101 (VR-Mgmt) Shared secret : g~`#uovpkkpvi~` Acct Requests : 0 Acct Responses Acct Retransmits : 0 Timeouts Primary Netlogin Accounting server: Server name : IP address : 10.100.1.200 Server IP Port: 1813 Client address: 10.116.3.101 (VR-Mgmt) Shared secret : g~`#uovpkkpvi~` Acct Requests : 0 Acct Responses Acct Retransmits : 0 Timeouts Secondary Netlogin Accounting server: Server name : IP address : 10.100.1.201 Server IP Port: 1813 Client address: 10.116.3.101 (VR-Mgmt) Shared secret : g~`#uovpkkpvi~` Acct Requests : 0 Acct Responses Acct Retransmits : 0 Timeouts

: :

0 0

: :

0 0

: :

0 0

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

810

ExtremeWare XOS 11.3 Command Reference

show ssl

show ssl
show ssl

Description
Displays the secure socket layer (SSL) configuration.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command displays the following information:

HTTPS port configured. This is the port on which the clients will connect. Length of the RSA key (the number of bits used to generate the private key). Basic information about the stored certificate.

Similar to SSH2, before you can use any SSL commands, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. SSL is packaged with the SSH module; therefore, if you do not install the module, you are unable to configure SSL. If you try to execute SSL commands without installing the module first, the switch notifies you to download and install the module. To install the module, see the instructions in Appendix A of the ExtremeWare XOS Concepts Guide. If you attempt to use this command before installing the SSH module, the switch displays a message similar to the following:
SSL Module: Not Installed.

NOTE
The switch utilizes the SSH module for SSL functionality. You do not install an SSL module, only the SSH module.

Example
The following command displays the SSL configuration:
show ssl

The following is sample output from this command:


HTTPS Port Number: 443 Private Key matches with the Public Key in certificate. (or Private key does not match with the Public Key in the certificate)

ExtremeWare XOS 11.3 Command Reference

811

Security Commands
RSA Key Length: 1024 Certificate: Data: Version: 1 (0x0) Serial Number: 6 (0x6) Signature Algorithm: md5WithRSAEncryption Issuer: C=AU, O=CryptSoft Pty Ltd, CN=Test CA (1024 bit) Validity Not Before: Oct 16 22:31:03 2000 GMT Not After : Jan 14 22:31:03 2003 GMT Subject: C=AU, O=CryptSoft Pty Ltd, CN=Server test cert (512 bit)

History
This command was first available in the ExtremeWare XOS 11.2 and supported with the SSH module.

Platform Availability
This command is available on all platforms.

812

ExtremeWare XOS 11.3 Command Reference

show tacacs

show tacacs
show tacacs

Description
Displays the current TACACS+ configuration and statistics.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
The output of this command displays the following information:

TACACS+The current state of TACACS+, enabled or disabled. TACACS+ AuthorizationThe current state of TACACS+ authorization, enabled or disabled. TACACS+ AccountingThe current state of TACACS+ accounting, enabled or disabled. TACACS+ Server Connect TimeoutThe amount of time configured to detect and recover from a TACACS+ server failure. Primary TACACS+ ServerDescribes information about the primary TACACS+ server, including:

The name of the primary TACACS+ server The IP address of the primary TACACS+ server The TCP port to use to contact the primary TACACS+ server The IP address and VR used by the switch The shared secret configured for the primary TACACS+ server

Secondary TACACS+ ServerContains the same type of output as the primary TACACS+ server for the secondary TACACS+ server, if configured. TACACS+ Acct Server Connect TimeoutThe amount of time configured to detect and recover from a TACACS+ accounting server failure. TACACS+ Accounting Server parameters, if configured. Contains the same type of output as the TACACS+ server for the TACACS+ accounting server(s), if configured.

Example
The following command displays TACACS+ client configuration and statistics:
show tacacs

ExtremeWare XOS 11.3 Command Reference

813

Security Commands The following is sample output from this command:


TACACS+: enabled TACACS+ Authorization: enabled TACACS+ Accounting : enabled TACACS+ Server Connect Timeout sec: 3 Primary TACACS+ Server: Server name : IP address : 10.201.31.238 Server IP Port: 49 Client address: 10.201.31.65 (VR-Default) Shared secret : qijxou Secondary TACACS+ Server: Server name : IP address : 10.201.31.235 Server IP Port: 49 Client address: 10.201.31.65 (VR-Default) Shared secret : qijxou TACACS+ Acct Server Connect Timeout sec: 3 Primary TACACS+ Accounting Server: Server name : IP address : 10.201.31.238 Server IP Port: 49 Client address: 10.201.31.65 (VR-Default) Shared secret : qijxou Secondary TACACS+ Accounting Server: Server name : IP address : 10.201.31.235 Server IP Port: 49 Client address: 10.201.31.65 (VR-Default) Shared secret : qijxou

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

814

ExtremeWare XOS 11.3 Command Reference

show tacacs-accounting

show tacacs-accounting
show tacacs-accounting

Description
Displays the current TACACS+ accounting client configuration and statistics.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
The output of this command displays the following information:

TACACS+ AccountingThe current state of TACACS+ accounting, enabled or disabled. TACACS+ Accounting Server Connect TimeoutThe amount of time configured to detect and recover from a TACACS+ server failure. Primary TACACS+ Accounting ServerDescribes information about the primary TACACS+ accounting server, including:

The name of the primary TACACS+ accounting server The IP address of the primary TACACS+ accounting server The TCP port to use to contact the primary TACACS+ accounting server The IP address and VR used by the switch The shared secret configured for the primary TACACS+ accounting server

Secondary TACACS+ Accounting ServerContains the same type of output as the primary TACACS+ accounting server for the secondary TACACS+ accounting server, if configured.

Example
The following command displays TACACS+ accounting client configuration and statistics:
show tacacs-accounting The following is sample output of this command: TACACS+ Accounting : enabled TACACS+ Acct Server Connect Timeout sec: 3 Primary TACACS+ Accounting Server: Server name : IP address : 10.201.31.238 Server IP Port: 49 Client address: 10.201.31.85 (VR-Default) Shared secret : qijxou Secondary TACACS+ Accounting Server:Not configured

ExtremeWare XOS 11.3 Command Reference

815

Security Commands

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

816

ExtremeWare XOS 11.3 Command Reference

show vlan dhcp-address-allocation

show vlan dhcp-address-allocation


show vlan <vlan_name> dhcp-address-allocation

Description
Displays the DHCP servers address allocation on a specified VLAN.

Syntax Description
vlan_name Specifies the VLAN of the DHCP server of interest.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays the configuration of the DHCP for the VLAN corp:
show vlan corp dhcp-address-allocation

The following is sample output from this command:


============================================================================ IP MAC State Lease Renewal Time ============================================================================ 10.0.0.2 00:02:03:04:05:00 Offered 0000:00:10 10.0.0.3 00:08:03:04:05:00 Assigned 0000:59:09 10.0.0.4 ee:1c:00:04:05:00 Assigned 0000:59:09

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

817

Security Commands

show vlan dhcp-config


show vlan <vlan_name> dhcp-config

Description
Displays the DHCP server's configuration for the specified VLAN.

Syntax Description
vlan_name Specifies the VLAN of the DHCP server of interest.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays the configuration of the DHCP server for the VLAN corp:
show vlan corp dhcp-config

The following is sample output from this command:


DHCP Address Range DHCP Lease Timer Default Gateway DNS Server WINS Server Ports DHCP Enabled : : : : : : 10.0.0.2->10.0.0.20 Not configured (Default = 7200 seconds) 10.0.0.1 10.0.0.80 10.0.0.80 1:1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

818

ExtremeWare XOS 11.3 Command Reference

ssh2

ssh2
ssh2 {cipher [3des | blowfish]} {port <portnum>} {compression [on | off]} {user <username>} {debug <debug_level>} {<username>@} [<host> | <ipaddress>] {<remote command>} {vr <vr_name>}

Description
Initiates an SSH2 client session to a remote SSH2 server.

Syntax Description
3des blowfish portnum on off username debug_level host ipaddress remote command Specifies that the 3des cipher should be used for encryption. This is the default. Specifies that the blowfish cipher should be used for encryption. Specifies the TCP port number to be used for communicating with the SSH2 client. The default is port 22. Specifies that the data is to be compressed. Specifies that compression is not to be used. This is the default. Specifies a login name for the remote host, as an alternate to the username@host parameter. Can be omitted if it is the same as the username on the switch. Specifies a debug level. The default is 0. With a default of 0, the range is 1 through 3. Specifies the name of the remote host. Specifies the IP address of the remote host. Specifies a command to be passed to the remote system for execution. The switch does not support remote commands. The option is only valid if the remote system is a system, such as a UNIX workstation, that accepts remote commands. Specifies the virtual router. The default virtual router is VR-Mgmt. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

vr_name

Default
The default settings for SSH2 parameters are as follows:

cipher3des encryption port22 compressionoff debug_level0 (zero) vr_nameVR-Mgmt

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

ExtremeWare XOS 11.3 Command Reference

819

Security Commands You must be running the SSH2 module (ssh.xmod), which is under Export Control, in order to use the SSH2 client command. SSH2 does not need to be enabled on the switch in order to use this command. Typically, this command is used to establish a secure session to a remote switch. You are prompted for your password. Once you have logged in successfully, all ExtremeWare XOS command you enter are executed on the remote switch. When you terminate the remote session, commands will then resume being executed on the original switch. Host Name, User Name, and Remote IP Address Character Restrictions. This section provides information about the characters supported by the switch for host names and remote IP addresses. When specifying a host name, user name, or remote IP address, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Permitted for host and user names Underscore ( _ ) Permitted for host and user names Colon ( : ) Permitted for host names and remote IP addresses At symbol ( @ ) Permitted only for user names

When naming the host, creating a user name, or configuring the IP address, remember the requirements listed above. Remote Filename Character Restrictions. This section provides information about the characters supported by the switch for remote filenames. When specifying a remote filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ ) Slash ( / )

When naming a remote file, remember the requirements listed above.

Example
The following command establishes an SSH2 session on switch engineering1:
ssh2 admin@engineering1

The following command establishes and SSH2 session with the switch named BlackDiamond8810 over TCP port 2050 with compression enabled:
ssh2 port 2050 compression on admin@BlackDiamond8810

820

ExtremeWare XOS 11.3 Command Reference

ssh2

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms with the SSH2 module installed.

ExtremeWare XOS 11.3 Command Reference

821

Security Commands

unconfigure radius
unconfigure radius {mgmt-access | netlogin} {server [primary | secondary]}

Description
Unconfigures the RADIUS client configuration.

Syntax Description
mgmt-access netlogin primary secondary Specifies the switch management RADIUS authentication server. Specifies the network login RADIUS authentication server. Unconfigures the primary RADIUS server. Unconfigures the secondary RADIUS server.

Default
Unconfigures both primary and secondary servers for management and network login.

Usage Guidelines
If you do not specify any keywords, this command unconfigures both the primary and secondary servers for management and network login. The following list describes the available keywords:

mgmt-accessUse this keyword to unconfigure only the server(s) for management functions. netloginUse this keyword to unconfigure only the server(s) for network login. primaryUse this keyword to specify only the primary RADIUS sever. secondaryUse this keyword to specify only the secondary RADIUS server.

Example
The following command unconfigures the secondary RADIUS server settings for both management and network login:
unconfigure radius server secondary

The following command unconfigures the secondary RADIUS server settings for only network login:
unconfigure radius netlogin server secondary

The following command unconfigures all RADIUS server settings for only management functions:
unconfigure radius mgmt-access

822

ExtremeWare XOS 11.3 Command Reference

unconfigure radius

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

823

Security Commands

unconfigure radius-accounting
unconfigure radius-accounting {mgmt-access | netlogin} {server [primary | secondary]}

Description
Unconfigures the RADIUS accounting server configuration.

Syntax Description
mgmt-access netlogin primary secondary Specifies the switch management RADIUS accounting server. Specifies the network login RADIUS accounting server. Unconfigures the primary RADIUS accounting server. Unconfigures the secondary RADIUS accounting server.

Default
Unconfigures both the primary and secondary accounting servers for management and network login.

Usage Guidelines
If you do not specify any keywords, this command unconfigures both the primary and secondary accounting servers for management and network login. The following list describes the available keywords:

mgmt-accessUse this keyword to unconfigure only the accounting server(s) for management

functions.

netloginUse this keyword to unconfigure only the accounting server(s) for network login. primaryUse this keyword to specify only the primary RADIUS accounting sever. secondaryUse this keyword to specify only the secondary RADIUS accounting server.

Example
The following command unconfigures the secondary RADIUS accounting server settings for both management and network login:
unconfigure radius-accounting server secondary

The following command unconfigures the secondary RADIUS accounting server settings for only network login:
unconfigure radius-accounting netlogin server secondary

The following command unconfigures all RADIUS accounting server settings for only management functions:
unconfigure radius-accounting mgmt-access

824

ExtremeWare XOS 11.3 Command Reference

unconfigure radius-accounting

History
This command was first available in ExtremeWare XOS 10.1. The mgmt-access and netlogin keywords were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

825

Security Commands

unconfigure tacacs
unconfigure tacacs {server [primary | secondary]}

Description
Unconfigures the TACACS+ server configuration.

Syntax Description
primary secondary Unconfigures the primary TACACS+ server. Unconfigures the secondary TACACS+ server.

Default
Unconfigures both the primary and secondary TACACS+ servers.

Usage Guidelines
None.

Example
The following command unconfigures all TACACS+ servers settings:
unconfigure tacacs

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

826

ExtremeWare XOS 11.3 Command Reference

unconfigure tacacs-accounting

unconfigure tacacs-accounting
unconfigure tacacs-accounting {server [primary | secondary]}

Description
Unconfigures the TACACS+ accounting server configuration.

Syntax Description
primary secondary Unconfigures the primary TACACS+ accounting server. Unconfigures the secondary TACACS+ accounting server.

Default
Unconfigures both the primary and secondary TACACS+ accounting servers.

Usage Guidelines
None.

Example
The following command unconfigures all TACACS+ accounting servers settings:
unconfigure tacacs-accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

827

Security Commands

unconfigure vlan dhcp


unconfigure vlan <vlan_name> dhcp

Description
Unconfigure all the DHCP configuration information for the specified VLAN.

Syntax Description
vlan_name Specifies the VLAN on which to unconfigure DHCP.

Default
N/A.

Usage Guidelines
None.

Example
The following command unconfigures the DHCP server for the VLAN temporary:
unconfigure temporary dhcp

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

828

ExtremeWare XOS 11.3 Command Reference

unconfigure vlan dhcp-address-range

unconfigure vlan dhcp-address-range


unconfigure vlan <vlan_name> dhcp-address-range

Description
Unconfigure the DHCP address range information for the specified VLAN.

Syntax Description
vlan_name Specifies the VLAN on which to unconfigure DHCP.

Default
N/A.

Usage Guidelines
None.

Example
The following command unconfigures the DHCP address range for the VLAN temporary:
unconfigure temporary dhcp-address-range

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

829

Security Commands

unconfigure vlan dhcp-options


unconfigure vlan <vlan_name> dhcp-options

Description
Unconfigure the DHCP option information for the specified VLAN.

Syntax Description
vlan_name Specifies the VLAN on which to unconfigure DHCP.

Default
N/A.

Usage Guidelines
None.

Example
The following command unconfigures the DHCP options for the VLAN temporary:
unconfigure temporary dhcp-options

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

830

ExtremeWare XOS 11.3 Command Reference

16 Network Login Commands


This chapter describes commands for configuring network login. Network login is a feature designed to control the admission of user packets into a network by giving network access only to users that have been properly authenticated. Network login is controlled by an administrator on a per port, per VLAN basis and uses an integration of DHCP, user authentication over the web interface, user authentication by MAC address, or 802.1x client software, and a RADIUS server to provide a user database or specific configuration details. Network login has two modes of operation:

Campus mode, used when a port in a VLAN will move to another VLAN when authentication has been completed successfully. This mode is for the roaming user who will not always be using the same port for authentication. Campus mode requires a DHCP server and a RADIUS server configured for Extreme Network Login. ISP mode, used when the port and VLAN used will remain constant. All network settings are configured for that VLAN.

A DHCP server is included to support Network Login functionality.

ExtremeWare XOS 11.3 Command Reference

831

Network Login Commands

clear netlogin state


clear netlogin state [{port <portlist>} {vlan <vlan name>}]

Description
Clears and initializes the Network Login sessions on a VLAN port.

Syntax Description
portlist vlan name Specifies the ports to clear. Specifies a VLAN to clear.

Default
None.

Usage Guidelines
Clear the states of every MAC learned on this VLAN port and put the port back to unauthenticated state. The port will be moved to its original VLAN if configured in Campus mode.

Example
The following example clears the Network Login state of port 2:9 in VLAN corp:
clear netlogin state port 2:9 vlan corp

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

832

ExtremeWare XOS 11.3 Command Reference

clear netlogin state mac-address

clear netlogin state mac-address


clear netlogin state mac-address <mac>

Description
Initialize/Reset the Network Login sessions for a specified supplicant.

Syntax Description
mac Specifies the MAC address of the supplicant.

Default
N/A.

Usage Guidelines
This command is essentially equivalent to a particular supplicant logging out. The MAC address will be cleared from the FDB, the port is put back to its original VLAN (for Campus mode), and the port state is set to unauthenticated, if this was the last authenticated MAC on this port.

Example
The following example resets the Network Login session for the supplicant with the MAC address of 00:e0:18:01:32:1f:
clear netlogin state mac-address 00:e0:18:01:32:1f

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

833

Network Login Commands

configure netlogin add mac-list


configure netlogin add mac-list [<mac> {<mask>} | default] {encrypted} {<password>} {ports <port_list>}

Description
Adds an entry to the MAC address list for MAC-based Network Login.

Syntax Description
mac mask default encrypted password ports Specifies the MAC address to add. Specifies the number of bits to use for the mask. Specifies the default entry. Used to display encrypted form of password in configuration files. Do not use. Specifies the password to send for authentication. Specifies the port or port list to use for authentication.

Default
If no password is specified, the MAC address will be used.

Usage Guidelines
Use this command to add an entry to the MAC address list used for MAC-based Network Login. If no match is found in the table of MAC entries, and a default entry exists, the default will be used to authenticate the client. All entries in the list are automatically sorted in longest prefix order. Associating a MAC Address to a Port. You can configure the switch to accept and authenticate a client with a specific MAC address. Only MAC addresses that have a match for the specific ports are sent for authentication. For example, if you associate a MAC address with one or more ports, only authentication requests for that MAC addresses received on the port(s) are sent to the RADIUS server. The port(s) block all other authentication requests that do not have a matching entry. This is also known as secure MAC. To associate a MAC address with one or more ports, specify the ports option when using the
configure netlogin add mac-list [<mac> {<mask>} | default] {encrypted} {<password>} {ports <port_list>} command.

You must enable MAC-based netlogin on the switch and the specified ports before using this command. If MAC-based netlogin is not enabled on the specified port(s), the switch displays a warning message similar to the following:
WARNING: Not all specified ports have MAC-Based NetLogin enabled.

If this occurs, make sure to enable MAC-based netlogin.

834

ExtremeWare XOS 11.3 Command Reference

configure netlogin add mac-list

Example
The following example adds the MAC address 10:20:30:40:50:60 with the password foo to the list:
configure netlogin add mac-list 10:20:30:40:50:60 password foo

The following example associates MAC address 10:20:30:40:50:70 with ports 2:2 and 2:3. This means authentication requests from MAC address 10:20:30:40:50:70 are only accepted on ports 2:2 and 2:3:
configure netlogin add mac-list mac 10:20:30:40:50:70 ports 2:2-2:3

History
This command was first available in ExtremeWare XOS 11.1. The ports option was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

835

Network Login Commands

configure netlogin banner


configure netlogin banner <banner>

Description
Configures the Network Login page banner.

Syntax Description
banner Specifies the HTML code for the banner.

Default
The default banner is the Extreme Networks logo.

Usage Guidelines
The banner is a quoted, HTML string, that will be displayed on the Network Login page. The string is limited to 1024 characters. This command applies only to the web-based authentication mode of Network Login.

Example
The following example configures the banner:
configure netlogin banner "<html><head>Please Login</head></html>"

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

836

ExtremeWare XOS 11.3 Command Reference

configure netlogin base-url

configure netlogin base-url


configure netlogin base-url <url>

Description
Configures the base URL for Network Login.

Syntax Description
url Specifies the base URL for Network Login.

Default
The base URL default value is network-access.net.

Usage Guidelines
When you login using a web browser, you are redirected to the specified base URL, which is the DNS name for the switch. You must configure a DNS name of the type www.xxxx.xxx or xxxx.xxx. This command applies only to the web-based authentication mode of Network Login.

Example
The following example configures the base URL as access.net:
configure netlogin base-url access.net

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

837

Network Login Commands

configure netlogin delete mac-list


configure netlogin delete mac-list [<mac> {<mask>} | default]

Description
Deletes an entry from the MAC address list for MAC-based Network Login.

Syntax Description
mac mask default Specifies the MAC address to delete. Specifies the number of bits to use for the mask. Specifies the default entry.

Default
N/A.

Usage Guidelines
Use this command to delete an entry from the MAC address list used for MAC-based Network Login.

Example
The following example deletes the MAC address 10:20:30:40:50:60 from the list:
configure netlogin delete mac-list 10:20:30:40:50:60

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

838

ExtremeWare XOS 11.3 Command Reference

configure netlogin dot1x eapol-transmit-version

configure netlogin dot1x eapol-transmit-version


configure netlogin dot1x eapol-transmit-version <eapol-version>

Description
Configures the default EAPOL version sent in transmitted packets for Network Login.

Syntax Description
eapol-version Specifies the EAPOL version. Choices are "v1" or "v2".

Default
The default is "v1".

Usage Guidelines
Although ExtremeWare XOS supports EAPOL version 2, some clients do not yet accept the version 2 EAPOL packets. The packet format for the two versions is the same.

Example
The following example changes the EAPOL version to 2:
configure netlogin dot1x eapol-transmit-version v2

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

839

Network Login Commands

configure netlogin dot1x guest-vlan


configure netlogin dot1x guest-vlan <vlan_name>

Description
Configures a guest VLAN for 802.1x.

Syntax Description
vlan_name Specifies the name of the guest VLAN.

Default
N/A.

Usage Guidelines
This command configures the guest VLAN for 802.1x on the current virtual router (VR). A guest VLAN provides limited or restricted network access if a supplicant does not respond to the 802.1x authentication requests sent by the switch. You configure a guest VLAN only on netlogin ports with 802.1x enabled; movement to a guest VLAN is not supported on netlogin ports with MAC-based or web-based authentication. 802.1x must be the only authentication method enabled on the port for movement to guest VLAN. A port always moves untagged into the guest VLAN. You configure only one guest VLAN per virtual router interface.

NOTE
The supplicant does not move to a guest VLAN if it fails authentication after an 802.1x exchange; the supplicant moves to the guest VLAN only if it does not respond to an 802.1x authentication request.

By default, the switch attempts to authenticate the supplicant every 30 seconds for a maximum of three tries. If the supplicant does not respond to the authentication requests, the client moves to the guest VLAN. The number of authentication attempts is not a user-configured parameter. Use the following command and specify the supp-resp-timeout parameter to modify the supplicant response timer:
configure netlogin dot1x timers [{server-timeout <server_timeout>} {quiet-period <quiet_period>} {reauth-period <reauth_period>} {supp-resp-timeout <supp_resp_timeout>}]

The port moves out of the guest VLAN if, during subsequent authentications, the port is successfully authenticated and the RADIUS server indicates a different VLAN to move to. To enable the guest VLAN, use the following command:
enable netlogin dot1x guest-vlan ports [all | <ports>]

840

ExtremeWare XOS 11.3 Command Reference

configure netlogin dot1x guest-vlan

Example
The following example creates a guest VLAN for 802.1x named guest:
configure netlogin dot1x guest-vlan guest

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

841

Network Login Commands

configure netlogin dot1x timers


configure netlogin dot1x timers [{server-timeout <server_timeout>} {quietperiod <quiet_period>} {reauth-period <reauth_period>} {supp-resp-timeout <supp_resp_timeout>}]

Description
Configures the 802.1x timers for Network Login.

Syntax Description
server-timeout quiet-period reauth-period supp-resp-timeout Specifies the timeout period for a response from the RADIUS server. Specifies the time for which the switch will not attempt to communicate with the supplicant after authentication has failed. Specifies time after which the switch will attempt to re-authenticate an authenticated supplicant. Specifies the time for which the switch will wait for a response from the supplicant.

Default
The defaults are as follows:

server-timeout30 seconds. quiet-period60 seconds. reauth-period3600 seconds. supp-resp-timeout30 seconds.

Usage Guidelines
None.

Example
The following example changes the 802.1x server-timeout to 10 seconds:
configure netlogin dot1x timers server-timeout 10

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

842

ExtremeWare XOS 11.3 Command Reference

configure netlogin local-user

configure netlogin local-user


configure netlogin local-user <user-name> {vlan-vsa [[{tagged | untagged} [<vlan_name>] | <vlan_tag>]] | none]}

Description
Configures an existing local netlogin account.

Syntax Description
user-name tagged untagged vlan_name vlan_tag none Specifies the name of an existing local netlogin account. Specifies that the client be added as tagged. Specifies that the client be added as untagged. Specifies the name of the destination VLAN. Specifies the VLAN ID, tag, of the destination VLAN. Specifies that the VSA 211 wildcard (*) is applied, only if you do not specify tagged or untagged

Default
N/A.

Usage Guidelines
Use this command to modify the attributes of an existing local netlogin account. You can update the following attributes associated with a local netlogin account:

Password of the local netlogin account Destination VLAN attributes including: adding clients tagged or untagged, the name of the VLAN, and the VLAN ID NOTE

Passwords are case-sensitive and must have a minimum of 1 character and a maximum of 32 characters.

You must create a local netlogin account before using this command. To create a local netlogin user name and password, use the following command:
create netlogin local-user <user-name> {encrypted <password>} {vlan-vsa [[{tagged | untagged} [<vlan_name>] | <vlan_tag>]]}

If the switch displays a message similar to the following:


* SummitX450.14 # configure netlogin local-user purplenet ^ %% Invalid input detected at '^' marker.

ExtremeWare XOS 11.3 Command Reference

843

Network Login Commands You might be attempting to modify a local netlogin account that is not present or the switch, or you might have incorrectly entered the account name. To confirm the names of the local netlogin accounts on your switch, use the following command:
show netlogin local-users

Additional Requirements. This command applies only to the web-based and MAC-based modes of network login. 802.1x network login does not support local database authentication. You must have administrator privileges to use this command. If you do not have administrator privileges, the switch displays a message similar to the following:
This user does not have permissions for this command.

Passwords are case-sensitive. Passwords must have a minimum of 0 characters and a maximum of 32 characters. If you attempt to create a password with more than 32 characters, the switch displays the following message after you re-enter the password:
Password cannot exceed 32 characters

Example
This section contains the following examples:

Updating the password Modifying destination VLAN attributes

Updating the Password. The following example updates the password of an existing local netlogin account:
configure netlogin local-user megtest

After you enter the local netlogin user name, press [Enter]. The switch prompts you to enter a password; however, the switch does not display the password. At the prompt enter the new password:
password:

After you enter the new password, press [Enter]. The switch then prompts you to re-enter the password:
Reenter password:

Updating VLAN Attributes. You can add a destination VLAN, change the destination VLAN, or remove the destination from an existing local netlogin account. This example changes the destination VLAN for the specified local netlogin account:
configure netlogin local-user megtest vlan-vsa green

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

844

ExtremeWare XOS 11.3 Command Reference

configure netlogin move-fail-action

configure netlogin move-fail-action


configure netlogin move-fail-action [authenticate | deny]

Description
Configures the action network login takes if a VLAN move fails. This can occur if two clients attempt to move to an untagged VLAN on the same port.

Syntax Description
authenticate deny Specifies that the client is authenticated. Specifies that the client is not authenticated. This is the default setting.

Default
The default setting is deny.

Usage Guidelines
Use this command to specify how netlogin behaves if a VLAN move fails. Netlogin can either authenticate the client on the current VLAN or deny the client. The following describes the parameters of this command if two clients want to move to a different untagged VLAN on the same port:

authenticateNetwork login authenticates the first client that requests a move and moves that client to the requested VLAN. Network login authenticates the second client but does not move that client to the requested VLAN. The second client moves to the first clients authenticated VLAN. denyNetwork login authenticates the first client that requests a move and moves that client.

Network login does not authenticate the second client. To view the current move-fail-action setting on the switch, use the show netlogin command.

Example
The following example configures netlogin to authenticate the client on the current VLAN:
configure netlogin move-fail-action authenticate

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

845

Network Login Commands

configure netlogin ports mode


configure netlogin ports [all | <port_list>] mode [mac-based-vlans | portbased-vlans]

Description
Configures the netlogin ports mode of operation.

Syntax Description
all port_list mac-based-vlans port-based-vlans Specifies all netlogin ports. Specifies one or more netlogin ports. Allows more than one untagged VLAN. Allows only one untagged VLAN. This is the default behavior.

Default
The default setting is port-based-vlans.

Usage Guidelines
Use this command to configure netlogin MAC-based VLANs on a netlogin port. If you modify the mode of operation to mac-based-vlans and later disable all netlogin protocols on that port, the mode of operation automatically returns to port-based-vlans. When you change the netlogin ports mode of operation, the switch deletes all currently known supplicants from the port and restores all VLANs associated with that port to their original state. In addition, by selecting mac-based-vlans, you are unable to manually add or delete untagged VLANs from this port. Netlogin now controls these VLANs. With netlogin MAC-based operation, every authenticated client has an additional FDB flag that indicates a translation MAC address. If the supplicants requested VLAN does not exist on the port, the switch adds the requested VLAN. Important Rules and Restrictions. This section summarizes the rules and restrictions for configuring netlogin MAC-based VLANs:

If you attempt to configure the ports mode of operation before enabling netlogin, the switch displays an error message similar to the following:
ERROR: The following ports do not have NetLogin enabled; 1

To enable netlogin on the switch, use the following command to enable netlogin and to specify an authentication method (for example, 802.1xidentified as dot1.x in the CLI):
enable netlogin dot1x

To enable netlogin on the ports, use the following command to enable netlogin and to specify an authentication method (for example, 802.1xidentified as dot1.x in the CLI):
enable netlogin ports 1:1 dot1x

846

ExtremeWare XOS 11.3 Command Reference

configure netlogin ports mode

10 Gigabit Ethernet ports such as those on the 10G4X I/O module and the uplink ports on the Summit X450 switch do not support netlogin MAC-based VLANs. If you attempt to configure netlogin MAC-based VLANs on 10 Gigabit Ethernet ports, the switch displays an error message similar to the following:
ERROR: The following ports do not support the MAC-Based VLAN mode; 1, 2, 10

You can have a maximum of 1,024 MAC addresses per I/O module or per Summit X450 switch.

Displaying FDB Information. To view netlogin-related FDB entries, use the following command:
show fdb netlogin [all | mac-based-vlans]

The following is sample output from the show fdb mac-based-vlans command:
Mac Vlan Age Use Flags Port List -----------------------------------------------------------------------00:04:96:10:51:80 VLONE(0021) 0086 0000 n m v 1:11 00:04:96:10:51:81 VLTWO(0051) 0100 0000 n m v 1:11 00:04:96:10:51:91 VLTWO(0051) 0100 0000 n m v 1:11 00:04:96:10:51:11 VLTWO(0051) 0100 0000 n m 8:1 00:04:96:10:51:31 VLTEN(0051) 0100 0000 d m 8:10

Flags : d - Dynamic, s - Static, p - Permanent, n - NetLogin, m - MAC, i - IP, x - IPX, l - lockdown MAC, M - Mirror, B - Egress Blackhole, b - Ingress Blackhole, v - NetLogin MAC-Based VLAN.

The flags associated with netlogin include:

vIndicates the FDB entry was added because the port is part of a MAC-Based virtual port/VLAN combination. nIndicates the FDB entry was added by network login.

Displaying Port and VLAN Information. To view information about the VLANs that are temporarily added in MAC-based mode for netlogin, use the following command
show ports <port_list> information detail

The following is sample output from this command:


Port: 1 Virtual-router: VR-Default Type: UTP Random Early drop: Disabled Admin state: Enabled with auto-speed sensing auto-duplex Link State: Active, 100Mbps, full-duplex Link Counter: Up 1 time(s) VLAN cfg: Name: Default, Internal Tag = 1(MAC-Based), MAC-limit = No-limit ...<truncated output> Egress 802.1p Replacement: Disabled NetLogin: Enabled NetLogin authentication mode: Mac based NetLogin port mode: MAC based VLANs Smart redundancy: Enabled

ExtremeWare XOS 11.3 Command Reference

847

Network Login Commands


Software redundant port: auto-polarity: Disabled Enabled

The added output displays information about the mode of operation for the netlogin port.

VLAN cfgThe term MAC-based appears next to the tag number. Netlogin port modeThis output was added to display the port mode of operation. Mac based appears and the network login port mode of operation.

To view information about the ports that are temporarily added in MAC-based mode for netlogin, due to discovered MAC addresses, use the following command:
show vlan detail

The following is sample output from this command:


VLAN Interface with name Default created by user Tagging: 802.1Q Tag 1 Priority: 802.1P Priority 0 Virtual router: VR-Default STPD: s0(Disabled,Auto-bind) Protocol: Match all unfiltered protocols Loopback: Disable NetLogin: Disabled Rate Shape: Disabled QosProfile: None configured Ports: 26. (Number of active ports=2) Untag: *1m, *2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26 Flags: (*) Active, (!) Disabled, (g) Load Sharing port (b) Port blocked on the vlan, (a) Authenticated NetLogin Port (u) Unauthenticated NetLogin port, (m) Mac-Based port

The flags associated with netlogin include:


aIndicates an authenticated network login port. uIndicates an unauthenticated network login port. mIndicates that the netlogin port operates in MAC-based mode.

Example
The following example configures the netlogin ports mode of operation:
configure netlogin ports 1:1-1:10 mode mac-based-vlans

History
This command was first available in ExtremeWare XOS 11.3.

848

ExtremeWare XOS 11.3 Command Reference

configure netlogin ports mode

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches and the Summit X450 switch.

ExtremeWare XOS 11.3 Command Reference

849

Network Login Commands

configure netlogin redirect-page


configure netlogin redirect-page <url>

Description
Configures the redirect URL for Network Login.

Syntax Description
url Specifies the redirect URL for Network Login.

Default
The redirect URL default value is http://www.extremenetworks.com.

Usage Guidelines
In ISP mode, you can configure netlogin to be redirected to a base page after successful login using this command. If a RADIUS server is used for authentication, then base page redirection configured on the RADIUS server takes priority over this configuration. You must configure a complete URL starting with http:// or https:// To support https, you must first download and install the separate Extreme Networks SSH software module (ssh.xmod). This additional module allows you to configure both SSH2 and SSL on the switch. For more information about SSH2, see Chapter 16, Security in the ExtremeWare XOS Concepts Guide. For information about installing the SSH module, see Appendix A, Software Upgrade and Boot Options in the ExtremeWare XOS Concepts Guide. This command applies only to the web-based authentication mode of Network Login.

Example
The following example configures the redirect URL as http://www.extremenetworks.com/support:
configure netlogin redirect-page http://www.extremenetworks.com/support

History
This command was first available in ExtremeWare XOS 11.1. Support for https was introduced in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

850

ExtremeWare XOS 11.3 Command Reference

configure netlogin vlan

configure netlogin vlan


configure netlogin vlan <vlan_name>

Description
Configures the VLAN for Network Login.

Syntax Description
vlan Specifies the VLAN for Network Login.

Default
N/A.

Usage Guidelines
This command will configure the VLAN used for unauthenticated clients. One VLAN needs to be configured per VR. To change the VLAN, network login needs to be disabled. NetLogin can only be enabled when a VLAN is assigned (and no ports are configured for it). By default no VLAN is assigned for network login.

Example
The following example configures the VLAN login as the network login VLAN:
configure netlogin vlan login

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

851

Network Login Commands

configure vlan netlogin-lease-timer


configure vlan <vlan name> netlogin-lease-timer <seconds>

Description
Configures the timer value returned as part of the DHCP response for clients attached to network loginenabled ports.

Syntax Description
vlan name seconds Specifies the VLAN to which this timer value applies. Specifies the timer value, in seconds.

Default
10 seconds.

Usage Guidelines
The timer value is specified in seconds. This command applies only to the web-based authentication mode of network login.

Example
The following command sets the timer value to 15 seconds for VLAN corp:
configure vlan corp netlogin-lease-timer 15

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

852

ExtremeWare XOS 11.3 Command Reference

create netlogin local-user

create netlogin local-user


create netlogin local-user <user-name> {encrypted <password>} {vlan-vsa [[{tagged | untagged} [<vlan_name>] | <vlan_tag>]]}

Description
Creates a local netlogin user name and password.

Syntax Description
user-name encrypted password tagged untagged vlan_name vlan_tag Specifies a new local netlogin user name. User names must have a minimum of 1 character and a maximum of 32 characters. The encrypted option is used by the switch to encrypt the password. Do not use this option through the command line interface (CLI). Specifies a local netlogin user password. Passwords must have a minimum of 0 characters and a maximum of 32 characters. Specifies that the client be added as tagged. Specifies that the client be added as untagged. Specifies the name of the destination VLAN. Specifies the VLAN ID, tag, of the destination VLAN.

Default
N/A.

Usage Guidelines
Use this command to create a local network login account and to configure the switch to use its local database for network login authentication. This method of authentication is useful in the following situations:

If both the primary and secondary (if configured) RADIUS servers timeout or are unable to respond to authentication requests. If no RADIUS servers are configured. If the RADIUS server used for network login authentication is disabled.

If any of the above conditions are met, the switch checks for a local user account and attempts to authenticate against that local account. Beginning with ExtremeWare XOS 11.3 you can also specify the destination VLAN to enter upon a successful authentication. Additional Requirements. This command applies only to the web-based and MAC-based modes of network login. 802.1x network login does not support local database authentication.

ExtremeWare XOS 11.3 Command Reference

853

Network Login Commands You must have administrator privileges to use this command. If you do not have administrator privileges, the switch displays a message similar to the following:
This user does not have permissions for this command.

User names are not case-sensitive; passwords are case-sensitive. User names must have a minimum of 1 character and a maximum of 32 characters. Passwords must have a minimum of 0 characters and a maximum of 32 characters. If you use RADIUS for authentication, Extreme Networks recommends that you use the same user name and password for both local authentication and RADIUS authentication. If you attempt to create a user name with more than 32 characters, the switch displays the following messages:
%% Invalid name detected at '^' marker. %% Name cannot exceed 32 characters.

If you attempt to create a password with more than 32 characters, the switch displays the following message after you re-enter the password:
Password cannot exceed 32 characters

Modifying an Existing Account. To modify an existing local netlogin account, use the following command:
configure netlogin local-user <user-name> {vlan-vsa [[{tagged | untagged} [<vlan_name>] | <vlan_tag>]] | none]}

Displaying Local Netlogin Accounts. To display a list of local netlogin accounts on the switch, including VLAN information, use the following command:
show netlogin local-users

Example
The following command creates a local network login user name and password:
create netlogin local-user megtest

After you enter the local netlogin user name, press [Enter]. The switch prompts you to enter a password (the switch does not display the password):
password:

After you enter the password, press [Enter]. The switch then prompts you to re-enter the password:
Reenter password:

The following command creates a local network login user name, password, and associates a destination VLAN with this account:
create netlogin local-user accounting vlan-vsa blue

As previously described, the switch prompts you to enter and confirm the password.

854

ExtremeWare XOS 11.3 Command Reference

create netlogin local-user

History
This command was first available in ExtremeWare XOS 11.2. The vlan-vsa parameter and associated options were added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

855

Network Login Commands

delete netlogin local-user


delete netlogin local-user <user-name>

Description
Deletes a specified local netlogin user name and its associated password.

Syntax Description
user-name Specifies a local netlogin user name.

Default
N/A.

Usage Guidelines
Use the show netlogin local-users command to determine which local netlogin user name you want to delete from the system. The show netlogin local-users output displays the user name and password in a tabular format. This command applies only to web-based and MAC-based modes of network login. 802.1x network login does not support local database authentication. You must have administrator privileges to use this command.

Example
The following command deletes the local network login megtest along with its associated password:
delete netlogin local-user megtest

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

856

ExtremeWare XOS 11.3 Command Reference

disable netlogin

disable netlogin
disable netlogin [{dot1x} {mac} {web-based}]

Description
Disables Network Login modes.

Syntax Description
dot1x mac web-based Specifies 802.1x authentication. Specifies MAC-based authentication. Specifies web-based authentication.

Default
All types of authentication are disabled.

Usage Guidelines
Any combination of authentication types can be disabled on the same switch. To enable an authentication mode, use the following command:
enable netlogin [{dot1x} {mac} {web-based}]

Example
The following command disables Network Login:
disable netlogin

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

857

Network Login Commands

disable netlogin dot1x guest-vlan ports


disable netlogin dot1x guest-vlan ports [all | <portlist>]

Description
Disables the guest VLAN on the specified 802.1x netlogin ports.

Syntax Description
all portlist Specifies all ports included in the guest VLAN. Specifies one or more ports included in the guest VLAN.

Default
Disabled.

Usage Guidelines
A guest VLAN provides limited or restricted network access if a supplicant does not respond to the 802.1x authentication requests sent by the switch. You configure a guest VLAN only on netlogin ports with 802.1x enabled; movement to a guest VLAN is not supported on netlogin ports with MAC-based or web-based authentication. 802.1x must be the only authentication method enabled on the port for movement to guest VLAN. A port always moves untagged into the guest VLAN. By default, the switch attempts to authenticate the supplicant every 30 seconds for a maximum of three tries. If the supplicant does not respond to the authentication requests, the client moves to the guest VLAN. The number of authentication attempts is not a user-configured parameter. Use the following command and specify the supp-resp-timeout parameter to modify the supplicant response timer:
configure netlogin dot1x timers [{server-timeout <server_timeout>} {quiet-period <quiet_period>} {reauth-period <reauth_period>} {supp-resp-timeout <supp_resp_timeout>}]

Example
The following command disables the guest VLAN on all ports:
disable netlogin dot1x guest-vlan ports all

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

858

ExtremeWare XOS 11.3 Command Reference

disable netlogin logout-privilege

disable netlogin logout-privilege


disable netlogin logout-privilege

Description
Disables Network Login logout window pop-up.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
This command controls the logout window pop-up on the web-based network client. This command applies only to the web-based authentication mode of network login. When disabled, the logout window pop-up will no longer appear. However, if session refresh is enabled, the login session will be terminated after the session refresh timeout.

Example
The following command disables Network Login logout-privilege:
disable netlogin logout-privilege

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

859

Network Login Commands

disable netlogin ports


disable netlogin ports <portlist> [{dot1x} {mac} {web-based}]

Description
Disables Network Login on a specified port for a particular method.

Syntax Description
portlist dot1x mac web-based Specifies the ports for which netlogin should be disabled. Specifies 802.1x authentication. Specifies MAC-based authentication. Specifies web-based authentication.

Default
Netlogin is disabled by default.

Usage Guidelines
Network Login must be disabled on a port before you can delete a VLAN that contains that port. This command applies to the MAC-based, web-based, and 802.1x mode of network login. To control which authentication mode is used by Network Login, use the following commands:
enable netlogin [{dot1x} {mac} {web-based}] disable netlogin [{dot1x} {mac} {web-based}]

Example
The following command disables dot1x and web-based Network Login on port 2:9:
disable netlogin ports 2:9 dot1x web-based

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

860

ExtremeWare XOS 11.3 Command Reference

disable netlogin session-refresh

disable netlogin session-refresh


disable netlogin session-refresh

Description
Disables Network Login session refresh.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Network Login sessions can refresh themselves after a configured timeout. After the user has been logged in successfully, a logout window opens which can be used to close the connection by clicking on the LogOut link. Any abnormal closing of this window is detected on the switch and the user is logged out after a time interval as configured for session refresh. The session refresh is enabled and set to five minutes by default. This command applies only to the web-based authentication mode of network login.

Example
The following command disables network login session refresh:
disable netlogin session-refresh

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

861

Network Login Commands

enable netlogin
enable netlogin [{dot1x} {mac} {web-based}]

Description
Enables Network Login authentication modes.

Syntax Description
dot1x mac web-based Specifies 802.1x authentication. Specifies mac-based authentication. Specifies web-based authentication.

Default
All types of authentication are disabled.

Usage Guidelines
Any combination of types of authentication can be enabled on the same switch. At least one of the authentication types must be specified on the command line. To disable an authentication mode, use the following command:
disable netlogin [{dot1x} {mac} {web-based}]

Example
The following command enables web-based network login:
enable netlogin web-based

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

862

ExtremeWare XOS 11.3 Command Reference

enable netlogin dot1x guest-vlan ports

enable netlogin dot1x guest-vlan ports


enable netlogin dot1x guest-vlan ports [all | <ports>]

Description
Enables the guest VLAN on the specified 802.1x netlogin ports.

Syntax Description
all ports Specifies all ports included in the guest VLAN. Specifies one or more ports included in the guest VLAN.

Default
Disabled.

Usage Guidelines
A guest VLAN provides limited or restricted network access if a supplicant does not respond to the 802.1x authentication requests sent by the switch. You configure a guest VLAN only on netlogin ports with 802.1x enabled; movement to a guest VLAN is not supported on netlogin ports with MAC-based or web-based authentication. 802.1x must be the only authentication method enabled on the port for movement to guest VLAN. A port always moves untagged into the guest VLAN. By default, the switch attempts to authenticate the supplicant every 30 seconds for a maximum of three tries. If the supplicant does not respond to the authentication requests, the client moves to the guest VLAN. The number of authentication attempts is not a user-configured parameter. Use the following command and specify the supp-resp-timeout parameter to modify the supplicant response timer:
configure netlogin dot1x timers [{server-timeout <server_timeout>} {quiet-period <quiet_period>} {reauth-period <reauth_period>} {supp-resp-timeout <supp_resp_timeout>}]

Before you can enable the guest VLAN on the specified ports, you must create the guest VLAN. To create the guest VLAN, use the following command:
configure netlogin dot1x guest-vlan <vlan_name>

Example
The following command enables the guest VLAN on all ports:
enable netlogin dot1x guest-vlan ports all

History
This command was first available in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

863

Network Login Commands

Platform Availability
This command is available on all platforms.

864

ExtremeWare XOS 11.3 Command Reference

enable netlogin logout-privilege

enable netlogin logout-privilege


enable netlogin logout-privilege

Description
Enables network login logout pop-up window.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
This command controls the logout window pop-up on the web-based network client. This command applies only to the web-based authentication mode of network login.

Example
The following command enables network login logout-privilege:
enable netlogin logout-privilege

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

865

Network Login Commands

enable netlogin ports


enable netlogin ports <portlist> [{dot1x} {mac} {web-based}]

Description
Enables network login on a specified port for a particular authentication method.

Syntax Description
portlist dot1x mac web-based Specifies the ports for which netlogin should be disabled. Specifies 802.1x authentication. Specifies MAC-based authentication. Specifies web-based authentication.

Default
All methods are disabled on all ports.

Usage Guidelines
For campus mode login with web-based clients, the following conditions must be met:

A DHCP server must be available, and a DHCP range must be configured for the port or ports in the VLAN on which you want to enable Network Login. The switch must be configured as a RADIUS client, and the RADIUS server must be configured to enable the Extreme Network Login capability.

For ISP mode login, no special conditions are required. A RADIUS server must be used for authentication. Network Login is used on a per port basis. A port that is tagged can belong to more than one VLAN. In this case, Network Login can be enabled on one port for each VLAN. Windows authentication is not supported via network login.

Example
The following command configures network login on port 2:9 using web-based authentication:
enable netlogin ports 2:9 web-based

History
This command was first available in ExtremeWare XOS 11.1.

866

ExtremeWare XOS 11.3 Command Reference

enable netlogin ports

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

867

Network Login Commands

enable netlogin session-refresh


enable netlogin session-refresh {<minutes>}

Description
Disables network login session refresh.

Syntax Description
minutes Specifies the session refresh time for network login in minutes.

Default
Disabled, with a value of three minutes for session refresh.

Usage Guidelines
Network Login sessions can refresh themselves after a configured timeout. After the user has been logged in successfully, a logout window opens which can be used to close the connection by clicking on the Logout link. Any abnormal closing of this window is detected on the switch and the user is logged out after a time interval as configured for session refresh. The session refresh is enabled and set to three minutes by default. The value can range from 1 to 255 minutes. When you configure the network login session refresh for the logout window, ensure that the FDB aging timer is greater than the network login session refresh timer. This command applies only to the web-based authentication mode of network login. Use this command without the minutes parameter to reset the session refresh value to the default.

Example
The following command enables network login session refresh and sets the refresh time to ten minutes:
enable netlogin session-refresh 10

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

868

ExtremeWare XOS 11.3 Command Reference

show banner netlogin

show banner netlogin


show banner netlogin

Description
Displays the user-configured banner string for network login.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to view the banner that is displayed on the network login page.

Example
The following command displays the network login banner:
show banner netlogin

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

869

Network Login Commands

show netlogin
show netlogin {port <portlist> vlan <vlan_name>} {dot1x {detail}} {mac} {web-based}

Description
Shows status information for Network Login.

Syntax Description
portlist vlan_name dot1x mac web-based detail Specifies one or more ports or slots and ports. Specifies the name of a VLAN. Specifies 802.1x information. Specifies MAC-based information. Specifies web-based information. Shows detailed information.

Default
N/A.

Usage Guidelines
The information reported by this command is the following:

Whether network login is enabled or disabled. The base-URL. The default redirect page. The logout privileges setting. The netlogin session-refresh setting and time. The MAC and IP address of supplicants. The type of authentication, 802.1x, MAC-based, or HTTP (web-based). The guest VLAN configurations, if applicable.

If you do not specify the authentication type, all will be displayed.

Example
The following command shows the summary network login information:
show netlogin

870

ExtremeWare XOS 11.3 Command Reference

show netlogin The following is sample output from this command:


NetLogin NetLogin NetLogin NetLogin Authentication Mode VLAN move-fail-action Client Aging Time : : : : web-based DISABLED; "nl" Deny 5 minutes 802.1x ENABLED; mac-based ENABLED

-----------------------------------------------Web-based Mode Global Configuration -----------------------------------------------Base-URL : network-access.com Default-Redirect-Page : http://www.extremenetworks.com Logout-privilege : YES Netlogin Session-Refresh : ENABLED; 3 minutes ----------------------------------------------------------------------------------------------802.1x Mode Global Configuration -----------------------------------------------Quiet Period : 60 Supplicant Response Timeout : 30 Re-authentication period : 60 RADIUS server timeout : 30 EAPOL MPDU version to transmit : v1 Guest VLAN : destVlan -----------------------------------------------Port: 2:1, Enabled Vlan: Default, State: Enabled, Authentication: 802.1x, Guest Vlan:

MAC IP address Auth Type 00:00:86:53:c3:14 0.0.0.0 No 802.1x ---------------------------------------------------------------------------------------------MAC Mode Global Configuration -----------------------------------------------MAC Address/Mask -------------------00:00:00:00:00:10/48 00:00:00:00:00:11/48 00:00:00:00:00:12/48

ReAuth-Timer 0

User

Password (encrypted) -----------------------------<not configured> <not configured> <not configured>

Port(s) -----------------------5:1-5 5:6-10 any

-----------------------------------------------Port: 5:1, Disabled Vlan: Default, State: Enabled, Authentication: mac-based, Guest Vlan:

MAC IP address Auth Type ----------------------------------------------Port: 5:2, Disabled MAC Vlan: Default, State: Enabled,

ReAuth-Timer

User

Authentication: mac-based,

Guest Vlan:

IP address

Auth

Type

ReAuth-Timer

User

ExtremeWare XOS 11.3 Command Reference

871

Network Login Commands


----------------------------------------------Port: 5:3, Disabled Vlan: Default, State: Enabled, Authentication: mac-based, Guest Vlan:

MAC IP address Auth Type ----------------------------------------------Port: 5:4, Disabled Vlan: Default, State: Enabled,

ReAuth-Timer

User

Authentication: mac-based,

Guest Vlan:

MAC IP address Auth Type ----------------------------------------------Port: 5:5, Disabled Vlan: Default, State: Enabled,

ReAuth-Timer

User

Authentication: mac-based,

Guest Vlan:

MAC IP address Auth Type ----------------------------------------------Port: 5:6, Disabled Vlan: Default, State: Enabled,

ReAuth-Timer

User

Authentication: mac-based,

Guest Vlan:

MAC IP address Auth Type ----------------------------------------------Port: 5:7, Disabled Vlan: Default, State: Enabled,

ReAuth-Timer

User

Authentication: mac-based,

Guest Vlan:

MAC IP address Auth Type ----------------------------------------------Port: 5:8, Disabled Vlan: Default, State: Enabled,

ReAuth-Timer

User

Authentication: mac-based,

Guest Vlan:

MAC IP address Auth Type ----------------------------------------------Port: 5:9, Disabled Vlan: Default, State: Enabled,

ReAuth-Timer

User

Authentication: mac-based,

Guest Vlan:

MAC IP address Auth Type ----------------------------------------------Port: 5:10, Disabled Vlan: Default, State: Enabled,

ReAuth-Timer

User

Authentication: mac-based,

Guest Vlan:

MAC IP address Auth Type -----------------------------------------------

ReAuth-Timer

User

The following command shows more detailed information, including the configured authentication methods:
show netlogin port 3:2 vlan "Default"

872

ExtremeWare XOS 11.3 Command Reference

show netlogin The following is sample output from this command:


Port: 2:1 Authentication: Port State: Guest VLAN: DHCP: Vlan: Default Web-Based, 802.1x Unauthenticated Not Enabled Not Enabled IP address 0.0.0.0 10.0.0.1 Auth No Yes Type 802.1x 802.1x ReAuth-Timer User 0 Unknown 0 testUser

MAC 00:0C:F1:E8:4E:13 00:01:30:F3:EA:A0

The following command shows the details of the 802.1x mode:


show netlogin dot1x detail

The following is sample output from this command:


NetLogin Authentication Mode : web-based DISABLED; DISABLED NetLogin VLAN : "nl" NetLogin move-fail-action : Deny -----------------------------------------------802.1x Mode Global Configuration -----------------------------------------------Quiet Period : 30 Supplicant Response Timeout : 30 Re-authentication period : 3600 RADIUS server timeout : 30 EAPOL MPDU version to transmit : v1 Guest VLAN : destVlan -----------------------------------------------Port: 1:1, Vlan: Default, State: Enabled, Authentication: 802.1x 802.1x ENABLED; mac-based

MAC 00:00:86:53:c3:14

: IP=0.0.0.0 Auth=Yes : AuthPAE state=AUTHENTICATED : ReAuth time left=3595 : Quiet time left=37 00:02:03:04:04:05 : IP=0.0.0.0 Auth=No : AuthPAE state=CONNECTING : ReAuth time left=0 : Quiet time left=37 -----------------------------------------------

User= testUser BackAuth state=IDLE ReAuth count=1 User= BackAuth state=IDLE ReAuth count=2

History
This command was first available in ExtremeWare XOS 11.1. Information about the guest VLAN was added in ExtremeWare XOS 11.2. Information about the configured port MAC list was added in ExtremeWare XOS 11.3.

ExtremeWare XOS 11.3 Command Reference

873

Network Login Commands

Platform Availability
This command is available on all platforms.

874

ExtremeWare XOS 11.3 Command Reference

show netlogin local-users

show netlogin local-users


show netlogin local-users

Description
Displays the local netlogin users configured on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to display the list of local netlogin users and associated VLANs. If you associated a VLAN with a local netlogin user, the output displays the name of the VLAN. If you have not associated a VLAN with a local netlogin user, the output displays not configured. The Extended-VLAN VSA column displays the name of the VLAN and the following information:

<not configured>Specifies that you have not associated a VLAN with a local netlogin user. *Specifies the movement based on the incoming ports traffic. For example, the VLAN behaves

like VSA 203 if identified with a VLAN name or VSA 209 if identified with a VLAN ID.

TSpecifies a tagged client. USpecifies an untagged client.

In addition, this output is useful to determine which local netlogin user you want to modify or delete from the system.

Example
The following example displays the local netlogin list:
show netlogin local-users

The following is sample output from this command:


Netlogin Local User Name -----------------------000000000012 00008653C314 megtest testUser Password (encrypted) ----------------------------Iqyydz$MP7AG.VAmwOoqiKX2u13H1 BoO28L$oRVvKv8.wmxcorhhXxQY40 w7iMbp$lBL34/dLx4G4M8aAdiCvI /Jhouw$iHE15steebwhOibgj6pZq. Extended-VLAN VSA --------------------U hallo * default <not configured> T testVlan

ExtremeWare XOS 11.3 Command Reference

875

Network Login Commands

History
This command was first available in ExtremeWare XOS 11.2. The output was modified to include VLAN information in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

876

ExtremeWare XOS 11.3 Command Reference

show netlogin mac-list

show netlogin mac-list


show netlogin mac-list

Description
Displays the MAC address list for MAC-based network login.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to display the MAC address list used for MAC-based network login. MAC-based authentication is VR aware, so there is one MAC list per VR.

Example
The following example displays the MAC address list:
show netlogin mac-list

The following is sample output from this command:


MAC Address/Mask -------------------00:00:00:00:00:10/48 00:00:00:00:00:11/48 00:00:00:00:00:12/48 00:01:30:70:0C:00/48 00:01:30:32:7D:00/48 00:04:96:00:00:00/24 Password (encrypted) ---------------------<not configured> <not configured> <not configured> yaqu ravdqsr <not configured> Port(s) -------------1:1-1:5 1:6-1:10 any any any any

History
This command was first available in ExtremeWare XOS 11.1. Information about the configured port MAC list was added in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

877

Network Login Commands

unconfigure netlogin dot1x guest-vlan


unconfigure netlogin dot1x guest-vlan

Description
Unconfigures a guest VLAN for 802.1x.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to unconfigure the guest VLAN for 802.1x authentication on the current VR.

Example
The following example unconfigures the guest VLAN for 802.1x:
unconfigure netlogin dot1x guest-vlan

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

878

ExtremeWare XOS 11.3 Command Reference

unconfigure netlogin vlan

unconfigure netlogin vlan


unconfigure netlogin vlan

Description
Unconfigures the VLAN for network login.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command unconfigures the VLAN used for unauthenticated clients. One VLAN needs to be configured per VR. To change the VLAN, network login needs to be disabled.

Example
The following example unconfigures the network login VLAN:
unconfigure netlogin vlan

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

879

Network Login Commands

880

ExtremeWare XOS 11.3 Command Reference

17 CLEAR-Flow Commands
This chapter describes commands for:

Enabling and disabling CLEAR-Flow Displaying CLEAR-Flow rules Displaying triggered CLEAR-Flow rules

CLEAR-Flow is a broad framework for implementing security, monitoring, and anomaly detection in ExtremeWare XOS software. Instead of simply looking at the source and destination of traffic, CLEARFlow allows you to specify certain types of traffic that require more attention. Once certain criteria for this traffic are met, the switch can either take an immediate, pre-determined action, or send a copy of the traffic off-switch for analysis. CLEAR-Flow is an extension to Access Control Lists (ACLs). You create ACL policy rules to count packets of interest. CLEAR-Flow rules are added to the policy to monitor these ACL counter statistics. The CLEAR-Flow agent monitors the counters for the situations of interest to you and your network. You can monitor the cumulative value of a counter, the change to a counter over a sampling interval, the ratio of two counters, or even the ratio of the changes of two counters over an interval. For example, you can monitor the ratio between TCP SYN and TCP packets. An abnormally large ratio may indicate a SYN attack. If the rule conditions are met, the CLEAR-Flow actions configured in the rule are executed. The switch can respond by installing an ACL that will block or rate limit the traffic, executing a set of CLI commands, or sending a report using a SNMP trap or EMS log message.

NOTE
CLEAR-Flow is available only on the BlackDiamond 10K family of switches.

ExtremeWare XOS 11.3 Command Reference

881

CLEAR-Flow Commands

disable clear-flow
disable clear-flow

Description
Disable the CLEAR-Flow agent.

Syntax Description
This command has no arguments or variables.

Default
CLEAR-Flow is disabled by default.

Usage Guidelines
When the CLEAR-Flow agent is disabled, sampling stops and the and all rules are left in the current state. It will not reset actions that were taken while CLEAR-Flow was enabled.

Example
The following example disables CLEAR-Flow on the switch:
disable clear-flow

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on the BlackDiamond 10K platform only.

882

ExtremeWare XOS 11.3 Command Reference

enable clear-flow

enable clear-flow
enable clear-flow

Description
Enable the CLEAR-Flow agent.

Syntax Description
This command has no arguments or variables.

Default
CLEAR-Flow is disabled by default.

Usage Guidelines
When the CLEAR-Flow agent is enabled, sampling begins and actions are taken based on the CLEARFlow rules that are configured on the switch.

Example
The following example enables CLEAR-Flow on the switch:
enable clear-flow

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on the BlackDiamond 10K platform only.

ExtremeWare XOS 11.3 Command Reference

883

CLEAR-Flow Commands

show clear-flow
show clear-flow

Description
Displays the status of the CLEAR-Flow agent, any CLEAR-Flow policies on each interface, and the number of CLEAR-Flow rules.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following display shows output for the command show clear-flow:
clear-flow: Enabled VLAN Port Policy Name No. of CF Rules ============================================================== * 2:1 CFexample 6 * 2:26 CFexample 6 * 2:40 CFexample 6 Default * CFexample 6

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on the BlackDiamond 10K platform only.

884

ExtremeWare XOS 11.3 Command Reference

show clear-flow acl-modified

show clear-flow acl-modified


show clear-flow acl-modified

Description
Displays the ACLs modified by CLEAR-Flow actions.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command displays the ACLs that have been modified by CLEAR-Flow rules that have been triggered.

Example
The following display shows output for the command show clear-flow acl-modified:
Policy Name Default ACL CF Added Actions Actions ================================================================================ clearFlow * 2:26 acl-rule-4 D QP1 clearFlow * 2:26 acl-rule-3 D D clearFlow * 2:26 acl-rule-2 D M clearFlow * 2:26 acl-rule-1 P clearFlow Default * acl-rule-4 D QP1 clearFlow Default * acl-rule-3 D D clearFlow Default * acl-rule-2 D M clearFlow Default * acl-rule-1 P ================================================================================ Total Entries: 8 Notation: P - Permit, D- Deny, M - mirror enabled, m - mirror disabled Vlan Name Port Rule Name

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on the BlackDiamond 10K platform only.

ExtremeWare XOS 11.3 Command Reference

885

CLEAR-Flow Commands

show clear-flow rule


show clear-flow [port <port> | vlan <vlanname> | any] {rule <rulename>} {detail}

Description
Displays the CLEAR-Flow rules, values, and configuration.

Syntax Description
port vlanname any rulename detail Specifies the port. Specifies the VLAN. Specifies the wildcard interface. Specifies the entry name of a CLEAR-Flow rule. Display detailed information.

Default
N/A.

Usage Guidelines
If you issue the command without the rule keyword, all of the CLEAR-Flow rules for the policy on the port, VLAN, and the wildcard are displayed. If you specify a rule name, only that rule will be displayed. The detail keyword displays detailed information about the rule.

Example
The following display shows output for the command show clear-flow port 2:6:
Rule Name Last Rel Threshold TCNT NumAction Value Oper If Else =============================================================================== rule-count CN 30 16892762 > 100 7 3 3 rule-delta DT 30 7762385 > 1000 1 4 3 rule-delta-2 DT 5 0 > 1000 0 4 3 rule-delta-ratio DR 30 0 > 20 0 2 0 rule-ratio RT 30 0 > 10 0 3 3 rule-ratio-2 RT 5 0 > 10 0 3 3 =============================================================================== Total Entries: 6 Notation: Threshold Type: CN - Count, DT - Delta, RT - Ratio, DR - DeltaRatio TCNT - Number of times expression is continously evaluated to be true Type Period

886

ExtremeWare XOS 11.3 Command Reference

show clear-flow rule The following display shows output for the command show clear-flow port 2:6 rule rule-delta
detail: Rule Name: rule-delta Sample Period: 30 Hysteresis: 20 ================================================================================ DELTA(counter1) = 0 sampled at 24 seconds ago Expression evaluation is currently FALSE if (DELTA(counter1) > 1000) then { PERMIT: Allow ACL rule acl-rule-3 SYSLOG: [INFO] [Delta $ruleValue counter $counter1 offset $counterOffset1 delTime $deltaTime delay $delayTime] CLI: [disable port $port] QOS: Set rule acl-rule-4 qos value to QP6 } else { DENY: QOS: CLI: }

Block ACL rule acl-rule-3 Set rule acl-rule-4 qos value to QP1 [enable port $port]

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on the BlackDiamond 10K platform only.

ExtremeWare XOS 11.3 Command Reference

887

CLEAR-Flow Commands

show clear-flow rule-all


show clear-flow rule-all

Description
Displays all the CLEAR-Flow rules on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following display shows output for the command show clear-flow rule-all:
Policy Name Vlan Name Port Rule Name Last Value OP Threshold TCNT Sec ================================================================================ clearFlow * 2:1 rule-count 1 > 100 0 11 clearFlow * 2:1 rule-delta 1 > 1000 0 11 clearFlow * 2:1 rule-delta 0 > 1000 0 4 clearFlow * 2:1 rule-delta 0 > 20 0 11 clearFlow * 2:1 rule-ratio 0 > 10 0 11 clearFlow * 2:1 rule-ratio 0 > 10 0 4 clearFlow * 2:26 rule-count 9030635 > 100 1 10 clearFlow * 2:26 rule-delta 9030635 > 1000 1 10 clearFlow * 2:26 rule-delta 0 > 1000 0 4 clearFlow * 2:26 rule-delta 0 > 20 0 10 clearFlow * 2:26 rule-ratio 0 > 10 0 10 clearFlow * 2:26 rule-ratio 0 > 10 0 4 clearFlow Default * rule-count 36666439 > 100 1 10 clearFlow Default * rule-delta 36666439 > 1000 1 10 clearFlow Default * rule-delta 0 > 1000 0 4 clearFlow Default * rule-delta 0 > 20 0 10 clearFlow Default * rule-ratio 0 > 10 0 10 clearFlow Default * rule-ratio 0 > 10 0 4 ================================================================================ Total Entries: 18 Notation: TCNT - Number of times expression is continously evaluated to be true Sec - Number of seconds elapsed from last sampled data

888

ExtremeWare XOS 11.3 Command Reference

show clear-flow rule-all

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on the BlackDiamond 10K platform only.

ExtremeWare XOS 11.3 Command Reference

889

CLEAR-Flow Commands

show clear-flow rule-triggered


show clear-flow rule-triggered

Description
Displays the triggered CLEAR-Flow rules.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command displays the rules that have been triggered; in other words, the rule threshold has been reached.

Example
The following display shows output for the command show clear-flow rule-triggered:
Policy Name Vlan Name Port Rule Name Last Value OP Threshold TCNT Sec ================================================================================ clearFlow * 2:26 rule-count 9130377 > 100 2 25 clearFlow * 2:26 rule-delta 99742 > 1000 2 25 clearFlow Default * rule-count 37069465 > 100 2 25 clearFlow Default * rule-delta 403026 > 1000 2 25 ================================================================================ Total Entries: 4 Notation: TCNT - Number of times expression is continously evaluated to be true Sec - Number of seconds elapsed from last sampled data

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on the BlackDiamond 10K platform only.

890

ExtremeWare XOS 11.3 Command Reference

18 EAPS Commands
This chapter describes commands for configuring and monitoring Ethernet Automatic Protection Switching (EAPS). The EAPS protocol provides fast protection switching to layer 2 switches interconnected in an Ethernet ring topology, such as a metropolitan area network (MAN) or large campuses. EAPS protection switching is similar to what can be achieved with the Spanning Tree Protocol (STP), but offers the advantage of converging in less than a second when a link in the ring breaks. EAPS operates by declaring an EAPS domain on a single ring. Any VLAN that warrants fault protection is configured on all ring ports in the ring, and is then assigned to an EAPS domain. On that ring domain, one switch, or node, is designated the master node, while all other nodes are designated as transit nodes. One port of the master node is designated the master nodes primary port (P) to the ring; another port is designated as the master nodes secondary port (S) to the ring. In normal operation, the master node blocks the secondary port for all non-control traffic belonging to this EAPS domain. If the master node detects a break in the ring, it unblocks its secondary port and allows data traffic to be transmitted and received through it. EAPS fault detection on a ring is based on a single control VLAN per EAPS domain. This EAPS domain provides protection to one or more data-carrying VLANs called protected VLANs. The control VLAN is used only to send and receive EAPS messages; the protected VLANs carry the actual data traffic. As long as the ring is complete, the EAPS master node blocks the protected VLANs from accessing its secondary port. A master node detects a ring fault in any of three ways:

Link down message sent by a transit node on the control VLAN Ring port down event from lower hardware layers Failed response to a periodic health-check packet on the control VLAN

When the master node detects a failure, it declares a failed state and opens its logically blocked secondary port on all the protected VLANs. The master node also flushes its forwarding database (FDB) and sends a message on the control VLAN to all of its associated transit nodes to flush their forwarding databases. To take advantage of the Spatial Reuse technology and broaden the use of the rings bandwidth, EAPS supports multiple EAPS domains running on the ring at the same time.

Licensing
You must have a Core or an Advanced Core license to configure and use all of the Ethernet Automatic Protection Switching (EAPS) features described in this chapter. The BlackDiamond 10K switch with an MSM-1 module or an MSM1-XL module, ships with a Core or Advance Core license, respectively.

ExtremeWare XOS 11.3 Command Reference

891

EAPS Commands The BlackDiamond 8800 family of switches (formerly known as Aspen) and the Summit X450 switch ship with an Advanced Edge license. To use the complete EAPS functionality, including running two or more EAPS rings, having a switch belonging to multiple EAPS rings, or configuring shared-ports that allow multiple EAPS domains to share a common link, you must have a Core software license. For more information about software licensing, including how to obtain and upgrade your license, see Chapter 1, ExtremeWare XOS Overview in the ExtremeWare XOS Concepts Guide.

892

ExtremeWare XOS 11.3 Command Reference

configure eaps add control vlan

configure eaps add control vlan


configure eaps <name> add control vlan <vlan_name>

Description
Adds the specified control VLAN to the specified EAPS domain.

Syntax Description
name vlan_name Specifies the name of an EAPS domain. Specifies the name of the control VLAN.

Default
N/A.

Usage Guidelines
You must configure one control VLAN for each EAPS domain. The control VLAN is used only to send and receive EAPS messages. The VLAN that will act as the control VLAN must be configured as follows:

The VLAN must NOT be assigned an IP address, to avoid loops in the network. Only ring ports may be added as members of the control VLAN. The ring ports of the control VLAN must be tagged. NOTE

Extreme Networks recommends assigning the control VLAN a QoS profile of Qp8 with the QoS profile priority setting of HighHi to ensure that EAPS control VLAN traffic is serviced prior to other traffic and reaches its intended destination.

A control VLAN cannot belong to more than one EAPS domain. When the EAPS domain is active, you cannot delete or modify the configuration of the control VLAN.

Example
The following command adds the control VLAN keys to the EAPS domain eaps_1.
configure eaps eaps_1 add control vlan keys

History
This command was first available in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

893

EAPS Commands

Platform Availability
This command is available on all platforms.

894

ExtremeWare XOS 11.3 Command Reference

configure eaps add protect vlan

configure eaps add protect vlan


configure eaps <name> add protect vlan <vlan_name>

Description
Adds the specified protected VLAN to the specified EAPS domain.

Syntax Description
name vlan_name Specifies the name of an EAPS domain. Specifies the name of the protected VLAN.

Default
N/A.

Usage Guidelines
You must configure one or more protected VLANs for each EAPS domain. The protected VLANs are the data-carrying VLANs. A protected VLAN can be added to one or more EAPS domains. When you configure the VLAN that will act as a protected VLAN, the ring ports of the protected VLAN must be tagged (except in the case of the default VLAN). As long as the ring is complete, the master node blocks the protected VLANs on its secondary port.

Example
The following command adds the protected VLAN orchid to the EAPS domain eaps_1:
configure eaps eaps_1 add protect vlan orchid

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

895

EAPS Commands

configure eaps delete control vlan


configure eaps <name> delete control vlan <vlan_name>

Description
Deletes the specified control VLAN from the specified EAPS domain.

Syntax Description
name vlan_name Specifies the name of an EAPS domain. Specifies the name of the control VLAN.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes the control VLAN keys from the EAPS domain eaps_1:
configure eaps eaps_1 delete control vlan keys

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

896

ExtremeWare XOS 11.3 Command Reference

configure eaps delete protect vlan

configure eaps delete protect vlan


configure eaps <name> delete protect vlan <vlan_name>

Description
Deletes the specified protected VLAN from the specified EAPS domain.

Syntax Description
name vlan_name Specifies the name of an EAPS domain. Specifies the name of the protected VLAN.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes the protected VLAN orchid from the EAPS domain eaps_1:
configure eaps eaps_1 delete protect vlan orchid

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

897

EAPS Commands

configure eaps failtime


configure eaps <name> failtime <seconds>

Description
Configures the value of the failtimer the master node uses for EAPS health-check packets.

Syntax Description
name seconds Specifies the name of an EAPS domain. Specifies the number of seconds the master node waits to receive a healthcheck packet before the failtimer expires. Default is 3 seconds, and the range is 2 to 300 seconds.

Default
The default is 3 seconds.

Usage Guidelines
Use the failtime keyword and its associated seconds parameter to specify the amount of time the master node waits before the failtimer expires. The seconds parameter must be set greater than the configured value for hellotime. The default value is three seconds. Increasing the failtime value provides more protection by waiting longer to receive a health-check packet when the network is congested.

NOTE
You configure the action taken when the failtimer expires by using the configure eaps failtime expiryaction command.

In ExtremeWare XOS 11.0, the failtimer range was 2 to 60 seconds.

Example
The following command configures the failtimer value for the EAPS domain eaps_1 to 15 seconds:
configure eaps eaps_1 failtime 15

History
This command was first available in ExtremeWare XOS 11.0. The range for the failtimer was changed to 2 to 300 seconds in ExtremeWare XOS 11.1. The default value for the failtimer remains unchanged.

898

ExtremeWare XOS 11.3 Command Reference

configure eaps failtime

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

899

EAPS Commands

configure eaps failtime expiry-action


configure eaps <name> failtime expiry-action [open-secondary-port | sendalert]

Description
Configures the action taken when the failtimer expires.

Syntax Description
name open-secondary-port send-alert Specifies the name of an EAPS domain. Specifies to open the secondary port when the failtimer expires. Specifies that a critical message is sent to the syslog when the failtimer expires.

Default
Default is send-alert.

Usage Guidelines
By default the action is to send an alert if the failtimer expires. Instead of going into a Failed state, the master node remains in a Complete or Init state, maintains the secondary port blocking, and writes a critical error message to syslog warning the user that there is a fault in the ring. An SNMP trap is also sent. If the EAPS ring contains non-EAPS devices, you must use the open-secondary-port parameter.

NOTE
Use caution when setting the failtimer expiry action to open-secondary port. Using this configuration, if the master node loses three consecutive hello protocol data units (PDUs), the failtimer will expirebut there may not be a break in the ring. Opening the secondary port in this situation would create a loop.

Example
The following command configures the failtimer expiry action for EAPS domain eaps_1:
configure eaps eaps_1 failtime expiry-action open-secondary-port

History
This command was first available in ExtremeWare XOS 11.0.

900

ExtremeWare XOS 11.3 Command Reference

configure eaps failtime expiry-action

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

901

EAPS Commands

configure eaps fast-convergence


configure eaps fast-convergence [off | on]

Description
Enables EAPS to converge more quickly.

Syntax Description
off on Turns fast-convergence off. Default is off. Turns fast-convergence on.

Default
Default is off.

Usage Guidelines
This command acts on the switch, not per domain. In certain environments to keep packet loss to a minimum when the ring is broken, configure EAPS with fast-convergence turned on. If fast convergence is turned on, it will be displayed under the show eaps command. For example:
show eaps EAPS Enabled: No EAPS Fast-Convergence: Off Number of EAPS instances: 0 # EAPS domain configuration : -------------------------------------------------------------------------------Domain State Mo En Pri Sec Control-Vlan VID Count --------------------------------------------------------------------------------

NOTE
If fast-convergence is turned on, the link filters on all EAPS ring ports are turned off. This can result problems if the ports hardware encountered a problem and started flapping between link-up/link-down states.

Example
The following command configures fast convergence for all of the EAPS domains on the switch:
configure eaps fast-convergence on

902

ExtremeWare XOS 11.3 Command Reference

configure eaps fast-convergence

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

903

EAPS Commands

configure eaps hellotime


configure eaps <name> hellotime <seconds>

Description
Configures the value of the hello timer the master node uses for the EAPS health-check packet.

Syntax Description
name seconds Specifies the name of an EAPS domain. Specifies the number of seconds to wait between transmission of the healthcheck packets on the control VLAN. Must be greater than 0; default is 1 second, and the range is 1 to 59 seconds.

Default
Default is 1 second.

Usage Guidelines
Use the hellotime keyword and its associated seconds parameter to specify the amount of time the master node waits between transmissions of health-check packets on the control VLAN. Increasing the hellotime value keeps the processor from sending and processing too many health-check packets. This command applies only to the master node. If you configure the polling timers for a transit node, those values are ignored. If you later reconfigure that transit node as the master node, the polling timer values is used as the current values. If you are running ExtremeWare XOS 11.0 with the hello timer value greater than 15 seconds and you upgrade to ExtremeWare XOS 11.1 or later, you must modify the hello timer to be within the 1 to 15 seconds range.

Example
The following command configures the hellotime value for the EAPS domain eaps_1 to 2 seconds:
configure eaps eaps_1 hellotime 2

History
This command was first available in ExtremeWare XOS 11.0. The range for the hello timer was changed to 1 to 15 seconds in ExtremeWare XOS 11.1. The default value for the hello timer remains unchanged.

904

ExtremeWare XOS 11.3 Command Reference

configure eaps hellotime

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

905

EAPS Commands

configure eaps mode


configure eaps <name> mode [master | transit]

Description
Configures the switch as either the EAPS master node or as an EAPS transit node for the specified domain.

Syntax Description
name master transit Specifies the name of an EAPS domain. Specifies that this switch should be the master node for the named EAPS domain. Specifies that this switch should be the transit node for the named EAPS domain.

Default
N/A.

Usage Guidelines
None.

Example
The following command identifies this switch as the master node for the domain named eaps_1:
configure eaps eaps_1 mode master

The following command identifies this switch as a transit node for the domain named eaps_1:
configure eaps eaps_1 mode transit

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

906

ExtremeWare XOS 11.3 Command Reference

configure eaps name

configure eaps name


configure eaps <old_name> name <new_name>

Description
Renames an existing EAPS domain.

Syntax Description
old_name new_name Specifies the current name of an EAPS domain. Specifies a new name for the EAPS domain.

Default
N/A.

Usage Guidelines
If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.

Example
The following command renames EAPS domain eaps-1 to eaps-5:
configure eaps eaps-1 name eaps-5

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

907

EAPS Commands

configure eaps port


configure eaps <name> [primary | secondary] port <ports>

Description
Configures a node port as the primary or secondary port for the specified EAPS domain.

Syntax Description
name primary secondary ports Specifies the name of an EAPS domain. Specifies that the port is to be configured as the primary port. Specifies that the port is to be configured as the secondary port. Specifies one port or slot and port.

Default
N/A.

Usage Guidelines
Each node on the ring connects through two ring ports. One port must be configured as the primary port; the other must be configured as the secondary port. The primary and secondary ports have significance only on a master node. The health-check messages are sent out the primary port of the master node, and the master node blocks the protected VLANs on the secondary port. You cannot use the same port for the master nodes secondary port and the shared-port. The master nodes secondary port must be different from the shared-port. There is no distinction between the primary and secondary ports on a transit node. Beginning with ExtremeWare XOS 11.1, if you have a primary or secondary port that is a member of a load-shared group, you do not need to disable your EAPS domain and remove that ring port when modifying the load-shared group. For more information about configuring load sharing on your switch, see Chapter 5, Configuring Slots and Ports on a Switch, in the ExtremeWare XOS Concepts Guide. You must have a Core or an Advanced Core license to configure multiple EAPS domains with different ring ports.

Example
The following command adds port 1 of the module installed in slot 8 to the EAPS domain eaps_1 as the primary port:
configure eaps eaps_1 primary port 8:1

908

ExtremeWare XOS 11.3 Command Reference

configure eaps port

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

909

EAPS Commands

configure eaps shared-port link-id


configure eaps shared-port <ports> link-id <id>

Description
Configures the link ID of the shared port.

Syntax Description
ports id Specifies the port number of the common link port. Specifies the link ID of the port.

Default
N/A.

Usage Guidelines
Each common link in the EAPS network must have a unique link ID. The controller and partner shared ports belonging to the same common link must have matching link IDs. No other instance in the network should have that link ID.

Example
The following command configures the EAPS shared port 1:1 to have a link ID of 1.
configure eaps shared-port 1:1 link-id 1

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms with a Core or an Advanced Core license.

910

ExtremeWare XOS 11.3 Command Reference

configure eaps shared-port mode

configure eaps shared-port mode


configure eaps shared-port <ports> mode <controller | partner>

Description
Configures the mode of the shared port.

Syntax Description
ports controller Specifies the port number of the shared port. Specifies the controller mode. The controller is the end of the common link responsible for blocking ports when the common link fails thereby preventing the superloop. Specifies partner mode. The partner is responsible only for sending and receiving health-check messages.

partner

Default
N/A.

Usage Guidelines
The shared port on one end of the common link must be configured to be the controller. This is the end responsible for blocking ports when the common link fails thereby preventing the superloop. The shared port on the other end of the common link must be configured to be the partner. This end does not participate in any form of blocking. It is responsible only for sending and receiving healthcheck messages.

Example
The following command configures the shared port 1:1 to be the controller.
configure eaps shared-port 1:1 mode controller

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

911

EAPS Commands

configure eaps shared-port segment-timeout expiryaction


configure eaps shared-port <ports> segment-timeout expiry-action [segmentdown | send-alert]

Description
Configures the action taken when a segment is down.

Syntax Description
ports segment-down Specifies a partner or controller shared port. Specifies the behavior of the partner or controller switch. If either switch does not receive health check messages during the defined segment timeout, the switch marks the segment as down. Specifies the behavior of the partner or controller switch. If either switch does not receive health check messages during the defined segment timeout, the switch keeps the segment in the up state, with its failed flag set, and sends a warning message to the log.

send-alert

Default
Default is send-alert.

Usage Guidelines
By default, the action is to send an alert if the failtimer expires. Instead of the segment going into a failed state and being marked as segment down, the segment remains in a segment up state with the failed flag set. The switch writes a critical error message to the syslog warning the user that there is a fault in the segment. An SNMP trap is also sent. If the EAPS segment contains non-EAPS devices, you must use the segment-down parameter.

NOTE
Use caution when setting the segment-timeout expiry action to segment-down. Using this configuration, if the controller or partner node loses three consecutive hello PDUs, the failtimer will expirebut there may not be a break in the segment. Opening a blocked port in this situation would create a loop.

The following describes some general recommendations for using this command:

When you configure your Extreme Networks switches as the partner and controller, respectively, make sure that their segment timer configurations are identical. For example, if you have a partner switch with the segment-timeout expiry action set to send-alert, make sure the controller switch has its segment-timeout expiry action set to send-alert.

912

ExtremeWare XOS 11.3 Command Reference

configure eaps shared-port segment-timeout expiry-action However, if you have a partner switch with the segment-timeout expiry action set to send-alert, and the controller switch does not have a segment timer configuration, you must configure the partner switchs segment-timeout expiry action to segment-down.

If you have a network containing non-Extreme Networks switches, set the segment-timeout expiry action to segment-down.

The following events may cause a ring segment failure:


There is a hardware failure. The controller or partner received a Link Down message from the partner or controller, respectively. The segment timer expires and the expiry action was set to segment down. This means that either the controller or partner did not receive health check messages during the defined segment timeout.

To view shared-port information, including shared-port segment status, use the show eaps sharedport {<port>} {detail} command.

Example
The following example makes the following assumptions:

The controller switch is an Extreme Networks switch running ExtremeWare XOS 11.1 The partner switch is an Extreme Networks switch running ExtremeWare 7.3

The following command configures the controller to keep the segment down if the segment-timeout expires:
configure eaps shared-port 3:3 segment-timeout expiry-action segment-down

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

913

EAPS Commands

create eaps
create eaps <name>

Description
Creates an EAPS domain with the specified name.

Syntax Description
name Specifies the name of an EAPS domain to be created. May be up to 32 characters in length.

Default
N/A.

Usage Guidelines
The name parameter is a character string of up to 32 characters that identifies the EAPS domain to be created. If you use the same name across categories (for example, STPD and EAPS names), Extreme Networks recommends that you specify the identifying keyword as well as the actual name. If you do not use the keyword, the system may return an error message.

Example
The following command creates EAPS domain eaps_1:
create eaps eaps_1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

914

ExtremeWare XOS 11.3 Command Reference

create eaps shared-port

create eaps shared-port


create eaps shared-port <ports>

Description
Creates an EAPS shared port on the switch.

Syntax Description
ports Specifies the port number of the common link port.

Default
N/A.

Usage Guidelines
To configure a common link, you must create a shared port on each switch on either end of the common link.

Example
The following command creates a shared port on the EAPS domain.
create eaps shared-port 1:2

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

915

EAPS Commands

delete eaps
delete eaps <name>

Description
Deletes the EAPS domain with the specified name.

Syntax Description
name Specifies the name of an EAPS domain to be deleted.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes EAPS domain eaps_1:
delete eaps eaps_1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

916

ExtremeWare XOS 11.3 Command Reference

delete eaps shared-port

delete eaps shared-port


delete eaps shared-port <ports>

Description
Deletes an EAPS shared port on a switch.

Syntax Description
ports Specifies the port number of the Common Link port.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes shared port 1:1.
delete eaps shared-port 1:1

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

917

EAPS Commands

disable eaps
disable eaps {<name>}

Description
Disables the EAPS function for a named domain or for an entire switch.

Syntax Description
name Specifies the name of an EAPS domain.

Default
Disabled for the entire switch.

Usage Guidelines
None.

Example
The following command disables the EAPS function for entire switch:
disable eaps

The following command disables the EAPS function for the domain eaps-1:
disable eaps eaps-1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

918

ExtremeWare XOS 11.3 Command Reference

enable eaps

enable eaps
enable eaps {<name>}

Description
Enables the EAPS function for a named domain or for an entire switch.

Syntax Description
name Specifies the name of an EAPS domain.

Default
Disabled. Default command enables EAPS for the entire switch.

Usage Guidelines
NOTE
If you use the same name across categories (for example, STPD and EAPS names), you must specify the identifying keyword as well as the actual name.

To configure and enable an EAPS, complete the following steps: 1 Create EAPS domain and assign the name. 2 Configure the control VLAN. 3 Configure the protected VLAN(s). 4 Add the control VLAN to EAPS domain. 5 Add the protected VLAN(s) to EAPS domain. 6 Configure EAPS mode, master or transit. 7 Configure EAPS port, secondary and primary. 8 If desired, configure timeout and action for failtimer expiration*. 9 If desired, configure the hello time for the health-check packets*. 10 Enable EAPS for the entire switch. 11 If desired, enable Fast Convergence*. 12 Enable EAPS for the specified domain. Although you can enable EAPS prior to configuring these steps, the EAPS domain(s) will not run until you configure these parameters. (The steps with * can be configured at any time, even after the EAPS domains are running.) You must enable EAPS globally and specifically for each named EAPS domain.

ExtremeWare XOS 11.3 Command Reference

919

EAPS Commands

Example
The following command enables the EAPS function for entire switch:
enable eaps

The following command enables the EAPS function for the domain eaps-1:
enable eaps eaps-1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

920

ExtremeWare XOS 11.3 Command Reference

show eaps

show eaps
show eaps {<eapsDomain>} {detail}

Description
Displays EAPS status information.

Syntax Description
eapsDomain detail Specifies the name of an EAPS domain. Specifies all available detail for each domain.

Default
N/A.

Usage Guidelines
If you enter the show eaps command without a keyword, the command displays less than with the detail keyword. Use the optional domain eapsDomain parameter to display status information for a specific EAPS domain. Some state values are different on a transit node than on a master node. The fields displayed are as follows:
EAPS Enabled: Current state of EAPS on this switch: YesEAPS is enabled on the switch. NoEAPS is not enabled. EAPS Fast Convergence: Number of EAPS instances: Name: Displays only when Fast Convergence is on. Number of EAPS domains created. The maximum number of EAPS domains per switch is 128. The configured name for this EAPS domain.

ExtremeWare XOS 11.3 Command Reference

921

EAPS Commands

State:

On a transit node, the command displays one of the following states: IdleThe EAPS domain has been enabled, but the configuration is not complete. Links-UpThis EAPS domain is running, and both its ports are up and in the FORWARDING state. Links-DownThis EAPS domain is running, but one or both of its ports are down. PreforwardingThis EAPS domain is running, and both of its ports are up, but one of them is in a temporary BLOCKED state. On a master node, the command displays one of the following states: IdleThe EAPS domain has been enabled, but the configuration is not complete. InitThe EAPS domain has started but has not yet determined the status of the ring. The secondary port is in a BLOCKED state. CompleteThe ring is in the COMPLETE state for this EAPS domain. FailedThere is a break in the ring for this EAPS domain. Pre-InitThe EAPS domain has started operation for Init state and has sent a request to lower hardware layers to block the secondary port. It is in transient state waiting for acknowledgement from hardware layer indicating the operation is completed. Pre-CompleteThe EAPS domain has started operation for Complete state and has sent a request to lower hardware layers to block the secondary port. It is in transient state waiting for acknowledgement from the hardware layer indicating the operation is completed. [Failtimer Expired]When the failtimer expires and its action is set to send-alert, this flag is set. This flag indicates there is a misconfiguration or hardware problem in the EAPS ring. The EAPS master node will continue to remain in COMPLETE or INIT state with its secondary port blocking.

[Running: ] Enabled:

YesThis EAPS domain is running. NoThis EAPS domain is not running. Indicates whether EAPS is enabled on this domain. YEAPS is enabled on this domain. NEAPS is not enabled.

Mode: Primary/Secondary port:

The configured EAPS mode for this switch: transit (T) or master (M). The port numbers assigned as the EAPS primary and secondary ports. On the master node, the port distinction indicates which port is blocked to avoid a loop. UnknownThis EAPS domain is not running, so the port status has not yet been determined. UpThe port is up and is forwarding data. DownThe port is down. BlockedThe port is up, but data is blocked from being forwarded.

Port status:

Tag status:

Tagged status of the control VLAN: TaggedThe control VLAN has this port assigned to it, and the port is tagged in the VLAN. UntaggedThe control VLAN has this port assigned to it, but the port is untagged in the control VLAN. UndeterminedEither a VLAN has not been added as the control VLAN to this EAPS domain or this port has not been added to the control VLAN.

922

ExtremeWare XOS 11.3 Command Reference

show eaps

Hello Timer interval: Fail Timer interval: Failtimer expiry action:

The configured value of the timer in seconds, specifying the time that the master node waits between transmissions of health check packets. The configured value of the timer in seconds, specifying the time that the master node waits before the failtimer expires. Displays the action taken when the failtimer expires: Send-alertSends a critical message to the syslog when the failtimer expires. Open-secondary-portOpens the secondary port when the failtimer expires. Displays only for master nodes.

Preforwarding Timer Last update:

interval:1

The configured value of the timer. This value is set internally by the EAPS software. Indicates the last time a hello packet is received from the master node. Lists the assigned name and ID of the control VLAN. Lists the assigned names and VLAN IDs of all the protected VLANs configured on this EAPS domain. The count of protected VLANs configured on this EAPS domain.

EAPS Domain has Controller Vlans: EAPS Domain has Protected Vlans:2 Number of Protected Vlans:

1. These fields apply only to transit nodes; they are not displayed for a master node. 2. This list is displayed when you use the detail keyword in the show eaps command.

Example
The following display shows sample output for the command show eaps:
EAPS Enabled: Yes EAPS Fast-Convergence: Off Number of EAPS instances: 2 # EAPS domain configuration : -------------------------------------------------------------------------------Domain State Mo En Pri Sec Control-Vlan VID Count -------------------------------------------------------------------------------d1 Complete M Y 3:8 3:16 c1 (1000) 100 d2 Links-Up T Y 3:8 3:16 c2 (1001) 100 --------------------------------------------------------------------------------

The following display shows sample output for the command show eaps <eapsDomain>:
Name: d1 State: Complete Running: Yes Enabled: Yes Mode: Master Primary port: 3:8 Port status: Up Tag status: Tagged Secondary port: 3:16 Port status: Blocked Tag status: Tagged Hello timer interval: 1 sec Fail timer interval: 3 sec Fail Timer expiry action: Send alert Last update: From Master Id 00:01:30:f9:9c:b0, at Wed Jun 9 09:09:35 2004 EAPS Domain has following Controller Vlan: Vlan Name VID c1 1000 EAPS Domain has following Protected Vlan(s): Vlan Name VID p_1 1 p_2 2

ExtremeWare XOS 11.3 Command Reference

923

EAPS Commands
p_3 p_4 p_5 p_6 p_7 p_8 p_9 p_10 p_11 p_12 p_13 p_14 p_15 p_16 p_17 p_18 p_19 p_20 p_21 p_22 p_23 p_24 p_25 p_26 p_27 p_28 p_29 p_30 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30

NOTE
You may see a slightly different display, depending on whether you display the master node or the transit node.

The display from the show eaps detail command shows all the information shown in the show eaps <eapsDomain> command, but displays information for all configured EAPS domains.

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

924

ExtremeWare XOS 11.3 Command Reference

show eaps shared-port

show eaps shared-port


show eaps shared-port {<port>} {detail}

Description
Displays shared-port information for one or more EAPS domains.

Syntax Description
port detail Specifies a shared-port. Specifies to display the status of all segments and VLANs.

Default
N/A.

Usage Guidelines
If you enter the show eaps shared-port command without the detail keyword, the command displays a summary of status information for all configured EAPS shared ports. If you specify an EAPS shared-port, the command displays information about that specific port. Otherwise, the command displays information about all of the shared-ports configured on the switch. In an EAPS shared port configuration, the segment ports are sorted in ascending order based on their port number, not the order you add an EAPS domain to EAPS shared ports. This is particularly useful when planning your EAPS configuration.

NOTE
The order you add EAPS domains to EAPS shared ports is relevant if the EAPS domains have matching ring ports and participate in spatial reuse. In this case, the newly added EAPS domain is added to the list and sorted on its ring port AFTER all other EAPS domains with the matching ring port.

The benefit of sorting ports in ascending order is evident if a common link fails. The port with the lowest port number among the segment ports in the UP state becomes the Active Open port. When configuring your EAPS domain, keep the port numbers in mind. For high bandwidth links, utilize lower port numbers, and for low bandwidth links, utilize higher port numbers. This way, if a common link fails, the high bandwidth link is still available. You can use the detail keyword to display more detailed status information about the segments and VLANs associated with each shared port.

ExtremeWare XOS 11.3 Command Reference

925

EAPS Commands The following table describes the significant fields and values in the display output of the show eaps shared-port {<port>} {detail} commands:
Field Shared Port Mode Link ID Up Description Displays the port number of the shared port. Indicates whether the switch on either end of the common link is a controller or partner. The mode is configured by the user. The link ID is the unique common link identifier configured by the user. Displays one of the following: YesIndicates that the link ID and the mode are configured. NoIndicates that the link ID or the mode is not configured. State Displays one of the following states: IdleShared-port instance is not running. ReadyThe EAPS shared-port instance is running, the neighbor can be reached, and the common link is up. BlockingThe EAPS shared-port instance is running, the neighbor cannot be reached, or the common link is down. PreforwardingThe EAPS shared-port instance is in a blocking state, and the common link came up. To prevent a superloop, a temporary blocking state is created before going into Ready state. Domain Count VLAN Count Nbr Indicates the number of EAPS domains sharing the common link. Indicates the total number of VLANs that are protected under the EAPS domains sharing this common link. YesIndicates that the EAPS instance on the other end of the common link is configured with matching link ID and opposite modes. For example, if one end of the common link is configured as a controller, the other end must be configured as a partner. ErrIndicates that the EAPS instance on the other end of the common link is configured with a matching link ID, but the modes are configured the same. For example, both modes are configured as controller, or both modes are configured as partner. NoThe neighbor on the other end of the common link cannot be reached. Indicates one or more of the following: - The switch on the other end of the common link is not running. - The shared port has not been created. - The link IDs on each side of the common link do not match. - The common link, and any other segment, between the controller and partner are not fully connected. RB State NoneThis EAPS shared-port is not the root blocker. ActiveThis EAPS shared-port is the root blocker and is currently active. InactiveThis EAPS shared-port is the root blocker but is currently inactive. RB ID Active Open (available with the detail keyword) The ID of the root blocker. If the value is none, there are not two or more common-link failures. NoneIndicates that there is no Active-Open port on the VLAN. Port #Indicates the port that is Active-Open and is in a forwarding state.

926

ExtremeWare XOS 11.3 Command Reference

show eaps shared-port

Field Segment Timer expiry action

Description Segment downSpecifies that if the controller or partner switch detect a down segment, that segment stays down and a query is not sent through the ring. The switch marks the segment status as "Down." Send alertSpecifies that if the controller or partner switch detect a down segment, that switch keeps the segment up and sends a warning message to the log (default). The switch sends a trap alert and sets the failed flag [F].

Segment Port (available with the detail keyword or by specifying a shared port) Status (available with the detail keyword or by specifying a shared port)

The segment port is the other ring port of an EAPS domain that is not the shared-port. UpThere is connectivity to the neighboring EAPS shared-port via this port. DownThere is a break in the path to the neighboring EAPS shared-port via this port. Blocking-UpThe path is Up, but due to the "root blocker" being in the Active state, this port is blocked to prevent a loop. Blocking-DownThe path is Down, but due to the "root blocker" being in the Active state, this port is blocked to prevent a loop. [F]The segment timer has expired but has not received an explicit link-down notification. The port remains in the Up state, with the timer expired flag set to True.

EAPS Domain (available with the detail keyword or by specifying a shared port) Vlan-port count (available with the detail keyword or by specifying a shared port) Adjacent Blocking Id (available with the detail keyword or by specifying a shared port) Segment RB Id (available with the detail keyword or by specifying a shared port) Vlan (available with the detail keyword or by specifying a shared port) Virtual-port Status (available with the detail keyword or by specifying a shared port)

The EAPS domain having the segment port as one of its ring ports.

The total number of VLANs being protected under this segment port.

NoneThe neighbor on this port is not reporting a Controller in the Blocking state. <Link-Id>The neighbor on this port is a controller in the Blocking state with a link ID of <Link-Id>. NoneThe neighbor on this port is not aware of a "root blocker" in the network. <RB-Id>The neighbor on this port has determined that there is a "root blocker" in the network with a link ID of <RB-Id>. Displays a list of VLANs protected by the segment port.

This information appears for the Controller, when it is in either the Blocking or Preforwarding state. Active-OpenThis VLAN or port is in the Forwarding state and has connectivity to the neighboring EAPS shared port via this port. OpenThis VLAN or port is in the Forwarding state but does not have connectivity to the neighboring EAPS shared port via this port. BlockedThis VLAN or port is in the Blocking state to prevent a loop in the network. DownThis ports link is down. ActiveAt this moment, this VLAN or port is not being handled by EAPS shared port. Rather, this VLAN or port is being handled by the regular EAPS protocol.

ExtremeWare XOS 11.3 Command Reference

927

EAPS Commands

Example
The following command displays shared-port information for an EAPS shared port instance configured as a partner while it is in the ready state:
show eaps shared-port EAPS shared-port count: 1 -------------------------------------------------------------------------------Link Domain Vlan RB RB Shared-port Mode Id Up State count count Nbr State Id -------------------------------------------------------------------------------8:1 Partner 1 Y Ready 2 1 Yes None None Segment Timer expiry action: Send alert --------------------------------------------------------------------------------

The following command displays shared-port information for an EAPS shared port instance configured as a controller while it is in the ready state:
EAPS shared-port count: 1 -------------------------------------------------------------------------------Link Domain Vlan RB RB Shared-port Mode Id Up State count count Nbr State Id -------------------------------------------------------------------------------10:1 Controller 1 Y Ready 2 1 Yes None None Segment Timer expiry action: Send alert --------------------------------------------------------------------------------

The following command displays information for an EAPS shared port instance configured as a controller while in the blocking state, with the detail option specified:
show eaps shared-port detail EAPS shared-port count: 1 -------------------------------------------------------------------------------Link Domain Vlan RB RB Shared-port Mode Id Up State count count Nbr State Id -------------------------------------------------------------------------------4:1 Controller 10 Y Blocking 2 1 Yes Active 10 Segment Timer expiry action: Send alert Segment Port: 5:7, Status: Blocking-Up EAPS Domain: d1 Vlan-port count: 1 Adjacent Blocking Id: None Segment RB Id: None Vlan Virtual-port Status p_1 Blocked Segment Port: 2:11, EAPS Domain: Vlan-port count: Adjacent Blocking Id: Segment RB Id: Vlan p_1 Status: Down d2 1 20 None Virtual-port Status Open

928

ExtremeWare XOS 11.3 Command Reference

show eaps shared-port

Vlan: p_1, Vlan-port count: 2, Active Open: None Segment Port Virtual-port Status 5:7 Blocked 2:11 Open

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

929

EAPS Commands

show vlan eaps


show vlan <vlan_name> eaps

Description
Displays the EAPS configuration (control, partner, or not added to an EAPS domain) of a specific VLAN.

Syntax Description
vlan_name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
Use this command to see if the specified VLAN is associated with an EAPS domain. The output of this command displays whether the VLAN is a control or partner VLAN for an EAPS domain. This command also displays if the VLAN is not a member of any EAPS domain. If a VLAN is a partner VLAN for more than one EAPS domain, all of the EAPS domains that the VLAN is a partner of appears in the output.

Example
The following command displays the EAPS configuration for the control VLAN orange in EAPS domain eaps1:
show vlan orange eaps

The following is sample output from this command:


Vlan is Control in following EAPS domain: eaps1

The following command displays the EAPS configuration for the protected VLAN purple in EAPS domain eaps1:
show vlan purple eaps

The following is sample output from this command:


Vlan is Protected in following EAPS domain(s): eaps1

930

ExtremeWare XOS 11.3 Command Reference

show vlan eaps The following command displays information about the VLAN default not participating in EAPS:
show vlan default eaps

The following is sample output from this command:


Vlan has not been added to any EAPS domain

History
This command was first available in ExtremeWare XOS 11.0

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

931

EAPS Commands

unconfigure eaps shared-port link-id


unconfigure eaps shared-port <ports> link-id

Description
Unconfigures an EAPS link ID on a shared port on the switch.

Syntax Description
ports Specifies the port number of the Common Link port.

Default
N/A.

Usage Guidelines
None.

Example
The following command unconfigures the link ID on shared port 1:1.
unconfigure eaps shared-port 1:1 link-id

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms with a Core or an Advanced Core license.

932

ExtremeWare XOS 11.3 Command Reference

unconfigure eaps shared-port mode

unconfigure eaps shared-port mode


unconfigure eaps shared-port <ports> mode

Description
Unconfigures the EAPS shared port mode.

Syntax Description
ports Specifies the port number of the Common Link port.

Default
N/A.

Usage Guidelines
None.

Example
The following command unconfigures the shared port mode on port 1:1.
unconfigure eaps shared-port 1:1 mode

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

933

EAPS Commands

unconfigure eaps port


unconfigure eaps <name> [primary | secondary] port

Description
Sets the specified ports internal configuration state to INVALID.

Syntax Description
name primary secondary Specifies the name of an EAPS domain. Specifies that the primary port should be unconfigured. Specifies that the secondary port should be unconfigured.

Default
N/A.

Usage Guidelines
Unconfiguring an EAPS port sets its internal configuration state to INVALID, which causes the port to appear in the Idle state with a port status of Unknown when you use the show eaps detail command to display the status information about the port.

Example
The following command unconfigures this nodes EAPS primary ring port on the domain eaps_1:
unconfig eaps eaps_1 primary port

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

934

ExtremeWare XOS 11.3 Command Reference

19 STP Commands
This chapter describes commands for:

Creating, configuring, enabling, and disabling Spanning Tree Protocol (STP) on the switch Enabling and disabling Rapid Spanning Tree Protocol (RSTP) on the switch Displaying and resetting STP settings on the switch

The Spanning Tree Protocol (STP) is a bridge-based mechanism for providing fault tolerance on networks. STP is a part of the 802.1D bridge specification defined by the IEEE Computer Society. To explain STP in terms used by the 802.1D specification, the switch will be referred to as a bridge. STP allows you to implement parallel paths for network traffic and ensure that redundant paths are:

Disabled when the main paths are operational. Enabled if the main path fails.

The Rapid Spanning Tree Protocol (RSTP) IEEE 802.1w provides an enhanced spanning tree algorithm that improves the convergence speed of bridged networks. RSTP takes advantage of point-to-point links in the network and actively confirms that a port can safely transition to the forwarding state without relying on any timer configurations. If a network topology change or failure occurs, RSTP rapidly recovers network connectivity by confirming the change locally before propagating that change to other devices across the network. For broadcast links, there is no difference in convergence time between STP and RSTP. RSTP supersedes legacy STP protocols, supports the existing STP parameters and configurations, and allows for seamless interoperability with legacy STP.

NOTE
STP and Extreme Standby Router Protocol (ESRP) cannot be configured on the same Virtual LAN (VLAN) simultaneously.

Spanning Tree Domains


The switch can be partitioned into multiple virtual bridges. Each virtual bridge can run an independent Spanning Tree instance. Each Spanning Tree instance is called a Spanning Tree Domain (STPD). Each STPD has its own root bridge and active path. After an STPD is created, one or more VLANs can be assigned to it. A port can belong to multiple STPDs. In addition, a VLAN can span multiple STPDs. The key points to remember when configuring VLANs and STP are:

Each VLAN forms an independent broadcast domain. STP blocks paths to create a loop-free environment. Within any given STPD, all VLANs belonging to it use the same spanning tree.

ExtremeWare XOS 11.3 Command Reference

935

STP Commands

Member VLANs
When you add a VLAN to an STPD, that VLAN becomes a member of the STPD. The two types of member VLANs in an STPD are:

Carrier Protected

Carrier VLAN. A carrier VLAN defines the scope of the STPD, which includes the physical and logical ports that belong to the STPD and the 802.1Q tag used to transport Extreme Multiple Instance Spanning Tree Protocol (EMISTP) or Per VLAN Spanning Tree (PVST+) encapsulated Bridge Protocol Data Units (BPDUs). Only one carrier VLAN can exist in a given STPD, although some of its ports can be outside the control of any STPD at the same time. NOTE
The StpdID must be identical to the VLANid of the carrier VLAN in that STPD.

Protected VLAN. Protected VLANs are all other VLANs that are members of the STPD. These VLANs piggyback on the carrier VLAN. Protected VLANs do not transmit or receive STP BPDUs, but they are affected by STP state changes and inherit the state of the carrier VLAN. Protected VLANs can participate in multiple STPD, but any particular port in the VLAN can belong to only one STPD. Also known as non-carrier VLANs.

STPD Modes
An STPD has two modes of operation:

802.1D mode Use this mode for backward compatibility with previous STP versions and for compatibility with third-party switches using IEEE standard 802.1D. When configured in this mode, all rapid configuration mechanisms are disabled.

802.1w mode Use this mode for compatibility with Rapid Spanning Tree (RSTP). When configured in this mode, all rapid configuration mechanisms are enabled. The benefit of this mode is available on point-topoint and edge ports only. You enable or disable RSTP on a per STPD basis only. You do not enable RSTP on a per port basis.

By default, the:

STPD operates in 802.1D mode. Default device configuration contains a single STPD called s0. Default VLAN is a member of STPD s0 with autobind enabled.

All STP parameters default to the IEEE 802.1D values, as appropriate.

Encapsulation Modes
You can configure ports within an STPD to accept and transmit specific BPDU encapsulations. This STP port encapsulation is separate from the STP mode of operation. For example, you can configure a port to accept the PVST+ BPDU encapsulation while running in 802.1D mode.

936

ExtremeWare XOS 11.3 Command Reference

An STP port has three possible encapsulation modes:

802.1D mode This mode is used for backward compatibility with previous STP versions and for compatibility with third-party switches using IEEE standard 802.1D. BPDUs are sent untagged in 802.1D mode. Because of this, any given physical interface can have only one STPD running in 802.1D mode.

Extreme Multiple Instance Spanning Tree Protocol (EMISTP) mode EMISTP mode is proprietary to Extreme Networks and is an extension of STP that allows a physical port to belong to multiple STPDs by assigning the port to multiple VLANs. EMISTP adds significant flexibility to STP network design. BPDUs are sent with an 802.1Q tag having an STPD instance Identifier (StpdID) in the VLANid field.

Per VLAN Spanning Tree (PVST+) mode This mode implements PVST+ in compatibility with third-party switches running this version of STP. The STPDs running in this mode have a one-to-one relationship with VLANs, and send and process packets in PVST+ format.

These encapsulation modes are for STP ports, not for physical ports. When a physical port belongs to multiple STPDs, it is associated with multiple STP ports. It is possible for the physical port to run in different modes for different domains to which it belongs.

STP Rules and Restrictions


This section summarizes the rules and restrictions for configuring STP as follows:

The carrier VLAN must span all ports of the STPD. The StpdID must be the VLANid of the carrier VLAN; the carrier VLAN cannot be partitioned. A default VLAN cannot be partitioned. If a VLAN traverses multiple STPDs, the VLAN must be tagged. An STPD can carry, at most, one VLAN running in PVST+ mode, and its StpdID must be identical with that VLANid. In addition, the PVST+ VLAN cannot be partitioned. The default VLAN of a PVST+ port must be identical with the native VLAN on the PVST+ device connected to that port. If an STPD contains both PVST+ and non-PVST+ ports, that STPD must be enabled. If that STPD is disabled, the BPDUs are flooded in the format of the incoming STP port, which may be incompatible with those of the connected devices. The 802.1D ports must be untagged; and the EMISTP/PVST+ ports must be tagged in the carrier VLAN. An STPD with multiple VLANs must contain only VLANs that belong to the same virtual router instance. Automatically adding ports to an STPD (known as STP autobind) cannot be configured on a Netlogin VLAN. STP cannot be configured on the following ports:

A mirroring target port. A software-controlled redundant port. A Netlogin port.

ExtremeWare XOS 11.3 Command Reference

937

STP Commands

clear counters stp


clear counters stp {[all | diagnostics | domains | ports]}

Description
Clears, resets all STP statistics and counters.

Syntax Description
all diagnostics domains ports Specifies all STP domain, port, and diagnostics counters. Specifies STP diagnostics counters. Specifies STP domain counters. Specifies STP port counters.

Default
N/A.

Usage Guidelines
If you do not enter a parameter, the result is the same as specifying the all parameter: the counters for all domains, ports, and diagnostics are reset. Enter one of the following parameters to reset the STP counters on the switch:

allSpecifies the counters for all STPDs and ports, and clears all STP counters diagnosticsClears the internal diagnostic counters domainsClears the domain level counters portsClears the counters for all ports and leaves the domain level counters

Viewing and maintaining statistics on a regular basis allows you to see how well your network is performing. If you keep simple daily records, you will see trends emerging and notice problems arising before they cause major network faults. By clearing the counters, you can see fresh statistics for the time period that you are monitoring.

Example
The following command clears all of the STP domain, port, and diagnostic counters:
clear counters stp

History
This command was available in ExtremeWare XOS 10.1.

938

ExtremeWare XOS 11.3 Command Reference

clear counters stp

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

939

STP Commands

configure stpd add vlan


configure stpd <stpd_name> add vlan <vlan_name> ports [all | <port_list>] {[dot1d | emistp | pvst-plus]}

Description
Adds all ports or a list of ports within a VLAN to a specified STPD.

Syntax Description
stpd_name vlan_name all port_list dot1d emistp pvst-plus Specifies an STPD name on the switch. Specifies a VLAN name. Specifies all of the ports in the VLAN to be included in the STPD. Specifies the port or ports to be included in the STPD. Specifies the STP encapsulation mode of operation to be 802.1D. Specifies the STP encapsulation mode of operation to be EMISTP. Specifies the STP encapsulation mode of operation to be PVST+.

Default
All ports are in emistp mode, except those in STPD s0, whose default setting is 802.1d mode.

Usage Guidelines
To create an STP domain, use the create stpd command. To create a VLAN, use the create vlan command. This command adds a list of ports within a VLAN to a specified STPD provided the carrier VLAN already exists on the same set of ports. You can also specify the encapsulation mode for those ports. You cannot configure STP on the following ports:

Mirroring target ports Software-controlled redundant ports Netlogin ports

If you see an error similar to the following:


Error: Cannot add VLAN default port 3:5 to STP domain

You might be attempting to add:

Another 802.1D mode STP port to a physical port that already contains an 802.1D mode STP port (only one 802.1D encapsulation STP port can be configured on a particular STP port) A carrier VLAN port to a different STP domain than the carrier VLAN belongs A VLAN/port for which the carrier VLAN does not yet belong

940

ExtremeWare XOS 11.3 Command Reference

configure stpd add vlan

NOTE
This restriction is only enforced in an active STP domain and when you enable STP to make sure you have a legal STP configuration.

Care must be taken to ensure that ports in overlapping domains do not interfere with the orderly working of each domains protocol. By default, when the switch boots for the first time, it automatically creates a VLAN named default with a tag value of 1 and STPD s0. The switch associates VLAN default to STPD s0. All ports that belong to this VLAN and STPD are in 802.1D encapsulation mode with autobind enabled. If you disable autobind on the VLAN default, that configuration is saved across a reboot. Naming Conventions. If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keywords stpd and vlan are optional. STP Encapsulations Modes. You can specify the following STP encapsulation modes:

dot1dThis mode is reserved for backward compatibility with previous STP versions. BPDUs are

sent untagged in 802.1D mode. Because of this, any given physical interface can have only one STPD running in 802.1D mode.

emistpThis mode sends BPDUs with an 802.1Q tag having an StpdID in the VLANid field. pvst-plusThis mode implements PVST+ in compatibility with third-party switches running this version of STP. The STPDs running in this mode have a one-to-one relationship with VLANs, and send and process packets in PVST+ format.

NOTE
These encapsulation modes are for STP ports, not for physical ports. When a physical port belongs to multiple STPDs, it is associated with multiple STP ports. It is possible for the physical port to run in different modes for different domains for which it belongs.

STPD Identifier. An StpdID is used to identify each STP domain. You assign the StpdID when configuring the domain. An StpdID must be identical to the VLANid of the carrier VLAN in that STPD and that VLAN cannot belong to another STPD.

Example
Create a VLAN named marketing and an STPD named STPD1 as follows:
create vlan marketing create stpd stpd1

The following command adds the VLAN named marketing to the STPD STPD1, and includes all the ports of the VLAN in STPD1:
configure stpd stpd1 add vlan marketing ports all

History
This command was available in ExtremeWare XOS 10.1.

ExtremeWare XOS 11.3 Command Reference

941

STP Commands

Platform Availability
This command is available on all platforms.

942

ExtremeWare XOS 11.3 Command Reference

configure stpd default-encapsulation

configure stpd default-encapsulation


configure stpd <stpd_name> default-encapsulation [dot1d | emistp | pvstplus]

Description
Configures the default encapsulation mode for all ports added to the specified STPD.

Syntax Description
stpd_name dot1d emistp pvst-plus Specifies an STPD name on the switch. Specifies the STP encapsulation mode of operation to be 802.1d. Specifies the STP encapsulation mode of operation to be EMISTP. Specifies the STP encapsulation mode of operation to be PVST+.

Default
All ports are in emistp mode, except those in STPD s0, whose default setting is 802.1d mode.

Usage Guidelines
Care must be taken to ensure that ports in overlapping domains do not interfere with the orderly working of each domains protocol. By default, when the switch boots for the first time, it automatically creates a VLAN named default with a tag value of 1 and STPD s0. The switch associates VLAN default to STPD s0. All ports that belong to this VLAN and STPD are in 802.1d encapsulation mode with autobind enabled. If you disable autobind on the VLAN default, that configuration is saved across a reboot. Naming Conventions. If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. STP Encapsulation Modes . You can specify the following STP encapsulation modes:

dot1dThis mode is reserved for backward compatibility with previous STP versions. BPDUs are

sent untagged in 802.1D mode. Because of this, any given physical interface can have only one STPD running in 802.1D mode.

emistpThis mode sends BPDUs with an 802.1Q tag having an StpdID in the VLANid field. pvst-plusThis mode implements PVST+ in compatibility with third-party switches running this version of STP. The STPDs running in this mode have a one-to-one relationship with VLANs and send and process packets in PVST+ format.

ExtremeWare XOS 11.3 Command Reference

943

STP Commands

NOTE
These encapsulation modes are for STP ports, not for physical ports. When a physical port belongs to multiple STPDs, it is associated with multiple STP ports. It is possible for the physical port to run in different modes for different domains for which it belongs.

STPD Identifier. An StpdID is used to identify each STP domain. You assign the StpdID when configuring the domain. An StpdID must be identical to the VLANid of the carrier VLAN in that STP domain, and that VLAN cannot belong to another STPD.

Example
The following command specifies that all ports subsequently added to the STPD STPD1 be in PVST+ encapsulation mode unless otherwise specified or manually changed:
configure stpd stpd1 default-encapsulation pvst-plus

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

944

ExtremeWare XOS 11.3 Command Reference

configure stpd delete vlan

configure stpd delete vlan


configure stpd <stpd_name> delete vlan <vlan_name> ports [all | <port_list>]

Description
Deletes one or more ports in the specified VLAN from an STPD.

Syntax Description
stpd_name vlan_name all port_list Specifies an STPD name on the switch. Specifies a VLAN name. Specifies all of the ports in the VLAN to be removed from the STPD. Specifies the port or ports to be removed from the STPD.

Default
N/A.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keywords stpd and vlan are optional. If the specified VLAN is the carrier VLAN, all protected VLANs on the same set of ports are also removed from the STPD. You also use this command to remove autobind ports from a VLAN. ExtremeWare XOS records the deleted ports so that the ports are not automatically added to the STPD after a system restart.

Example
The following command removes all ports of a VLAN named Marketing from the STPD STPD1:
configure stpd stpd1 delete vlan marketing ports all

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

945

STP Commands

configure stpd forwarddelay


configure stpd <stpd_name> forwarddelay <seconds>

Description
Specifies the time (in seconds) that the ports in this STPD spend in the listening and learning states when the switch is the Root Bridge.

Syntax Description
stpd_name seconds Specifies an STPD name on the switch. Specifies the forward delay time in seconds. The default is 15 seconds, and the range is 4 to 30 seconds.

Default
The default forward delay time is 15 seconds.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. You should not configure any STP parameters unless you have considerable knowledge and experience with STP. The default STP parameters are adequate for most networks. The range for the <seconds> parameter is 4 through 30 seconds.

Example
The following command sets the forward delay from STPD1 to 20 seconds:
configure stpd stpd1 forwarddelay 20

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

946

ExtremeWare XOS 11.3 Command Reference

configure stpd hellotime

configure stpd hellotime


configure stpd <stpd_name> hellotime <seconds>

Description
Specifies the time delay (in seconds) between the transmission of BPDUs from this STPD when it is the Root Bridge.

Syntax Description
stpd_name seconds Specifies an STPD name on the switch. Specifies the hello time in seconds. The default is 2 seconds, and the range is 1 to 10 seconds.

Default
The default hello time is 2 seconds.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. You should not configure any STP parameters unless you have considerable knowledge and experience with STP. The default STP parameters are adequate for most networks. The range for the <seconds> parameter is 1 through 10 seconds.

Example
The following command sets the time delay from STPD1 to 10 seconds:
configure stpd stpd1 hellotime 10

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

947

STP Commands

configure stpd maxage


configure stpd <stpd_name> maxage <seconds>

Description
Specifies the maximum age of a BPDU in the specified STPD.

Syntax Description
stpd_name seconds Specifies an STPD name on the switch. Specifies the maxage time in seconds. The default is 20 seconds, and the range is 6 to 40 seconds.

Default
The default maximum age of a BPDU is 20 seconds.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. You should not configure any STP parameters unless you have considerable knowledge and experience with STP. The default STP parameters are adequate for most networks. The range for the <seconds> parameter is 6 through 40 seconds. Note that the time must be greater than, or equal to 2 * (Hello Time + 1) and less than, or equal to 2 * (Forward Delay 1).

Example
The following command sets the maximum age of STPD1 to 30 seconds:
configure stpd stpd1 maxage 30

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

948

ExtremeWare XOS 11.3 Command Reference

configure stpd mode

configure stpd mode


configure stpd <stpd_name> mode [dot1d | dot1w]

Description
Configures the operational mode for the specified STP domain.

Syntax Description
stpd_name dot1d dot1w Specifies an STPD name on the switch. Specifies the STPD mode of operation to be 802.1d. Specifies the STPD mode of operation to be 802.1w, and rapid configuration is enabled.

Default
The STPD operates in 802.1d mode.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. If you configure the STP domain in 802.1D mode, the rapid reconfiguration mechanism is disabled. If you configure the STP domain in 802.1w mode, the rapid reconfiguration mechanism is enabled.

Example
The following command configures STPD s1 to enable the rapid reconfiguration mechanism and operate in 802.1w mode:
configure stpd s1 mode dot1w

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

949

STP Commands

configure stpd ports cost


configure stpd <stpd_name> ports cost [auto | <cost>] <port_list>

Description
Specifies the path cost of the port in the specified STPD.

Syntax Description
stpd_name auto cost port_list Specifies an STPD name on the switch. Specifies the switch to remove any user-defined port cost value(s) and use the appropriate default port cost value(s). Specifies a numerical port cost value. The range is 1 through 65,535. Specifies one or more ports or slots and ports.

Default
The switch automatically assigns a default path cost based on the speed of the port, as follows:

10Mbps portthe default cost is 100. 100Mbps portthe default cost is 19. 1000Mbps portthe default cost is 4. 10000Mbps portsthe default cost is 2.

The default port cost for trunked ports is dynamically calculated based on the available bandwidth.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. You should not configure any STP parameters unless you have considerable knowledge and experience with STP. The default STP parameters are adequate for most networks. The range for the cost parameter is 1 through 65,535. The switch automatically assigns a default path cost based on the speed of the port. If you configure the port cost, a setting of 1 indicates the highest priority. If you configured a port cost value and specify the auto option, the switch removes the user-defined port cost value and returns to the default, automatically assigned, port cost value. If a trunk port is the root port for an STP topology, port costs can fluctuate up and down and trigger topology changes. For example, if all links go down in the trunk (all ports go link-down), the available bandwidth is zero. The system displays a port cost of unknown (Unkn) and enters the disabled state. To prevent this dynamic behavior, configure the port cost of the trunk port with the configure stpd <stpd_name> ports <cost> <port_list> command. After you configure a static cost, the value is frozen until you specify the auto option.

950

ExtremeWare XOS 11.3 Command Reference

configure stpd ports cost

Example
The following command configures a cost of 100 to slot 2, ports 1 through 5 in STPD s0:
configure stpd s0 ports cost 100 2:1-2:5

History
This command was available in ExtremeWare XOS 10.1. The auto option was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

951

STP Commands

configure stpd ports link-type


configure stpd <stpd_name> ports link-type [auto | broadcast | edge | point-to-point] <port_list>

Description
Configures the ports in the specified STPD as auto, broadcast, edge, or point-to-point link types.

Syntax Description
stpd_name auto Specifies an STPD name on the switch. Specifies the switch to automatically determine the port link type. An auto link behaves like a point-to-point link if the link is in full-duplex mode or if link aggregation is enabled on the port. Used for 802.1w configurations. Specifies a port attached to a LAN segment with more than two bridges. Used for 802.1D configurations. A port with broadcast link type cannot participate in rapid reconfiguration. By default, all ports are broadcast links. Specifies a port that does not have a bridge attached. An edge port is placed and held in the STP forwarding state unless a BPDU is received by the port. Used for 802.1w configurations. Specifies a port attached to a LAN segment with only two bridges. A port with point-to-point link type can participate in rapid reconfiguration. Used for 802.1w configurations. Specifies one or more ports or slots and ports.

broadcast

edge

point-to-point

port_list

Default
All ports are broadcast link types.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. The default, broadcast links, supports legacy STP (802.1D) configurations. If you configure a port to be an edge port, the port immediately enters the forwarding state. Edge ports remain in the forwarding state unless the port receives a BPDU. In that case, edge ports enter the blocking state. RSTP does not send any BPDUs from an edge port nor does it generate topology change events when an edge port changes its state. RSTP rapidly moves the designated ports of a point-to-point link type into the forwarding state. This behavior is supported by RSTP only. An auto link behaves like a point-to-point link if the link is in full duplex mode or if link aggregation is enabled on the port; otherwise, an auto link behaves like a broadcast link. If a non-STP switch exists

952

ExtremeWare XOS 11.3 Command Reference

configure stpd ports link-type between several switches operating in 802.1w mode with auto links, the non-STP switch may negotiate full-duplex even though the broadcast domain extends over several STP devices. If the switch operates in 802.1D mode, any configured port link type will behave the same as the broadcast link type.

Example
The following command configures slot 2, ports 1 through 4 to be point-to-point links in STPD s1:
configure stpd s1 ports link-type point-to-point 2:1-2:4

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

953

STP Commands

configure stpd ports mode


configure stpd <stpd_name> ports mode [dot1d | emistp | pvst-plus] <port_list>

Description
Configures the encapsulation mode for the specified port list.

Syntax Description
stpd_name dot1d emistp pvst-plus port_list Specifies an STPD name on the switch. Specifies the STP encapsulation mode of operation to be 802.1d. Specifies the STP encapsulation mode of operation to be EMISTP. Specifies the STP encapsulation mode of operation to be PVST+. Specifies one or more ports or slots and ports.

Default
Ports in the default STPD (s0) are dot1d mode. Ports in user-created STPDs are in emistp mode.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. You can specify the following STP encapsulation modes:

dot1dThis mode is reserved for backward compatibility with previous STP versions. BPDUs are

sent untagged in 802.1D mode. Because of this, any given physical interface can have only one STPD running in 802.1D mode.

emistpThis mode sends BPDUs with an 802.1Q tag having an StpdID in the VLANid field. pvst-plusThis mode implements PVST+ in compatibility with third-party switches running this version of STP. The STPDs running in this mode have a one-to-one relationship with VLANs, and send and process packets in PVST+ format.

Example
The following command configures STPD s1 with PVST+ packet formatting for slot 2, port 1:
configure stpd s1 ports mode pvst-plus 2:1

History
This command was available in ExtremeWare XOS 10.1.

954

ExtremeWare XOS 11.3 Command Reference

configure stpd ports mode

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

955

STP Commands

configure stpd ports priority


configure stpd <stpd_name> ports priority <priority> <port_list>

Description
Specifies the port priority of the port in the specified STPD.

Syntax Description
stpd_name priority port_list Specifies an STPD name on the switch. Specifies a numerical port priority value. The range is 0 through 31. Specifies one or more ports or slots and ports.

Default
The default setting is 16.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. You should not configure any STP parameters unless you have considerable knowledge and experience with STP. The default STP parameters are adequate for most networks. By changing the priority of the port, you can make it more or less likely to become the root port or a designated port. A setting of 0 indicates the highest priority. The range for the priority parameter is 0 through 31.

Example
The following command assigns a priority of 1 to slot 2, ports 1 through 5 in STPD s0:
configure stpd s0 ports priority 1 2:1-2:5

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

956

ExtremeWare XOS 11.3 Command Reference

configure stpd priority

configure stpd priority


configure stpd <stpd_name> priority <priority>

Description
Specifies the bridge priority of the STPD.

Syntax Description
stpd_name priority Specifies an STPD name on the switch. Specifies the bridge priority of the STPD. The range is 0 through 65,535.

Default
The default priority is 32,768.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. You should not configure any STP parameters unless you have considerable knowledge and experience with STP. The default STP parameters are adequate for most networks. By changing the priority of the STPD, you can make it more or less likely to become the root bridge. The range for the <priority> parameter is 0 through 65,535. A setting of 0 indicates the highest priority.

Example
The following command sets the bridge priority of STPD1 to 16,384:
configure stpd stpd1 priority 16384

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

957

STP Commands

configure stpd tag


configure stpd <stpd_name> tag <stpd_tag>

Description
Assigns an StpdID to an STPD.

Syntax Description
stpd_name stpd_tag Specifies an STPD name on the switch. Specifies the VLANid of the carrier VLAN that is owned by the STPD.

Default
N/A.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your STPD has a name unique only to that STPD, the keyword stpd is optional. You should not configure any STP parameters unless you have considerable knowledge and experience with STP. The default STP parameters are adequate for most networks. An StpdID is used to identify each STP domain. You assign the StpdID when configuring the domain. An StpdID must be identical to the VLANid of the carrier VLAN in that STP domain, and that VLAN cannot belong to another STPD. Unless all ports are running in 802.1D mode, an STPD must be configured with an StpdID. You must create and configure the VLAN, along with the tag, before you can configure the STPD tag. To create a VLAN, use the create vlan command. To configure the VLAN, use the configure vlan commands.

Example
The following command assigns an StpdID to the purple_st STPD:
configure stpd purple_st tag 200

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

958

ExtremeWare XOS 11.3 Command Reference

configure vlan add ports stpd

configure vlan add ports stpd


configure vlan <vlan_name> add ports [all | <port_list>] {tagged | untagged} {nobroadcast} stpd <stpd_name> {[dot1d | emistp | pvst-plus]}

Description
Adds one or more ports in a VLAN to a specified STPD.

Syntax Description
vlan_name all port_list tagged untagged nobroadcast stpd_name dot1d emistp pvst-plus Specifies a VLAN name. Specifies all of the ports to be included in the STPD. Specifies the port or ports to be included in the STPD. Specifies the ports should be configured as tagged. Specifies the ports should be configured as untagged. Prevents broadcasts, multicasts, and unknowns from being transmitted on these ports. Specifies an STPD name on the switch. Specifies the STP encapsulation mode of operation to be 802.1d. Specifies the STP encapsulation mode of operation to be EMISTP. Specifies the STP encapsulation mode of operation to be PVST+.

Default
All ports are in emistp mode, except those in STPD s0, whose default setting is dot1d mode.

Usage Guidelines
To create a VLAN, use the create vlan command. To create an STP domain, use the create stpd command. This command adds a list of ports to a VLAN and a specified STPD at the same time provided the carrier VLAN already exists on the same set of ports. You can also specify the encapsulation mode for those ports. You cannot configure STP on the following ports:

Mirroring target ports Software-controlled redundant ports Netlogin ports

If you see an error similar to the following:


Error: Cannot add VLAN default port 3:5 to STP domain

ExtremeWare XOS 11.3 Command Reference

959

STP Commands You might be attempting to add:

Another 802.1D mode STP port to a physical port that already contains an 802.1D mode STP port (only one 802.1D encapsulation STP port can be configured on a particular STP port) A carrier VLAN port to a different STP domain than the carrier VLAN belongs A VLAN/port for which the carrier VLAN does not yet belong NOTE
This restriction is only enforced in an active STP domain and when you enable STP to ensure you have a legal STP configuration.

Naming Conventions. If your VLAN has the same name as another component, for example an STPD, Extreme Networks recommends that you specify the identifying keyword as well as the name. If your VLAN has a name unique only to that VLAN, the keywords vlan and stpd are optional. STP Encapsulation Modes. You can specify the following STP encapsulation modes:

dot1dThis mode is reserved for backward compatibility with previous STP versions. BPDUs are

sent untagged in 802.1D mode. Because of this, any given physical interface can have only one STPD running in 802.1D mode.

emistpThis mode sends BPDUs with an 802.1Q tag having an StpdID in the VLANid field. pvst-plusThis mode implements PVST+ in compatibility with third-party switches running this version of STP. The STPDs running in this mode have a one-to-one relationship with VLANs, and send and process packets in PVST+ format.

These encapsulation modes are for STP ports, not for physical ports. When a physical ports belongs to multiple STPDs, it is associated with multiple STP ports. It is possible for the physical port to run in different modes for different domains for which it belongs.

Example
The following command adds slot 1, port 2 and slot 2, port 3, members of a VLAN named Marketing, to the STPD named STPD1, and specifies that they be in EMISTP mode:
configure vlan marketing add ports 1:2, 2:3 tagged stpd stpd1 emistp

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

960

ExtremeWare XOS 11.3 Command Reference

create stpd

create stpd
create stpd <stpd_name>

Description
Creates a user-defined STPD.

Syntax Description
stpd_name Specifies a user-defined STPD name to be created. May be up to 32 characters in length.

Default
The default device configuration contains a single STPD called s0. When an STPD is created, the STPD has the following default parameters:

Statedisabled StpdIDnone Assigned VLANsnone Bridge priority32,768 Maximum BPDU age20 seconds Hello time2 seconds Forward delay15 seconds Operational mode802.1D Rapid Root Failoverdisabled Default Binding Mode (encapsulation mode)Ports in the default STPD (s0) are in 802.1d mode. Ports in user-created STPDs are in emistp mode.

Usage Guidelines
The maximum length for a name is 32 characters. Names can contain alphanumeric characters and underscores ( _ ) but cannot be any reserved keywords, for example, stp or stpd. Names must start with an alphabetical character, for example, a, Z. Each STPD name must be unique and cannot duplicate any other named STPDs on the switch. If you are uncertain about the STPD names on the switch, use the show stpd command to view the STPD names. You can, however, re-use names across multiple categories of switch configuration. For example, you can use the name Test for an STPD and a VLAN. If you use the same name, Extreme Networks recommends that you specify the appropriate keyword when configuring the STPD. If you do not specify the appropriate keyword, the switch displays a message similar to the following:
%% Ambiguous command: "configure Test"

ExtremeWare XOS 11.3 Command Reference

961

STP Commands To view the names of the STPDs on the switch, enter configure and press [Tab]. Scroll to the end of the output to view the names. Each STPD has its own Root Bridge and active path. After the STPD is created, one or more VLANs can be assigned to it.

Example
The following example creates an STPD named purple_st:
create stpd purple_st

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

962

ExtremeWare XOS 11.3 Command Reference

delete stpd

delete stpd
delete stpd <stpd_name>

Description
Removes a user-defined STPD from the switch.

Syntax Description
stpd_name Specifies a user-defined STPD name on the switch.

Default
N/A.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If you do not specify the stpd keyword, an error message similar to the following is displayed:
%% Ambiguous command: "delete Test"

In this example, to delete the STPD Test, enter delete stpd Test. If you created an STPD with a name unique only to that STPD, the keyword stpd is optional. The default STPD, s0, cannot be deleted.

Example
The following command deletes an STPD named purple_st:
delete stpd purple_st

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

963

STP Commands

disable stpd
disable stpd {<stpd_name>}

Description
Disables the STP protocol on a particular STPD or for all STPDs.

Syntax Description
stpd_name Specifies an STPD name on the switch.

Default
Disabled.

Usage Guidelines
After you have created the STPD with a unique name, the keyword stpd is optional. If you want to disable the STP protocol for all STPDs, do not specify an STPD name.

Example
The following command disables an STPD named purple_st:
disable stpd purple_st

The following command disables the STP protocol for all STPDs on the switch:
disable stpd

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

964

ExtremeWare XOS 11.3 Command Reference

disable stpd auto-bind

disable stpd auto-bind


disable stpd <stpd_name> auto-bind vlan <vlan_name>

Description
Disables the ability to automatically add ports to an STPD when they are added to a member VLAN.

Syntax Description
stpd_name vlan_name Specifies an STPD name on the switch. Specifies the name of a member VLAN with autobind enabled.

Default
The autobind feature is disabled on user-created STPDs. The autobind feature is enabled on the default VLAN that participates in the default STPD S0.

Usage Guidelines
NOTE
Ports already in the STPD remain in that domain (as if they were added manually).

If you create an STPD and a VLAN with unique names, the keywords stpd and vlan are optional. Ports added to the STPD automatically when autobind is enabled are not removed when autobind is disabled. The ports are present after a switch reboot. To view STP configuration status of the ports in a VLAN, use the following command:
show vlan <vlan_name> stpd

Example
The following example disables autobind on an STPD named s8:
disable stpd s8 auto-bind v5

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

965

STP Commands

disable stpd ports


disable stpd <stpd_name> ports [all | <port_list>]

Description
Disables STP on one or more ports for a given STPD.

Syntax Description
stpd_name all port_list Specifies an STPD name on the switch. Specifies all ports for a given STPD. Specifies one or more ports or slots and ports.

Default
Enabled.

Usage Guidelines
If you create the STPD with a unique name, the keyword stpd is optional. Disabling STP on one or more ports puts those ports in the forwarding state; all BPDUs received on those ports are disregarded and dropped. Use the all keyword to specify that all ports of a given STPD are disabled. Use the port_list parameter to specify a list of ports of a given STPD are disabled. If you do not use the default STPD, you must create one or more STPDs and configure and enable the STPD before you can use the disable stpd ports command.

Example
The following command disables slot 2, port 4 on an STPD named Backbone_st:
disable stpd backbone_st ports 2:4

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

966

ExtremeWare XOS 11.3 Command Reference

disable stpd rapid-root-failover

disable stpd rapid-root-failover


disable stpd <stpd_name> rapid-root-failover

Description
Disables rapid root failover for STP recovery times.

Syntax Description
stpd_name Specifies an STPD name on the switch.

Default
Disabled.

Usage Guidelines
After you have created the STPD with a unique name, the keyword stpd is optional. To view the status of rapid root failover on the switch, use the show stpd command. The show stpd command displays information about the STPD configuration on the switch including the enable/ disable state for rapid root failover.

Example
The following command disables rapid root fail over on STPD Backbone_st:
disable stpd backbone_st rapid-root-failover

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

967

STP Commands

enable stpd
enable stpd {<stpd_name>}

Description
Enables the STP protocol for one or all STPDs.

Syntax Description
stpd_name Specifies an STPD name on the switch.

Default
Disabled.

Usage Guidelines
If you want to enable the STP protocol for all STPDs, do not specify an STPD name.

Example
The following command enables an STPD named Backbone_st:
enable stpd backbone_st

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

968

ExtremeWare XOS 11.3 Command Reference

enable stpd auto-bind

enable stpd auto-bind


enable stpd <stpd_name> auto-bind vlan <vlan_name>

Description
Automatically adds ports to an STPD when ports are added to a member VLAN.

Syntax Description
stpd_name vlan_name Specifies an STPD name on the switch. Specifies the name of the VLAN to have autobind enabled.

Default
The autobind feature is disabled on user-created STPDs. The autobind feature is enabled on the default VLAN that participates in the default STPD S0. If you enable autobind and add ports to a member VLAN, those ports are automatically added to the STPD.

Usage Guidelines
If you create an STPD and a VLAN with unique names, the keywords stpd and vlan are optional. When you issue this command, any port or list of ports that you add to the carrier VLAN are automatically added to the STPD with autobind enabled. In addition, any port or list of ports that you remove from a carrier VLAN are automatically removed from the STPD. This allows the STPD to increase or decrease its span as you add ports to or remove ports from a carrier VLAN. You cannot configure the autobind feature on a Netlogin VLAN. Carrier VLAN. A carrier VLAN defines the scope of the STPD, which includes the physical and logical ports that belong to the STPD and the 802.1Q tag used to transport STP BPDUs in the encapsulation mode is EMISTP or PVST+. Only one carrier VLAN can exist in a given STPD, although some of its ports can be outside the control of any STPD at the same time.

NOTE
The StpdID must be identical to the VLANid of the carrier VLAN in that STPD.

Protected VLAN. Protected VLANs are all other VLANs that are members of the STPD. These VLANs piggyback on the carrier VLAN. Protected VLANs do not transmit or receive STP BPDUs, but they are affected by STP state changes and inherit the state of the carrier VLAN. Protected VLANs can participate in multiple STPDs, but any particular port in the VLAN can belong to only one STPD. Enabling autobind on a protected VLAN does not expand the boundary of the STPD. However, the VLAN and port combinations are added to or removed from the STPD subject to the boundaries of the carrier VLAN.

ExtremeWare XOS 11.3 Command Reference

969

STP Commands To view STP configuration status of the ports on a VLAN, use the following command:
show vlan <vlan_name> stpd

Example
To automatically add ports to an STPD and expand the boundary of the STPD, you must complete the following tasks:

Create the carrier VLAN. Assign a VLANid to the carrier VLAN. Add ports to the carrier VLAN. Create an STPD (or use the default, S0). Enable autobind on the STPDs carrier VLAN. Configure the STPD tag (the StpdID must be identical to the VLANid of the carrier VLAN in the STP domain). Enable STP.

The following example enables autobind on an STPD named s8 after creating a carrier VLAN named v5:
create vlan v5 configure vlan configure vlan create stpd s8 enable stpd s8 configure stpd enable stpd s8 v5 tag 100 v5 add ports 1:1-1:20 tagged auto-bind v5 s8 tag 100

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

970

ExtremeWare XOS 11.3 Command Reference

enable stpd ports

enable stpd ports


enable stpd <stpd_name> ports [all | <port_list>]

Description
Enables the STP protocol on one or more ports.

Syntax Description
stpd_name all port_list Specifies an STPD on the switch. Specifies all ports for a given STPD. Specifies one or more ports or slots and ports.

Default
Enabled.

Usage Guidelines
If you create an STPD with a unique name, the keyword stpd is optional. If STP is enabled for a port, BPDUs are generated and processed on that port if STP is enabled for the associated STPD. You must configure one or more STPDs before you can use the enable stpd ports command. To create an STPD, use the create stpd <stpd_name> command. If you have considerable knowledge and experience with STP, you can configure the STPD using the configure stpd commands. However, the default STP parameters are adequate for most networks.

Example
The following command enables slot 2, port 4 on an STPD named Backbone_st:
enable stpd backbone_st ports 2:4

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

971

STP Commands

enable stpd rapid-root-failover


enable stpd <stpd_name> rapid-root-failover

Description
Enables rapid root failover for faster STP recovery times.

Syntax Description
stpd_name Specifies an STPD name on the switch.

Default
Disabled.

Usage Guidelines
If you create an STPD with a unique name, the keyword stpd is optional. To view the status of rapid root failover on the switch, use the show stpd command. The show stpd command displays information about the STPD configuration on the switch including the enable/ disable state for rapid root failover.

Example
The following command enables rapid root fail over on STPD Backbone_st:
enable stpd backbone_st rapid-root-failover

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

972

ExtremeWare XOS 11.3 Command Reference

show stpd

show stpd
show stpd {<stpd_name> | detail}

Description
Displays STPD settings on the switch.

Syntax Description
stpd_name detail Specifies an STPD on the switch. Specifies that STPD settings should be shown for each STPD.

Default
N/A.

Usage Guidelines
The command displays the following STPD information:

STPD name STPD state STPD mode of operation Autobind mode Rapid Root Failover Tag Ports Active VLANs Bridge Priority Bridge ID Designated root STPD configuration information

You can create, configure, and enable one or more STPDs and use the show stpd command to display STP configurations. Use the create stpd <stpd_name> command to create an STPD. Use the enable stpd {<stpd_name>} command to enable an STPD. If you have considerable knowledge and experience with STP, you can configure the STPD using the configure stpd commands. However, the default STP parameters are adequate for most networks. If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If you do not specify the stpd keyword, an error message similar to the following is displayed:
%% Ambiguous command: "show Test"

In this example, to view the settings of the STPD Test, enter show stpd Test.

ExtremeWare XOS 11.3 Command Reference

973

STP Commands If your STPD has a name unique only to that STPD, the keyword stpd is optional.

Example
The following command displays STPD settings on an STPD named Backbone_st:
show stpd backbone_st

The following is sample output from this command:


Stpd: backbone_st Stp: ENABLED Number of Ports: 51 Rapid Root Failover: Disabled Operational Mode: 802.1W Default Binding Mode: 802.1D 802.1Q Tag: (none) Ports: 1:1,1:2,2:1,2:2,3:1,3:2,4:1,4:2,5:1,5:2, 5:3,5:4,5:5,5:6,5:7,5:8,5:9,5:10,5:11,5:12, 5:13,5:14,5:15,5:16,5:17,5:18,5:19,5:20,5:21,5:22, 5:23,5:24,5:25,5:26,5:27,5:28,5:29,5:30,5:31,5:32, 5:33,5:34,5:35,5:36,5:37,5:38,5:39,5:40,5:41,5:42, 5:43 Participating Vlans: Default Auto-bind Vlans: Default Bridge Priority: 5000 BridgeID: 13:88:00:01:30:f4:06:80 Designated root: 0a:be:00:01:30:28:b7:00 RootPathCost: 19 Root Port: 28 MaxAge: 20s HelloTime: 2s ForwardDelay: 15s CfgBrMaxAge: 20s CfgBrHelloTime: 2s CfgBrForwardDelay: 15s Topology Change Time: 35s Hold time: 1s Topology Change Detected: FALSE Topology Change: FALSE Number of Topology Changes: 7 Time Since Last Topology Change: 4967s

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

974

ExtremeWare XOS 11.3 Command Reference

show stpd ports

show stpd ports


show stpd <stpd_name> ports {[detail | <port_list> {detail}]}

Description
Displays the STP state of a port.

Syntax Description
stpd_name port_list detail Specifies an STPD name. Specifies one or more ports or slots and ports. Specifies more detailed information about one or more ports of the STPD.

Default
N/A.

Usage Guidelines
This command displays the following:

STPD port configuration STPD port encapsulation mode STPD path cost STPD priority STPD state (root bridge, and so on) Port role (root bridge, edge port, etc.) STPD port state (forwarding, blocking, and so on) Configured port link type Operational port link type

Use the detail option to display detailed formats for all ports or for the specified ports. If your STPD has the same name as another component, for example a VLAN, Extreme Networks recommends that you specify the identifying keyword as well as the name. If you do not specify the stpd keyword, an error message similar to the following is displayed:
%% Ambiguous command: "show Test ports"

In this example, to view all of the port settings of STPD Test, enter show stpd Test ports. If your STPD has a name unique only to that STPD, the keyword stpd is optional.

ExtremeWare XOS 11.3 Command Reference

975

STP Commands

Example
The following command displays the state of slot 3, ports 1 through 3 on an STPD named s0:
show stpd S0 ports 3:1-3:3

The following is sample output from this command:


Port 3:1 3:2 3:3 Mode 802.1D 802.1D 802.1D State FORWARDING FORWARDING FORWARDING Cost 100 100 100 Flags e------e------e------Priority 16 16 16 Port ID 16641 16642 16643 Designated Bridge 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00

Total Ports: 3 ------------------------- Flags: ---------------------------1: e=Enable, d=Disable 2: (Port role) R=Root, D=Designated, A=Alternate, B=Backup 3: (Config type) b=broadcast, p=point-to-point, e=edge, a=auto 4: (Oper. type) b=broadcast, p=point-to-point, e=edge 5: p=proposing, a=agree 6: (partner mode) d = 802.1d, w = 802.1w, s = 802.1s 7: i = edgeport inconsistency

The following command displays the detailed information for the ports in STPD S0:
show stpd S0 ports detail

The following is sample output from this command:


Stpd: s0 Port: 1:1 PortId: 8002 Port Mode: 802.1D Port State: FORWARDING Topology Change Port Priority: 16 Designated Root: 00:00:00:00:00:00:00:00 Designated Bridge: 00:00:00:00:00:00:00:00 Partner STP version: Dot1d Participating Vlans: Default Stpd: s0 Port: 1:2 PortId: 8002 Port Mode: 802.1D Port State: FORWARDING Topology Change Port Priority: 16 Designated Root: 00:00:00:00:00:00:00:00 Designated Bridge: 00:00:00:00:00:00:00:00 Partner STP version: Dot1d Participating Vlans: Default Stp: ENABLED Ack: FALSE Designated Cost: 0 Designated Port Id: 0 Path Cost: 19

Stp: ENABLED Ack: FALSE

Path Cost: 19

Designated Cost: 0 Designated Port Id: 0

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

976

ExtremeWare XOS 11.3 Command Reference

show vlan stpd

show vlan stpd


show vlan <vlan_name> stpd

Description
Displays the STP configuration of the ports assigned to a specific VLAN.

Syntax Description
vlan_name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
If you have a VLAN that spans multiple STPDs, use this command to display the STP configuration of the ports assigned to that specific VLAN. This command displays the following:

STPD port configuration STPD port mode of operation STPD path cost STPD priority STPD state (root bridge, and so on) Port role (root bridge, edge port, etc.) STPD port state (forwarding, blocking, and so on) Configured port link type Operational port link type

If your VLAN has the same name as another component, for example an STPD, Extreme Networks recommends that you specify the identifying keyword as well as the name. If you do not specify the vlan keyword, the switch displays an error message similar to the following:
%% Ambiguous command: "show Test stpd"

In this example, to view the STPD state of VLAN Test, enter show vlan Test stpd. If you enter a VLAN name that is not associated with an STPD or does not exist, the switch displays an error message similar to the following:
Failed to find vlan 'vlan1' or it has no STP domains configured on it

If this happens, check to make sure you typed the correct name of the VLAN and that the VLAN is associated with an STPD.

ExtremeWare XOS 11.3 Command Reference

977

STP Commands If your VLAN has a name unique only to that VLAN, the keyword vlan is optional.

Example
The following command displays the spanning tree configurations for the vlan Default:
show vlan default stpd

The following is sample output from this command:


s0(enabled) Port 1:1 1:2 1:3 1:4 1:5 1:6 1:7 1:8 Mode 802.1D 802.1D 802.1D 802.1D 802.1D 802.1D 802.1D 802.1D Tag: (none) State LEARNING DISABLED DISABLED LEARNING LEARNING DISABLED DISABLED DISABLED Ports: 8 Root/P/C: 80:00:00:01:30:94:79:00/-----/0 Cost 19 4 4 4 4 4 4 4 Flags eDbb-de-----e-----eDbb-deDbb-de-----e-----e-----Priority 16 16 16 16 16 16 16 16 Port ID Designated Bridge 8001 80:00:00:01:30:94:79:00 8002 00:00:00:00:00:00:00:00 8003 00:00:00:00:00:00:00:00 8004 80:00:00:01:30:94:79:00 8005 80:00:00:01:30:94:79:00 8006 00:00:00:00:00:00:00:00 8007 00:00:00:00:00:00:00:00 8008 00:00:00:00:00:00:00:00

------------------------- Flags: ---------------------------1: e=Enable, d=Disable 2: (Port role) R=Root, D=Designated, A=Alternate, B=Backup 3: (Config type) b=broadcast, p=point-to-point, e=edge, a=auto 4: (Oper. type) b=broadcast, p=point-to-point, e=edge 5: p=proposing, a=agree 6: (partner mode) d=802.1d, w=802.1w, s=802.1s 7: i=edgeport inconsistency

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

978

ExtremeWare XOS 11.3 Command Reference

unconfigure stpd

unconfigure stpd
unconfigure stpd {<stpd_name>}

Description
Restores default STP values to a particular STPD or all STPDs.

Syntax Description
stpd_name Specifies an STPD name on the switch.

Default
N/A.

Usage Guidelines
If you create an STPD with a unique name, the keyword stpd is optional. Use this command to restore default STP values to a particular STPD. If you want to restore default STP values on all STPDs, do not specify a spanning tree name.

Example
The following command restores default values to an STPD named Backbone_st:
unconfigure stpd backbone_st

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

979

STP Commands

unconfigure stpd ports link-type


unconfigure stpd <stpd_name> ports link-type <port_list>

Description
Returns the specified port to the factory default setting of broadcast link.

Syntax Description
stpd_name port_list Specifies an STPD name on the switch. Specifies one or more ports or slots and ports.

Default
All ports are broadcast link types.

Usage Guidelines
If your STPD has the same name as another component, for example a VLAN, you must enter the stpd keyword to specify the STPD. If your STPD has a name unique only to that STPD, the keyword stpd is optional. If the switch operates in 802.1D mode, any configured port link type will behave the same as the broadcast link type.

Example
The following command configures slot 2, ports 1 through 4 to return to the factory default of broadcast links in STPD s1:
unconfigure stpd s1 ports link-type 2:1-2:4

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

980

ExtremeWare XOS 11.3 Command Reference

20 ESRP Commands
This chapter describes the commands for:

Enabling and disabling ESRP Performing ESRP configuration Enabling and disabling port restart and failure tracking for ESRP Displaying ESRP configuration information Enabling and disabling ELRP in an ESRP environment

Extreme Standby Router Protocol


The Extreme Standby Router Protocol (ESRP) is a feature of ExtremeWare XOS that allows multiple switches to provide redundant Layer 3 routing services to users. In addition to providing Layer 3 routing redundancy, ESRP also provides for Layer 2 redundancy. You can use these layered redundancy features in combination or independently. The Layer 2 redundancy features of ESRP offer fast failure recovery and provide for dual-homed system design. In some instances, depending on network system design, ESRP can provide better resiliency than using the Spanning Tree Protocol (STP) or Virtual Router Redundancy Protocol (VRRP). You configure ESRP on a per domain basis on each switch. A maximum of two switches can participate in providing redundant Layer 3 or Layer 2 services to a single virtual LAN (VLAN). If you configure and use ESRP groups, more than two switches can provide redundant Layer 2 or Layer 3 services to a single vlan. The switches exchange keep-alive packets for each VLAN independently. Only one switch (the master) can actively provide Layer 3 routing and/or Layer 2 switching for each VLAN. This switch handles the forwarding, address resolution protocol (ARP) requests, and forwarding for this particular VLAN. Other participating switches for the VLAN are in slave mode waiting for an ESRP state change. To participate in ESRP, the following must be true:

A VLAN can belong to only one ESRP domain. The IP address for the VLANs participating in an ESRP domain must be identical. All switches in the ESRP network must use the same election algorithm, otherwise loss of connectivity, broadcast storms, or other unpredictable behavior may occur. If you have an untagged master VLAN, you must specify an ESRP domain ID. The domain ID must be identical on all switches participating in ESRP for that particular domain. If you have a tagged master VLAN, ESRP uses the 802.1Q tag (VLANid) of the master VLAN for the ESRP domain ID. If you do not use the VLANid as the domain ID, you must specify a different domain ID. As previously described, the domain ID must be identical on all switches participating in ESRP for that particular domain.

Extreme Networks recommends that all switches participating in ESRP run the same version of ExtremeWare XOS. Not all ESRP features are available in all ExtremeWare XOS software releases.

ExtremeWare XOS 11.3 Command Reference

981

ESRP Commands

ESRP Modes of Operation


ExtremeWare XOS has two modes of ESRP operation: standard and extended. Select standard if your network contains some switches running ExtremeWare, others running ExtremeWare XOS, and a combination of those switches participating in ESRP. Standard ESRP is backward compatible with and supports the ESRP functionality of ExtremeWare. Select extended ESRP if your network contains switches running only ExtremeWare XOS. Extended mode ESRP supports and is compatible with switches running ExtremeWare XOS. By default, ExtremeWare XOS operates in extended mode.

ESRP-Aware Switches
Extreme Networks switches that are not actively participating in ESRP but are connected on a network that has other Extreme Networks switches running ESRP are ESRP-aware. When ESRP-aware switches are attached to ESRP-enabled switches, the ESRP-aware switches reliably perform failover and failback scenarios in the prescribed recovery times. For an Extreme Networks switch to be ESRP-aware, you must create an ESRP domain on the aware switch (however, you do not enable the ESRP domain), add a master VLAN to that ESRP domain, and configure a domain ID, if necessary. To participate as an ESRP-aware switch, the following must be true:

The ESRP domain name must identical on all switches (ESRP-enabled and ESRP-aware) participating in ESRP for that particular domain. The master VLAN name and IP address must be identical on all switches (ESRP-enabled and ESRPaware) participating in ESRP for that particular domain. The domain ID must be identical on all switches (ESRP-enabled or ESRP-aware) participating in ESRP for that particular domain.

If you have an untagged master VLAN, you must specify an ESRP domain ID. If you have a tagged master VLAN, ESRP uses the 802.1Q tag (VLANid) of the master VLAN for the ESRP domain ID. If you do not use the VLANid as the domain ID, you must specify a different domain ID.

Extreme Loop Recovery Protocol


ExtremeWare XOS 11.1 introduces support for the Extreme Loop Recovery Protocol (ELRP). ELRP is a feature of ExtremeWare XOS that allows you to prevent, detect, and recover from Layer 2 loops in the network. You can use ELRP with other protocols such as ESRP. With ELRP, each switch, except for the sender, treats the ELRP PDU as a Layer 2 multicast packet. The sender uses the source and destination MAC addresses to identify the packet it sends and receives. When the sender receives its original packet back, that triggers loop detection and prevention. Once a loop is detected, the loop recovery agent is notified of the event and takes the necessary actions to recover from the loop. ELRP operates only on the sending switch; therefore, ELRP operates transparently across the network. Details of using the standalone ELRP client are discussed in the ExtremeWare XOS User Guide chapter, Troubleshooting, and the commands used to configure standalone ELRP are described in Appendix B, Troubleshooting Commands.

982

ExtremeWare XOS 11.3 Command Reference

clear esrp counters

clear esrp counters


clear esrp counters

Description
Clears the statistics gathered by ESRP for all ESRP domains on the switch.

Syntax Description
This command has no arguments or variables.

Default
None.

Usage Guidelines
Use this command to clear the state transition and the protocol packet counters gathered by ESRP. The state transition count displays the number of times the ESRP domain entered the following states:

AwareAn Extreme switch that does not participate in ESRP elections but is capable of listening to ESRP Bridge Protocol Data Units (BPDUs). MasterThe master switch is the device with the highest priority based on the election algorithm. The master is responsible for responding to clients for Layer 3 routing and Layer 2 switching for the ESRP domain. NeutralThe neutral state is the initial state entered by the switch. In a neutral state, the switch waits for ESRP to initialize and run. A neutral switch does not participate in ESRP elections. PreMasterThe pre-master state is an ESRP switch that is ready to be master but is going through possible loop detection prior to transitioning to master. SlaveThe slave switch participates in ESRP but is not elected or configured the master and does not respond to ARP requests but does exchange ESRP packets with other switches on the same VLAN. The slave switch is available to assume the responsibilities of the master switch if the master becomes unavailable or criteria for ESRP changes. If the slave is in extended mode, it does not send ESRP hello messages; however, it sends PDUs that may trigger a change in the master switch. For more information about configuring the ESRP mode of operation on the switch, see the
configure esrp mode [extended | standard] command. By default, ESRP operates in extended

mode. To display information about the ESRP domain, including the previously described states, use the show
esrp {<name>} command.

The protocol packet count displays the number of times ESRP, ESRP-aware, and ESRP error packets were transmitted and received. To display information about the ESRP counters, use the show esrp {<name>} counters command.

ExtremeWare XOS 11.3 Command Reference

983

ESRP Commands

Example
The following command clears the statistics gathered by ESRP:
clear esrp counters

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

984

ExtremeWare XOS 11.3 Command Reference

clear esrp neighbor

clear esrp neighbor


clear esrp <esrpDomain> neighbor

Description
Clears the neighbor information for the specified ESRP domain.

Syntax Description
esrpDomain Specifies the name of an ESRP domain.

Default
N/A.

Usage Guidelines
If you add a new switch to your ESRP domain, use this command to clear the existing neighbor information for the ESRP domain. After the switch is up, running, and configured as an ESRP-aware or ESRP-enabled device, new neighbor information is learned. Before using this command, schedule a downtime for your network. Use this command for maintenance purposes only.

Example
The following command clears the existing neighbor information on the ESRP domain esrp1 after adding a new switch to the ESRP domain:
clear esrp esrp1 neighbor

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

985

ESRP Commands

clear esrp sticky


clear esrp <esrpDomain> sticky

Description
Clears the stickiness in the ESRP domain and forces the election of the ESRP master switch.

Syntax Description
esrpDomain Specifies the name of an ESRP domain.

Default
N/A.

Usage Guidelines
Use the clear esrp sticky command to force the election of the ESRP master switch. Before using this command, schedule a downtime for your network. For example, without stickiness configured, if an event causes the ESRP master to failover to the backup, the previous backup becomes the new master. If another event causes the new master to return to backup, you have experienced two network interruptions. To prevent this, use the configure esrp election-policy and select stickiness as an election algorithm. If you use sticky as an election metric, and an event causes the ESRP master to failover, ESRP assigns the new master with the highest sticky election metric of 1. Therefore, regardless of changes to the neighbors election algorithm, the new master retains its position. Sticky is set on the master switch only. ESRP re-election can occur if sticky is set on the master and a local event occurs. During this time, if the current master has lower election parameters, the backup can become the new master. If you use clear esrp <esrpDomain> sticky command, it only affects the current master and can trigger ESRP re-election.

Example
The following command clears the stickiness on the ESRP domain esrp1:
clear esrp esrp1 sticky

History
This command was first available in ExtremeWare XOS 11.0.

986

ExtremeWare XOS 11.3 Command Reference

clear esrp sticky

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

987

ESRP Commands

configure esrp add elrp-poll ports


configure esrp <esrpDomain> add elrp-poll ports [<ports> | all]

Description
Configures the ports of an ESRP domain where ELRP packet transmission is requested by ESRP.

Syntax Description
esrpDomain ports all Specifies an ESRP domain name. Specifies list of slots and ports. Specifies all ports in the ESRP domain.

Default
All ports of an ESRP domain have ELRP transmission enabled.

Usage Guidelines
This command allows you to configure the ports in your network that might experience loops, such as ports that connect to master, slave, or ESRP-aware switches, to receive ELRP packets. You do not need to send ELRP packets to host ports.

Example
The following command enables ELRP packet transmission for slot 2, ports 3-5 on ESRP domain esrp1:
configure esrp esrp1 add elrp-poll ports 2:3-2:5

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

988

ExtremeWare XOS 11.3 Command Reference

configure esrp add master

configure esrp add master


configure esrp <esrpDomain> add master <vlan_name>

Description
Adds a master VLAN to an ESRP domain.

Syntax Description
esrpDomain vlan_name Specifies the name of an ESRP domain. Specifies the name of the master VLAN.

Default
N/A.

Usage Guidelines
You must configure one master VLAN for each ESRP domain. A master VLAN can belong to one ESRP domain only. An ESRP domain contains one master and zero or more member VLANs. The master VLAN:

Exchanges ESRP PDUs, hello messages, and data between a pair of ESRP-enabled switches. Contains the total number of active physical ports that are counted when determining the master ESRP domain. The switch with the highest number of active ports takes priority.

Master VLANs can have their own set of ports, and member VLANs can have a different set of ports. The state of the ESRP device determines whether the ports in the master and member VLANs are in the forwarding or blocking state.

Example
The following command adds the master VLAN purple to the ESRP domain esrp1:
configure esrp esrp1 add master purple

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

989

ESRP Commands

configure esrp add member


configure esrp <esrpDomain> add member <vlan_name>

Description
Adds a member VLAN to an ESRP domain.

Syntax Description
esrpDomain vlan_name Specifies the name of an ESRP domain. Specifies the name of the member VLAN.

Default
N/A.

Usage Guidelines
You can configure zero or more member VLANs for each ESRP domain. An ESRP domain contains one master and zero or more member VLANs. Master VLANs can have their own set of ports, and member VLANs can have a different set of ports. The state of the ESRP device determines whether the ports in the master and member VLANs are in the forwarding or blocking state.

Example
The following command adds the member VLAN green to the ESRP domain esrp1:
configure esrp esrp1 add member vlan green

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

990

ExtremeWare XOS 11.3 Command Reference

configure esrp add track-environment

configure esrp add track-environment


configure esrp <esrpDomain> add track-environment failover <priority>

Description
Configures an ESRP domain to track environmental failures.

Syntax Description
esrpDomain priority Specifies an ESRP domain name. Specifies a number between 0 and 254. The default priority is 255. See the following "Usage Guidelines" section for more information.

Default
No environmental tracking.

Usage Guidelines
Environmental tracking tracks power supply and chassis temperature status. If a failure is detected, the ESRP domain priority steps to the failover-priority value specified. By setting the failover priority to be lower than the normal priority of the domain, it will cause the affected domain to go into slave mode. The range of the priority value is 0 to 254. Setting the priority to 255 configures the switch to slave mode, and to be ineligible to become the master. The switch will remain in slave mode even when the VLAN fails over from the current master. To make effective use of this feature, the normal priority of the ESRP domain must be higher than the failover priority of this command.

Example
The following command enables environmental failure tracking, and specifies that the ESRP priority for ESRP domain esrp1 be set to 10 upon an environmental failure.
configure esrp esrp1 add track-environment failover 10

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

991

ESRP Commands

configure esrp add track-iproute


configure esrp <esrpDomain> add track-iproute <ipaddress>/<masklength>

Description
Configures an ESRP domain to track a route entry in the systems routing table.

Syntax Description
esrpDomain ipaddress masklength Specifies an ESRP domain name. Specifies the IP address of the route entry to be tracked. Specifies the subnet of the route entry to be tracked.

Default
Disabled.

Usage Guidelines
The track-ip metric consists of the total number of tracked IP routes that are up or functional. An ESRP domain can track eight IP routes.

Example
The following command enables IP route failure tracking for routes to the specified subnet:
configure esrp esrp1 add track-iproute 192.168.46.0/24

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

992

ExtremeWare XOS 11.3 Command Reference

configure esrp add track-ping

configure esrp add track-ping


configure esrp <esrpDomain> add track-ping <ipaddress> frequency <seconds> miss <misses>

Description
Configures an ESRP domain to track an external gateway using ping.

Syntax Description
esrpDomain ipaddress seconds misses Specifies an ESRP domain name. Specifies the IP address of the external gateway. Specifies the interval in seconds between ping requests. Specifies the number of consecutive ping failures that will initiate failover to an ESRP slave.

Default
No ping tracking.

Usage Guidelines
The tracked-ping metric consists of the total number of stations that are successfully tracked using ping. ESRP uses an aggregate of tracked pings and traced routes to track an external gateway. An ESRP domain can track eight stations.

Example
The following command enables ping tracking for the external gateway at 10.207.29.17, pinging every 10 seconds, and considering the gateway to be unreachable if no response is received to 5 consecutive pings:
configure esrp esrp1 add track-ping 10.207.29.17 frequency 10 miss 5

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

993

ESRP Commands

configure esrp add track-vlan


configure esrp <esrpDomain> add track-vlan <vlan_name>

Description
Configures an ESRP domain to track port connectivity to a specified VLAN.

Syntax Description
esrpDomain vlan_name Specifies an ESRP domain name. Specifies the VLAN to be tracked.

Default
Disabled.

Usage Guidelines
The track-vlan metric is derived from the total number of active physical ports on the VLAN being tracked by the ESRP domain. If more than one VLAN shares a physical link, each VLAN counts the physical link. The ESRP switch should have a higher priority number than its neighbors to ensure master election. An ESRP domain can track one VLAN, and the tracked VLAN should not be a member of any other ESRP domain in the system.

Example
The following command enables ESRP domain esrp1 to track port connectivity to VLAN engineering:
configure esrp esrp1 add track-vlan engineering

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

994

ExtremeWare XOS 11.3 Command Reference

configure esrp delete elrp-poll ports

configure esrp delete elrp-poll ports


configure esrp <esrpDomain> delete elrp-poll ports [<ports> | all]

Description
Disables ELRP packet transmission on ports of an ESRP domain.

Syntax Description
esrpDomain ports all Specifies an ESRP domain name. Specifies list of slots and ports in the ESRP domain. Specifies all ports in the ESRP domain.

Default
All ports of an ESRP domain have ELRP transmission enabled.

Usage Guidelines
If you have host ports on an ESRP domain, you do not need to send ELRP packets to those ports. If you change your network configuration, and a port no longer connects to a master, slave, or ESRPaware switch, you can disable ELRP transmission on that port.

Example
The following command disables ELRP packet transmission for slot 2, ports 3-5 on ESRP domain esrp1:
configure vlan esrp1 delete elrp-poll ports 2:3-2:5

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

995

ESRP Commands

configure esrp delete master


configure esrp <esrpDomain> delete master <vlan_name>

Description
Deletes the specifies master VLAN from the specified ESRP domain.

Syntax Description
esrpDomain vlan_name Specifies the name of an ESRP domain. Specifies the name of the master VLAN.

Default
N/A.

Usage Guidelines
You must disable the ESRP domain before removing the master VLAN. To disable the ESRP domain, use the disable esrp {<esrpDomain>} command. If you attempt to remove the master VLAN before disabling the ESRP domain, the switch displays an error message similar to the following:
ERROR: Failed to delete master vlan for domain "esrp1" ; ESRP is enabled!

If this happens, disable the ESRP domain and re-issue the configure esrp delete master command.

Example
The following command deletes the master VLAN purple from the ESRP domain esrp1:
configure esrp esrp1 delete master purple

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

996

ExtremeWare XOS 11.3 Command Reference

configure esrp delete member

configure esrp delete member


configure esrp <esrpDomain> delete member <vlan_name>

Description
Deletes a member VLAN from the specified ESRP domain.

Syntax Description
esrpDomain vlan_name Specifies the name of an ESRP domain. Specifies the name of the member VLAN.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes the member VLAN green from the ESRP domain esrp1:
configure esrp esrp1 delete member vlan green

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

997

ESRP Commands

configure esrp delete track-environment


configure esrp <esrpDomain> delete track-environment

Description
Disables environmental failure tracking for an ESRP domain.

Syntax Description
esrpDomain Specifies an ESRP domain name.

Default
No environmental tracking.

Usage Guidelines
None.

Example
The following command disables environmental failure tracking for ESRP domain esrp1:
configure esrp esrp1 delete track-environment

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

998

ExtremeWare XOS 11.3 Command Reference

configure esrp delete track-iproute

configure esrp delete track-iproute


configure esrp <esrpDomain> delete track-iproute <ipaddress>/<masklength>

Description
Disables route entry tracking for an ESRP domain.

Syntax Description
esrpDomain ipaddress masklength Specifies an ESRP domain name. Specifies the IP address of the route entry to be tracked. Specifies the subnet of the route entry to be tracked.

Default
Disabled.

Usage Guidelines
If you disable route tracking for a failed route, the ESRP domain recovers from the forced standby state. If you disable route tracking for a route that is up and functional, there is no impact on the ESRP state.

Example
The following command disables tracking of routes to the specified subnet for ESRP domain esrp1:
configure esrp esrp1 delete track-iproute 192.168.46.0/24

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

999

ESRP Commands

configure esrp delete track-ping


configure esrp <esrpDomain> delete track-ping <ipaddress>

Description
Disables the tracking of an external gateway using ping.

Syntax Description
esrpDomain ipaddress Specifies an ESRP domain name. Specifies the IP address of the external gateway.

Default
No ping tracking.

Usage Guidelines
If you disable ping tracking for a failed ping, the ESRP domain recovers from the forced standby state. If you disable route tracking for a successful ping, there is no impact on the ESRP state.

Example
The following command disables ping tracking for the external gateway at 10.207.29.17:
configure esrp esrp1 delete track-ping 10.207.29.17

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1000

ExtremeWare XOS 11.3 Command Reference

configure esrp delete track-vlan

configure esrp delete track-vlan


configure esrp <esrpDomain> delete track-vlan <vlan_name>

Description
Disables the tracking of port connectivity to a specified VLAN.

Syntax Description
esrpDomain vlan_name Specifies an ESRP domain name. Specifies the VLAN to be tracked.

Default
Disabled.

Usage Guidelines
If you delete a VLAN that is down, the ESRP domain recovers from the forced standby state.

Example
The following command disables the tracking of port connectivity to VLAN engineering:
configure esrp esrp1 delete track-vlan engineering

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1001

ESRP Commands

configure esrp domain-id


configure esrp <esrpDomain> domain-id <number>

Description
Assigns an ESRP domain ID to an ESRP domain.

Syntax Description
esrpDomain number Specifies the name of an ESRP domain. Specifies the number to use for the ESRP domain ID. The user-configured ID range is 4096 through 65,535.

Default
If the master VLAN is tagged, ESRP uses that VLANid for the ESRP domain ID. If the master VLAN is untagged, you must specify the ESRP domain ID.

Usage Guidelines
Before you enable a specific ESRP domain, it must have a domain ID. A domain ID is either a userconfigured number or the VLANid of the tagged master VLAN. If you do not have a domain ID, you cannot enable ESRP on that domain. Each switch participating in ESRP for a particular domain must have the same domain ID configured. The number parameter range for user-configured domain IDs is 4096 through 65,535. If the master VLAN is tagged, you can use that VLANid for the ESRP domain ID. The range for VLAN tags is 2 through 4095. Tag 1 is assigned to the default VLAN.

Example
The following command assigns the domain ID 5000 to ESRP domain esrp1:
configure esrp esrp1 domain-id 5000

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1002

ExtremeWare XOS 11.3 Command Reference

configure esrp election-policy

configure esrp election-policy


configure esrp <esrpDomain> election-policy [ports > track > priority | ports > track > priority > mac | priority > mac | priority > ports > track > mac | priority > track > ports > mac | sticky > ports > track > priority | sticky > ports > track > priority > mac | sticky > ports > weight > track > priority > mac | sticky > priority > mac | sticky > priority > ports > track > mac | sticky > priority > track > ports > mac | sticky > track > ports > priority > | track > ports > priority | track > ports > priority > mac >]

Description
Configures the election algorithm on the switch.

Syntax Description
esrpDomain ports > track > priority ports > track > priority > mac Specifies an ESRP domain name. Specifies that this ESRP domain should consider election factors in the following order: Active ports, tracking information, ESRP priority. Specifies that this ESRP domain should consider election factors in the following order: Active ports, tracking information, ESRP priority, MAC address. NOTE: This is the default election algorithm for standard mode. priority > mac priority > ports > track > mac priority > track > ports > mac sticky > ports > track > priority sticky > ports > track > priority > mac sticky > ports > weight > track > priority > mac Specifies that this ESRP domain should consider election factors in the following order: ESRP priority, MAC address. Specifies that this ESRP domain should consider election factors in the following order: ESRP priority, active ports, tracking information, MAC address. Specifies that this ESRP domain should consider election factors in the following order: ESRP priority, tracking information, active ports, MAC address. Specifies that this ESRP domain should consider election factors in the following order: Stickiness, active ports, tracking information, ESRP priority. Specifies that this ESRP domain should consider election factors in the following order: Stickiness, active ports, tracking information, ESRP priority, MAC address. Specifies that this ESRP domain should consider election factors in the following order: Stickiness, active ports, port weight, tracking information, ESRP priority, MAC address. NOTE: Beginning with ExtremeWare XOS 11.1 and later, this is the default election algorithm for extended mode. sticky > priority > mac sticky > priority > ports > track > mac sticky > priority > track > ports > mac Specifies that this ESRP domain should consider election factors in the following order: Stickiness, ESRP priority, MAC address. Specifies that this ESRP domain should consider election factors in the following order: Stickiness, ESRP priority, active ports, tracking information, MAC address. Specifies that this ESRP domain should consider election factors in the following order: Stickiness, ESRP priority, tracking information, active ports, MAC address.

ExtremeWare XOS 11.3 Command Reference

1003

ESRP Commands

sticky > track > ports > priority track > ports > priority track > ports > priority > mac

Specifies that this ESRP domain should consider election factors in the following order: Stickiness, tracking information, active ports, ESRP priority. Specifies that this ESRP domain should consider election factors in the following order: Tracking information, active ports, ESRP priority. Specifies that this ESRP domain should consider election factors in the following order: Tracking information, active ports, ESRP priority, MAC address.

Default
In extended mode, the default election algorithm is sticky > ports > weight > track > priority
> mac.

In standard mode, the default election algorithm is ports > track > priority > mac.

Usage Guidelines
The election algorithm determines the order of precedence of the election factors used to determine the ESRP Master. The election factors are:

Stickiness (sticky): the switch with the higher sticky value has higher priority. When an ESRP domain claims master, its sticky value is set to 1 (available in extended mode only). Active Ports (ports): the number of active ports (the switch with the highest number takes priority) Tracking Information (track): whether the switch is using ESRP tracking. A switch using tracking has priority. ESRP Priority (priority): a user-defined priority number between 0 and 254. A higher number has higher priority. The default priority setting is 0. A priority setting of 255 makes an ESRP switch a standby switch that remains in slave mode until you change the priority setting. Extreme Networks recommends this setting for system maintenance. A switch with a priority setting of 255 will never become the master. MAC address (mac): the switch MAC address. A higher-number address has priority. Active port weight (weight)The switch that has the highest port weight takes precedence. The bandwidth of the port automatically determines the port weight (available only in extended mode). ESRP does not count ports with a weight of 0 (known as dont count ports) regardless of ESRP running in extended or standard mode.

The election algorithm must be the same on all switches for a particular ESRP domain. The election algorithms that use sticky are and weight are available in extended mode only. In ExtremeWare XOS 11.0, the extended mode default election algorithm is: sticky > ports > track > priority > mac > weight. This election algorithm is not supported in ExtremeWare XOS 11.1. Factors to Consider. The ports-track-priority or track-ports-priority options can be used to ensure that there is no failback if the original Master recovers (the Master will have the same ports, tracks and priority, but a higher MAC). Any of the options with sticky can also be used to ensure that there is no failback if the original master recovers. With sticky, if an event causes the ESRP master to failover, ESRP assigns the new master with the sticky count of 1. After sticky is set on the master, regardless of changes to its neighbors election algorithm, the new master retains its position. For example, adding active ports to the slave does not cause the new master to failback to the original master, even if the slave has more active ports than the master. Sticky algorithms provide for fewer network interruptions than non-sticky algorithms. Sticky is set on the master switch only.

1004

ExtremeWare XOS 11.3 Command Reference

configure esrp election-policy ESRP re-election can occur if sticky is set on the master and a local event occurs. During this time, if the current master has lower election parameters, the backup can become the new master. Switch Behavior . If a switch is master, it actively provides Layer 3 routing services to other VLANs, and Layer 2 switching between all the ports of that VLAN. Additionally, the switch exchanges ESRP packets with other switches that are in slave mode. If a switch is in slave mode, it exchanges ESRP packets with other switches on that same VLAN. When a switch is in slave mode, it does not perform Layer 3 routing or Layer 2 switching services for the VLAN. Updating the Election Algorithm . ESRP uses the default election policy for extended mode. If you have an ESRP domain operating in standard mode, the domain ignores the sticky and weight algorithms. To change the election algorithm, you must first disable the ESRP domain and then configure the new election algorithm. If you attempt to change the election algorithm without disabling the domain first, an error message appears. To disable the ESRP domain, use the following command:
disable esrp {<esrpDomain>}

To modify the election algorithm, use the following command:


configure esrp <esrpDomain> election-policy [ports > track > priority | ports > track > priority > mac | priority > mac | priority > ports > track > mac | priority > track > ports > mac | sticky > ports > track > priority | sticky > ports > track > priority > mac | sticky > ports > weight > track > priority > mac | sticky > priority > mac | sticky > priority > ports > track > mac | sticky > priority > track > ports > mac | sticky > track > ports > priority > | track > ports > priority | track > ports > priority > mac >]

Example
The following command configures the election algorithm to use tracking information as the first criteria for determining the ESRP master switch for ESRP domain esrp1:
configure esrp esrp1 election-policy track > ports > priority > mac

History
This command was first available in ExtremeWare XOS 11.0. The default election algorithm for extended mode was updated to sticky > ports > weight > track > priority > mac, and the weight election factor was used in ExtremeWare XOS 11.1. The sticky > ports > track > priority > mac > weight election algorithm is not supported in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1005

ESRP Commands

configure esrp elrp-master-poll disable


configure esrp <esrpDomain> elrp-master-poll disable

Description
Disables the use of ELRP by ESRP in the master state.

Syntax Description
esrpDomain Specifies an ESRP domain name.

Default
Disabled.

Usage Guidelines
Use this command to disable the use of ELRP by ESRP in the master state. When you disable ELRP, the ESRP master switch no longer transmits ELRP PDUs to detect network loops.

Example
The following command disables the use of ELRP in the master state on ESRP domain elrp1:
configure esrp elrp1 esrp elrp-master poll disable

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1006

ExtremeWare XOS 11.3 Command Reference

configure esrp elrp-master-poll enable

configure esrp elrp-master-poll enable


configure esrp <esrpDomain> elrp-master-poll enable {interval <interval>}

Description
Enables the use of ELRP by ESRP in the master state, and configures how often the master checks for loops in the network.

Syntax Description
esrpDomain interval Specifies an ESRP domain name. Specifies how often, in seconds, successive ELRP packets are sent. The default is 1 second. The range is 1 to 64 seconds.

Default

Use of ELRP in the master statedisabled Interval1 second

Usage Guidelines
Use this command to enable the use of ELRP by ESRP in the master state. When an ESRP-enabled switch is in the master state, and you enable elrp-master-poll, the switch periodically sends ELRP PDUs at the configured interval level. If a loop is detected in the network, the transmitted PDUs are received by the switch. The ESRP master switch then transitions to the slave state to break the network loop. Extreme Networks recommends that you enable both premaster and master polling when using ELRP with ESRP. To enable premaster polling, use the configure esrp <esrpDomain> elrp-premasterpoll enable {count <count> | interval <interval>}. If you attempt to configure master polling before premaster polling, the switch displays an error message similar to the following:
ERROR: Premaster-poll should be enabled before enabling master-poll!

If this happens, first configure premaster polling followed by master polling (if required). Specify the interval parameter to configure how often successive ELRP PDUs are sent while in the master state. If you do not specify an interval value, the default value is used.

Example
The following command enables the use of ELRP in the master state on ESRP domain elrp1:
configure esrp elrp1 esrp elrp-master poll enable

The following command configures the ESRP master to check for loops in the network every 3 seconds:
configure esrp elrp1 esrp elrp-master-poll enable interval 3

ExtremeWare XOS 11.3 Command Reference

1007

ESRP Commands

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1008

ExtremeWare XOS 11.3 Command Reference

configure esrp elrp-premaster-poll disable

configure esrp elrp-premaster-poll disable


configure esrp <esrpDomain> elrp-premaster-poll disable

Description
Disables the use of ELRP by ESRP in the pre-master state.

Syntax Description
esrpDomain Specifies an ESRP domain name.

Default
Disabled.

Usage Guidelines
Use this command to disable the use of ELRP by ESRP in the pre-master state. When you disable ELRP in the pre-master state, the ESRP pre-master switch no longer transmits ELRP PDUs to detect network loops prior to changing to the master state.

Example
The following command disables the use of ELRP in the pre-master state on the ESRP domain elrp1:
configure esrp elrp1 esrp elrp-premaster poll disable

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1009

ESRP Commands

configure esrp elrp-premaster-poll enable


configure esrp <esrpDomain> elrp-premaster-poll enable {count <count> | interval <interval>}

Description
Enables the use of ELRP by ESRP in the pre-master state, and configures how many times the switch sends ELRP PDUs and how often the switch sends ELRP PDUS in the pre-master state.

Syntax Description
esrpDomain count interval Specifies an ESRP domain name. Specifies the number of times the switch sends ELRP PDUs. The default is 3. The range is 1 to 32. Specifies how often, in seconds, the ELRP PDUs are sent. The default is 1 second. The range is 1 to 32 seconds.

Default

Use of ELRP in the pre-master statedisabled Count3 times Interval1 second

Usage Guidelines
Use this command to enable the use of ELRP by ESRP in the pre-master state to prevent network loops from occurring. When an ESRP-enabled switch is in the pre-master state (waiting to become the master), and you enable elrp-premaster-poll, the switch periodically sends ELRP PDUs at the configure level for a specified number of times. If there is a loop in the network, the transmitted PDUs are received by the switch. If this happens, the ESRP pre-master switch does not transition to the master state; rather, the switch transitions to the slave state. Extreme Networks recommends that you enable both premaster and master polling when using ELRP with ESRP. To enable master polling, use the configure esrp <esrpDomain> elrp-master-poll enable {interval <interval>}. If you attempt to configure master polling before premaster polling, the switch displays an error message similar to the following:
ERROR: Premaster-poll should be enabled before enabling master-poll!

If this happens, first configure premaster polling followed by master polling (if required). If you do not specify the optional count or interval parameters, the default values are used. If the sender does not receive packets, there is no loop in the network.

1010

ExtremeWare XOS 11.3 Command Reference

configure esrp elrp-premaster-poll enable

Example
The following command enables the use of ELRPwith the default settingsin the pre-master state on ESRP domain elrp1:
configure esrp elrp1 esrp elrp-premaster poll enable

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1011

ESRP Commands

configure esrp group


configure esrp <esrpDomain> group <number>

Description
Configures the group number to be used for the ESRP domain.

Syntax Description
esrpDomain group_number Specifies an ESRP domain name. Specifies the ESRP group number to which this ESRP domain should be added. The range is 0 through 31.

Default
The default group number is 0.

Usage Guidelines
Each group runs an instance of ESRP within the same VLAN or broadcast domain. A maximum of seven ESRP groups can be defined within the same networked broadcast domain. In addition, a maximum of seven distinct ESRP groups can be supported on a single ESRP switch. You can configure a maximum of 32 ESRP groups in a network. The range for the group_number parameter is 0 through 31. The most typical application for multiple ESRP groups is when two or more sets of ESRP switches are providing fast-failover protection within a common subnet for two or more groups of users. An additional use for ESRP groups is ESRP Host Attach; ESRP VLANs that share the same ESRP HA ports must be members of different ESRP groups. You must first disable an ESRP domain before you modify an existing or add a new group number. If you try to modify the group number without disabling the ESRP domain, an error message similar to the following is displayed:
ERROR: can't change ESRP group for active domain "esrp1"!

To disable an ESRP domain, use the disable esrp {<esrpDomain>} command.

Example
The following command configures ESRP domain esrp1 to be a member of ESRP group 2:
configure esrp esrp-1 group 2

History
This command was first available in ExtremeWare XOS 11.0.

1012

ExtremeWare XOS 11.3 Command Reference

configure esrp group

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1013

ESRP Commands

configure esrp mode


configure esrp mode [extended | standard]

Description
Configures the mode of operation for ESRP on the switch.

Syntax Description
extended Specifies ESRP extended mode. This mode is compatible with devices running ExtremeWare XOS and is not backward compatible with devices running ExtremeWare. Specifies ESRP standard mode. This mode is backward compatible with devices running ExtremeWare.

standard

Default
The default mode is extended.

Usage Guidelines
Use standard ESRP if your network contains a combination of switches running ExtremeWare XOS and ExtremeWare participating in ESRP. With standard ESRP, the switches running ExtremeWare XOS are backward compatible with the switches running ExtremeWare. Use extended ESRP if your network contains switches running only ExtremeWare XOS; this is the default. If your network has switches currently running ExtremeWare, and you add a BlackDiamond 10K switch, an Aspen family switch, or a Summit X450 switch running ExtremeWare XOS, select standard ESRP. By selecting standard, the switch running ExtremeWare XOS is backward compatible with the ExtremeWare implementation of ESRP. If you use the default modeextendedand your ESRP domain contains a switch running ExtremeWare XOS that detects a neighbor switch running ExtremeWare, the mode automatically changes to standard for that domain. This action causes the switch to enter the neutral state and re-elect the ESRP master. Since you are using the default mode of operation, and the switch running ExtremeWare XOS detected a neighbor switch running ExtremeWare, the ExtremeWare XOS switch toggles to standard mode although the configured mode of operation remains as extended.

Example
The following command configures ESRP to run in standard mode:
configure esrp mode standard

1014

ExtremeWare XOS 11.3 Command Reference

configure esrp mode

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1015

ESRP Commands

configure esrp name


configure esrp <esrpDomain> name <new-name>

Description
Renames an existing ESRP domain.

Syntax Description
esrpDomain new-name Specifies the current name of an ESRP domain. Specifies a new name for the ESRP domain.

Default
N/A.

Usage Guidelines
The maximum length for a name is 32 characters. Names can contain alphanumeric characters and underscores ( _ ) but cannot be any reserved keywords, for example, esrp. Names must start with an alphabetical character, for example, a, Z. You can rename an ESRP domain regardless of its current state.

Example
The following command renames ESRP domain esrp1 to esrp3:
configure esrp esrp1 name esrp3

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1016

ExtremeWare XOS 11.3 Command Reference

configure esrp ports mode

configure esrp ports mode


configure esrp ports <ports> mode [host | normal]

Description
Configures the ESRP port mode for ESRP host attach.

Syntax Description
ports host normal Specifies one or more ports or slots and ports that should be configured. Specifies that the ports should be configured as host ports. Specifies that the ports should be configured as normal ports.

Default
The default port mode is normal.

Usage Guidelines
Ports configured as normal ports do not accept or transmit Layer 2 or Layer 3 traffic when the local ESRP device is a slave. Ports configured as host ports allow the network to continue operation independent of ESRP status. The command sets the port to forward, allowing those ports directly attached to the slaves hosts to communicate with other hosts that are connected to the master. If you use load sharing with the ESRP HA feature, configure the load-sharing group first and then enable Host Attach on the group. A Layer 2 connection for VLANs between ESRP switches is required. An ESRP Host Attach port cannot be a mirroring port, software-controlled redundant port, or Netlogin port.

Example
The following command configures ports 1 through 5 on slot 3 as host ports:
configure esrp port 3:1-3:5 mode host

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1017

ESRP Commands

configure esrp ports no-restart


configure esrp <esrpDomain> ports <ports> no-restart

Description
Disables port restart for a port.

Syntax Description
esrpDomain ports Specifies the name of the ESRP domain. Specifies one or more ports or slots and ports.

Default
N/A.

Usage Guidelines
None.

Example
The following command disables port restart for ports 7-9 on slot 3 on ESRP domain esrp1:
configure esrp esrp1 port 3:7-3:9 no-restart

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1018

ExtremeWare XOS 11.3 Command Reference

configure esrp ports restart

configure esrp ports restart


configure esrp <esrpDomain> ports <ports> restart

Description
Configures ESRP to restart ports if there is a state change and the downstream switch is from another vendor.

Syntax Description
esrpDomain ports Specifies the name of the ESRP domain. Specifies one or more ports or slots and ports.

Default
N/A.

Usage Guidelines
If an ESRP domain becomes a slave, ESRP disconnects member ports that have port restart enabled. The disconnection of these ports causes downstream devices to remove the ports from their FDB tables. After 3 seconds the ports re-establish connection with the ESRP-enabled device. This feature allows you to use ESRP in networks that include equipment from other vendors. If switch becomes a slave, ESRP disconnects the physical links of member ports that have port restart enabled. An ESRP restart port cannot be a mirroring port, software-controlled redundant port, or Netlogin port.

Example
The following command enables port restart for ports 7-9 on slot 3 on ESRP domain esrp1:
configure esrp esrp1 port 3:7-3:9 restart

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1019

ESRP Commands

configure esrp ports weight


configure esrp ports <ports> weight [auto | <port-weight>]

Description
Assigns the port weight for the specified ESRP port(s).

Syntax Description
ports auto port-weight Specifies one or more ports or slots and ports. Specifies the switch to calculate the weight of a port based on the ports bandwidth and link speed. Specifies an ESRP port weight of 0. With a port weight of 0, the ports are not counted.

Default
The switch automatically calculates the weight of a port based on the bandwidth of the port.

Usage Guidelines
Use this command to override the automatically calculated port weight. The port-weight parameter specifies a weight of 0. With this configuration, ESRP does not count host ports and normal ports as active. With a weight of 0, ESRP experiences fewer state changes due to frequent client activities like rebooting and unplugging laptops. A dont-count port cannot be a mirroring, software-controlled redundant port, or a Netlogin port. For load shared ports, configure one master port in the load-share group with the port weight. A single command specifies the weight for the entire load shared group. You can specify any port from the load share group in the command. A load-shared port has an aggregate weight of all of its member ports. If you add or delete a member port (or trunk), the weight of the master load-shared port is updated. For more information about load sharing, see Configuring Slots and Ports on a Switch in the ExtremeWare XOS Concepts Guide.

Example
The following command configures port 1 on slot 3 with a weight of 0:
configure esrp port 3:1 weight 0

History
This command was first available in ExtremeWare XOS 11.1.

1020

ExtremeWare XOS 11.3 Command Reference

configure esrp ports weight

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1021

ESRP Commands

configure esrp priority


configure esrp <esrpDomain> priority <number>

Description
Configures the ESRP priority.

Syntax Description
esrpDomain number Specifies an ESRP domain number. Specifies a number between 0 and 255.

Default
The default ESRP priority is 0.

Usage Guidelines
The ESRP priority is one of the factors used by the ESRP election algorithm in determining which switch is the Master switch. The range of the priority value is 0 to 254, with 0 being the lowest priority, 254 being the highest. If the ESRP priority is the determining criteria for the election algorithm, the highest priority value determines which switch will act as master for a particular ESRP domain. Setting the priority to 255 configures the switch to slave mode, and to be ineligible to become the master. The switch will remain in slave mode even when the ESRP domain fails over from the current master. This feature is typically used to ensure a switch cannot become the ESRP master while it is offline for servicing.

Example
The following command configures the ESRP priority to the highest priority on ESRP domainesrp1:
configure esrp esrp1 priority 254

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1022

ExtremeWare XOS 11.3 Command Reference

configure esrp timer hello

configure esrp timer hello


configure esrp <esrpDomain> timer hello <seconds>

Description
Configures the ESRP hello timer value.

Syntax Description
esrpDomain seconds Specifies an ESRP domain name Specifies the number of seconds between keep-alive packets. The range is 1 to 255 seconds.

Default
The default hello timer is 2 seconds.

Usage Guidelines
The timer specifies the interval, in seconds, for exchanging keep-alive packets between the ESRP switches for this ESRP domain. A lower value specifies a more frequent exchange of keep-alive messages, resulting in the faster detection of a failover condition. The timer setting must be configured identically for the ESRP domain across all participating switches. To see the hello settings, use the show esrp {<name>} command. The seconds range is 1 to 255. If your configuration contains more than 2,000 ESRP VLANs and 256,000 FDB entries, Extreme Networks recommends a timer setting greater than 3 seconds. To view the hello timer settings, use the show esrp {<name>} command. In a large ESRP configuration, the slave ESRP domain might inadvertently become the master ESRP domain. This can occur when FDB entries are flushed during a master-slave transition. To avoid this we recommend the general neighbor and hello timeout guidelines listed in Table 22 described in the configure esrp timer neighbor command.

Example
The following command configures the ESRP hello timer to 4 seconds for the ESRP domain esrp1:
configure esrp esrp1 timer hello 4

History
This command was first available in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

1023

ESRP Commands

Platform Availability
This command is available on all platforms.

1024

ExtremeWare XOS 11.3 Command Reference

configure esrp timer neighbor

configure esrp timer neighbor


configure esrp <esrpDomain> timer neighbor <seconds>

Description
Configures the ESRP neighbor timeout value.

Syntax Description
esrpDomain seconds Specifies an ESRP domain name. Specifies the number of seconds after which an ESRP neighbor times out. The range is 6 to 1024 seconds.

Default
The default neighbor timeout is 8 seconds (four times the hello timer).

Usage Guidelines
The neighbor timeout specifies the amount of time that ESRP waits before considering the neighbor down. The neighbor value must be at least 3 times the hello timer value. Entering a value outside of that range generates an error message similar to the following:
operation Failed. Valid timer relationship "neighbor timeout >= 3*hello ; neutral timeout >= 2*hello ; premaster timeout >= 3*hello"!

The seconds range is 3*hello to 1024 seconds. To view the neighbor timer settings, use the show esrp {<name>} command. In a large ESRP configuration, the slave ESRP domain might inadvertently become the master ESRP domain. This can occur when FDB entries are flushed during a master-slave transition. To avoid this Extreme Networks recommends the general neighbor and hello timeout guidelines listed in Table 22.

Table 22: General neighbor and hello timeout


Number of Domains 64 or less 64 128 Number of VLANs 1000 1000 to 3000 3000 Suggested Neighbor and Hello Timeout Use the default timer values hello >=3, neighbor >=9 hello >=4, neighbor >=12

Example
The following command configures the ESRP neighbor timeout to 14 seconds for the ESRP domain esrp1:
configure esrp esrp1 timer neighbor 14

ExtremeWare XOS 11.3 Command Reference

1025

ESRP Commands

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1026

ExtremeWare XOS 11.3 Command Reference

configure esrp timer neutral

configure esrp timer neutral


configure esrp <esrpDomain> timer neutral <seconds>

Description
Configures the ESRP neutral timeout value.

Syntax Description
esrpDomain seconds Specifies an ESRP domain name. Specifies the number of seconds after which an ESRP domain. The range is 4 to 1024 seconds.

Default
The default neutral timeout is 4 seconds (two times the hello timer).

Usage Guidelines
After you create, configure, and enable the ESRP domain, it enters the neutral state. The neutral timeout specifies the amount of time the ESRP domain stays in this temporary state before entering the slave state. The neutral value must be at least 2 times the hello timer value. Entering a value outside of that range generates an error message similar to the following:
operation Failed. Valid timer relationship "neighbor timeout >= 3*hello ; neutral timeout >= 2*hello ; premaster timeout >= 3*hello"!

The seconds range is 2*hello to 1024. To view the neutral timer settings, use the show esrp {<name>} command.

Example
The following command configures the ESRP neutral timeout to 8 seconds for the ESRP domain esrp1:
configure esrp esrp1 timer neutral 8

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1027

ESRP Commands

configure esrp timer premaster


configure esrp <esrpDomain> timer premaster <seconds>

Description
Configures the ESRP pre-master timeout value.

Syntax Description
esrpDomain seconds Specifies an ESRP domain name. Specifies the maximum length of time, in seconds, that the transitioning master VLAN remains in the pre-master state. The range is 6 to 1024.

Default
The default timeout is 8 seconds (four times the hello timer).

Usage Guidelines
The premaster timer specifies how long the ESRP domain stays in the pre-master state. The pre-master timer expires if the neighbor agrees to be the slave. The premaster value must be at least four times the hello timer value. Entering a value outside of that range generates an error message similar to the following:
operation Failed. Valid timer relationship "neighbor timeout >= 3*hello ; neutral timeout >= 2*hello ; premaster timeout >= 3*hello"!

The seconds range is 3*hello-1024. To view the pre-master timer settings, use the show esrp {<name>} command.

CAUTION
Configure the pre-master state timeout only with guidance from Extreme Networks personnel. Misconfiguration can severely degrade the performance of ESRP and your switch.

Example
The following command configures the pre-master timeout to 10 seconds for the ESRP domain esrp1:
configure esrp esrp-1 timer premaster 10

History
This command was first available in ExtremeWare XOS 11.0.

1028

ExtremeWare XOS 11.3 Command Reference

configure esrp timer premaster

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1029

ESRP Commands

configure esrp timer restart


configure esrp <esrpDomain> timer restart <seconds>

Description
Configures the ESRP restart timer value.

Syntax Description
esrpDomain seconds Specifies an ESRP domain name. Specifies the maximum length of time, in seconds, that the neighbor ESRP switch remains in its current state during an MSM hitless failover. The range is 15 to 1024.

Default
The default restart timer value is 30 seconds.

Usage Guidelines
The restart timer specifies the amount of time that the neighbor ESRP switch remains in its current state during a hitless failover. This timer prevent the slave ESRP switch from trying to become master during a hitless failover. The seconds range is 15-1024. To view the restart settings, use the show esrp {<name>} command.

Example
The following command configures the restart timer value to 40 seconds for the ESRP domain esrp1:
configure esrp esrp-1 timer restart 40

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1030

ExtremeWare XOS 11.3 Command Reference

create esrp

create esrp
create esrp <esrpDomain>

Description
Creates an ESRP domain with the specified name on the switch.

Syntax Description
esrpDomain Specifies the name of an ESRP domain to be created. May be up to 32 characters in length.

Default
The ESRP domain is disabled and in the Aware state. When you create an ESRP domain, it has the following default parameters:

Operational versionExtended Priority0 VLAN interfacenone VLAN tag0 Hello timer2 seconds Neighbor timer8 seconds Premaster timer6 seconds Neutral timer4 seconds Neighbor restart timer30 seconds VLAN trackingnone Ping trackingnone IP route trackingnone

Usage Guidelines
The maximum length for a name is 32 characters. Names can contain alphanumeric characters and underscores ( _ ) but cannot be any reserved keywords, for example, esrp. Names must start with an alphabetical character, for example, a, Z. Each ESRP domain name must be unique and cannot duplicate any other named ESRP domains on the switch. If you are uncertain about the ESRP names on the switch, use the show esrp command to view the ESRP domain names. After you create an ESRP domain on the switch, the switch is ESRP-aware. You can create a maximum of 128 ESRP domains.

ExtremeWare XOS 11.3 Command Reference

1031

ESRP Commands

Example
The following command creates ESRP domain esrp1 on the switch:
create esrp esrp1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1032

ExtremeWare XOS 11.3 Command Reference

delete esrp

delete esrp
delete esrp <esrpDomain>

Description
Deletes the ESRP domain with the specified name.

Syntax Description
esrpDomain Specifies the name of an ESRP domain to be deleted.

Default
N/A.

Usage Guidelines
You must first disable an ESRP domain before you delete it. To disable an ESRP domain, use the disable esrp command. You do not have to remove the master or member VLANs from an ESRP domain before you delete it. When you delete an ESRP domain, All VLANs are automatically removed from the domain.

Example
The following command deletes ESRP domain esrp1 from the switch:
delete esrp esrp1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1033

ESRP Commands

disable esrp
disable esrp {<esrpDomain>}

Description
Disables ESRP for a named domain or for the entire switch.

Syntax Description
esrpDomain Specifies the name of an ESRP domain.

Default
Disabled for the entire switch.

Usage Guidelines
If you do not specify a domain name, ESRP is disabled for the entire switch. If you disable an ESRP domain, the switch notifies its neighbor that the ESRP domain is going down, and the neighbor clears its neighbor table. If the master switch receives this information, it enters the neutral state to prevent a network loop. If the slave switch receives this information, it enters the neutral state.

Example
The following command disables ESRP for the entire switch:
disable esrp

The following command disables ESRP for the domain esrp1:


disable esrp esrp1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1034

ExtremeWare XOS 11.3 Command Reference

enable esrp

enable esrp
enable esrp <esrpDomain>

Description
Enables ESRP for a named domain.

Syntax Description
esrpDomain Specifies the name of an ESRP domain.

Default
Disabled.

Usage Guidelines
Before you enable an ESRP domain, it must have a domain ID. The ESRP domain ID is determined from one of the following user-configured parameters:

ESRP domain number created with the configure esrp domain-id command 802.1Q tag (VLANid) of the tagged master VLAN

If you do not have a domain ID, you cannot enable ESRP on that domain. A message similar to the following appears:
ERROR: Cannot enable ESRP Domain "esrp1" ; No domain id configured!

If you add an untagged master VLAN to the ESRP domain, make sure to create an ESRP domain ID with the configure esrp domain-id command before you attempt to enable the domain.

Example
The following command enables ESRP for the domain esrp1:
enable esrp esrp1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1035

ESRP Commands

show esrp
show esrp {<name>}

Description
Displays ESRP configuration information for one or all ESRP domains on the switch.

Syntax Description
name Specifies an ESRP domain name.

Default
Shows summary ESRP information.

Usage Guidelines
This command shows information about the state of an ESRP domain and its neighbors. This includes information about tracked devices. In addition to ESRP information, ELRP status information is also displayed. This includes information about the master and pre-master states, number of transitions to the pre-master state, and the ports where ELRP is disabled. The output varies depending upon the configuration and the state of the switch.

Example
The following command displays summary ESRP status information for the ESRP domains on the switch:
show esrp

The following is sample output from this command:


ESRP: Enabled Configured Version: Extended # ESRP domain configuration : -------------------------------------------------------------------------------Domain Grp Ver VLAN VID DId IP/IPX State Master MAC Address Nbr -------------------------------------------------------------------------------ed2 0 E v2 2 2 2.2.2.3 Master 00:01:30:f9:9e:90 0 ed2 5 E v2 2 2 2.2.2.3 Aware 00:01:00:0D:9e:8a 0 ed3 0 E v3 3 3 0.0.0.0 Aware 00:01:00:0C:F0:D1 0 ed4 0 E v4 4 4 0.0.0.0 Slave 00:00:00:00:00:00 0 --------------------------------------------------------------------------------

1036

ExtremeWare XOS 11.3 Command Reference

show esrp
# ESRP Port configuration: -------------------------------------------------------------------------------Port Weight Host Restart -------------------------------------------------------------------------------6:1 0 H 6:2 10 6:3 0 R

The following command displays detailed ESRP status information for the specified ESRP domain on the switch (the election policy displayed is the default policy in extended mode):
show esrp ed2

The following is sample output from this command:


show esrp ed2 Domain: ed2 Group: 0 Operational Version: extended Vlan Interface: v2 Vlan Tag: 2 Domain Id: 2 Rtif. Admin Status: DOWN Rtif. Virtual Mac : 00:e0:2b:00:00:80 IP Address: 2.2.2.3 Election Policy: standby > sticky > ports > weight > track > priority > mac -------------------------------------------------------------------------------This System Neighbor system -------------------------------------------------------------------------------State: Slave Active Ports: 1 Tracked Active Vlan Ports: 0 Tracked IP Routes & Pings: 0 Priority: 255[255] Sticky Flag: 0 MAC: 00:01:30:f9:9e:90 Active Ports Weight: 10 Sequence Number: 8 Hand Shake Flag: 0 Restart Flag: 0 Timer Configuration: Hello 2s(0) Neighbor 6s(0) PreMaster 4s(0) Neutral 4s(0) NbrRestart 30s(0) State Transition Counters: To Master 0 To Neutral 1 To PreMaster 0 To Aware 1 To Slave 1 Last State Change: Mon Apr 5 10:43:34 2004 ELRP in Premaster: ELRP in Master: Tracked Tracked Tracked Tracked Enabled (Interval: 1, Count: 3) Enabled (Interval: 1)

Vlans: t_vlan Pings: 40.0.1.2 / 3 second intervals / 5 misses allowed Ip Routes: 30.4.2.16/255.255.255.0 Environment: System Power : OK

ExtremeWare XOS 11.3 Command Reference

1037

ESRP Commands
Temperature : WARNING ---------------------------------------------------------------------# Domain Member VLANs: VLAN Name VID Virtual IP/IPX State ---------------------------------------------------------------------m_vlan1 1001 0.0.0.0 DOWN m_vlan2 1002 0.0.0.0 DOWN m_vlan3 1003 0.0.0.0 DOWN

History
This command was first available in ExtremeWare XOS 11.0. ELRP status information was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1038

ExtremeWare XOS 11.3 Command Reference

show esrp counters

show esrp counters


show esrp {<name>} counters

Description
Displays ESRP counter information for ESRP or for a specified ESRP domain.

Syntax Description
name Specifies an ESRP domain name.

Default
Displays summary ESRP counter information.

Usage Guidelines
The show esrp counters command displays information about the number of:

Failed received protocol packets Failed sent protocol packets Dropped protocol packets belonging to unknown ESRP domains Dropped protocol packets due to invalid Extreme Encapsulation Protocol (EEP) data Dropped packets due to old sequence numbers Dropped packets due to an invalid 802.1Q tag Dropped packets because the packet length was truncated (packet length is less than expected) Dropped packets due to failed checksum verification

The show esrp {<name>} counters command displays information about the number of times ESRP, ESRP-aware, and ESRP error packets were transmitted and received.

Example
The following command displays ESRP counter information:
show esrp counters

The following is sample output from this command:


Current-time: esrpStatsRxHelloFailed esrpStatsTxHelloFailed esrpStatsUnknownDomain esrpStatsUnsupportedEEPVersion esrpStatsInvalidEEPLength esrpStatsNotInTimeWindow esrpStatsInvalid8021Qtag Sun Nov 16 00:25:08 2003 = 0 = 0 = 0 = 0 = 0 = 0 = 0

ExtremeWare XOS 11.3 Command Reference

1039

ESRP Commands
esrpStatsInvalidSNAPType esrpStatsUndersizePkt esrpStatsInvalidChecksum esrpStatsWrongDigest = = = = 0 0 0 0

The following command displays counter information for ESRP domain ed5:
show esrp ed5 counters

The following is sample output from this command:


Domain: ed5 Rx-Esrp-Pkts Rx-Aware-Esrp-Pkts Rx-Err-Pkts = 628 = 112 = 0 Current-time: Sun Nov 16 00:25:27 2003 Tx-Esrp-Pkts = 630 Tx-Aware-Esrp-Pkts = 34 Tx-Err-Pkts = 0

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1040

ExtremeWare XOS 11.3 Command Reference

21 VRRP Commands
This chapter describes commands for:

Enabling and disabling Virtual Router Redundancy Protocol (VRRP) Performing basic VRRP configuration

Like Extreme Standby Router Protocol (ESRP), VRRP is a protocol that allows multiple switches to provide redundant routing services to users. A virtual router is a group of one or more physical devices that acts as the default gateway for hosts on the network. The virtual router is identified by a virtual router identifier (VRID) and an IP address. All of the VRRP routers that participate in the virtual router are assigned the same VRID. The Extreme Networks implementation of VRRP implementation is compliant with RFC 2338, Virtual Router Redundancy Protocol. The following points pertain to VRRP:

VRRP packets are encapsulated IP packets. The VRRP multicast address is 224.0.0.18. The virtual router MAC address is 00 00 5E 00 01 <vrid> An interconnect link between VRRP routers should not be used, except when VRRP routers have hosts directly attached. A maximum of 64 VRID instances are supported on the router. Up to 7 unique VRIDs can be configured on an interface. VRIDs can be re-used, but not on the same interface. VRRP and Spanning Tree can be simultaneously enabled on the same switch. VRRP and ESRP cannot be simultaneously enabled on the same VLAN.

VRRP uses an election algorithm to dynamically assign responsibility for the master router to one of the VRRP routers on the network. A VRRP router is elected master if one of the following is true, the router is:

The IP address owner (router that has the IP address of the virtual router configured as its real interface address). Configured with the highest priority (the range is 1 - 255).

In the event of a tie in priority, the highest primary IP address has precedence. If the master router becomes unavailable, the election process provides dynamic failover and the backup router that has the highest priority assumes the role of master. A new master is elected when one of the following things happen:

VRRP is disabled on the master router. Communication is lost between master and backup router(s). The master router sends periodic advertisements to the backup routers to indicate that it is alive.

ExtremeWare XOS 11.3 Command Reference

1041

VRRP Commands VRRP also supports the following tracking options:


VRRP VLAN tracking VRRP route table tracking VRRP ping tracking

If a tracking option is enabled, and the object being tracked becomes unreachable, the master device will fail over.

1042

ExtremeWare XOS 11.3 Command Reference

clear counters vrrp

clear counters vrrp


clear counters vrrp {{vlan <vlan_name>} {vrid <vridval>}}

Description
Clears, resets all VRRP statistics and counters.

Syntax Description
vlan_name vridval Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255.

Default
N/A.

Usage Guidelines
Use this command to reset the VRRP statistics on the switch. Statistics are not reset when you disable and re-enable VRRP. If you do not enter a parameter, statistics for all VRRP VLANs are cleared. If you specify only VLAN name, statistics for all VRRP VRIDs on that VLAN are cleared. If you specify VLAN name and VRRP VRID, only statistics for that particular VRID are cleared.

Example
The following command clears the VRRP statistics on VRRP VLAN v1:
clear counters vrrp vlan v1

The following command clears the VRRP statistics for VRID 1 on VRRP VLAN v1:
clear counters vrrp vlan v1 vrid 1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1043

VRRP Commands

configure vrrp vlan vrid add ipaddress


configure vrrp vlan <vlan_name> vrid <vridval> add <ipaddress>

Description
Associates a virtual IP address with a specific VRRP virtual router.

Syntax Description
vlan_name vridval ipaddress Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255. Specifies the IP address of the virtual router in which this device participates.

Usage Guidelines
The restrictions on this command are as follows:

If the priority of the VRRP virtual router is 255, the IP address to be added must be owned by the VLAN on which the VRRP virtual router exists. If the priority is not 255, the IP address must not be owned by that VLAN. When a VRRP virtual router is enabled, it must have at least one virtual IP address.

Example
Create a VLAN named vlan-1 with an ipaddress of 10.1.2.2 and a VRRP VRID of 1:
create vlan vlan-1 configure vlan vlan-1 ipaddress 10.1.2.2 create vrrp vlan-1 vrid 1

The following example associates IP address 10.1.2.3 to VLAN vlan-1:


configure vrrp vlan vlan-1 vrid 1 add 10.1.2.3

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1044

ExtremeWare XOS 11.3 Command Reference

configure vrrp vlan vrid add track-iproute

configure vrrp vlan vrid add track-iproute


configure vrrp vlan <vlan_name> vrid <vridval> add track-iproute <ipaddress>/<masklength>

Description
Creates a tracking entry for the specified route. When this route becomes unreachable, this entry is considered to be failing.

Syntax Description
vlan_name vridval ipaddress masklength Specifies the name of a VRRP VLAN. Specifies the virtual router ID of the target VRRP virtual router. Value can be in the range of 1-255. Specifies the prefix of the route to track. Specifies the length of the route's prefix.

Default
N/A.

Usage Guidelines
The route specified in this command may not exist in the IP routing table. When you create the entry for a route, an immediate VRRP failover may occur.

Example
The following command enables IP route failure tracking for routes to the specified subnet:
configure vrrp vlan vlan-1 vrid 1 add track-iproute 3.1.0.0/24

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1045

VRRP Commands

configure vrrp vlan vrid add track-ping


configure vrrp vlan <vlan_name> vrid <vridval> add track-ping <ipaddress> frequency <seconds> miss <misses>

Description
Creates a tracking entry for the specified IP address. The entry is tracked via pings to the IP address, sent at the specified frequency.

Syntax Description
vlan_name vridval ipaddress seconds misses Specifies the name of a VRRP VLAN. Specifies the VRRP virtual router ID of the target virtual router. Value can be in the range of 1-255. Specifies the IP address to be tracked. Specifies the number of seconds between pings to the target IP address. Specifies the number of misses allowed before this entry is considered to be failing.

Default
N/A.

Usage Guidelines
Adding an entry with the same IP address as an existing entry will cause the new values to overwrite the existing entry's frequency and miss number.

Example
The following command enables ping tracking for the external gateway at 3.1.0.1, pinging every 3 seconds, and considering the gateway to be unreachable if no response is received to 5 consecutive pings:
configure vrrp vlan vlan-1 vrid 1 add track-ping 3.1.0.1 frequency 3 miss 5

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1046

ExtremeWare XOS 11.3 Command Reference

configure vrrp vlan vrid add track-vlan

configure vrrp vlan vrid add track-vlan


configure vrrp vlan <vlan_name> vrid <vridval> add track-vlan <target_vlan_name>

Description
Configures a VRRP VLAN to track port connectivity to a specified VLAN. When this VLAN is in the down state, this entry is considered to be failing.

Syntax Description
vlan_name vridval target_vlan_name Specifies the name of a VRRP VLAN. Specifies the VRRP virtual router ID of the target virtual router. Value can be in the range of 1-255. Specifies the name of the VLAN to track.

Default
N/A.

Usage Guidelines
Up to eight VLANs can be tracked. Deleting a tracked VLAN does not constitute a failover event for the VR tracking it, and the tracking entry will be deleted.

Example
The following command enables VRRP VLAN vlan-1 to track port connectivity to VLAN vlan-2:
configure vrrp vlan vlan-1 vrid 1 add track-vlan vlan-2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1047

VRRP Commands

configure vrrp vlan vrid advertisement-interval


configure vrrp vlan <vlan_name> vrid <vridval> advertisement-interval <interval>

Description
Configures the time between VRRP advertisements (pings) in seconds.

Syntax Description
vlan_name vridval interval Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255. Specifies the time interval between advertisements, in seconds. The default is 1 second. The range is 1 through 255.

Default
The advertisement interval is 1 second.

Usage Guidelines
The advertisement interval specifies the interval between advertisements sent by the master router to inform the backup routers that its alive. An extremely busy CPU can create a short dual master situation. To avoid this, increase the advertisement interval.

Example
The following command configures the advertisement interval of 15 seconds:
configure vrrp vlan vrrp-1 vrid 1 advertisement-interval 15

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1048

ExtremeWare XOS 11.3 Command Reference

configure vrrp vlan vrid authentication

configure vrrp vlan vrid authentication


configure vrrp vlan <vlan_name> vrid <vridval> authentication [none | simplepassword <password>]

Description
Configures the authentication type for a specific VRRP virtual router.

Syntax Description
vlan_name vridval password Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255. Specifies the user-defined password for authentication.

Default
Authentication is set to none.

Usage Guidelines
This command can add a modest amount of security to VRRP advertisements. All VRRP routers using the same VRID must use the same password when using this feature. A simple password must be between 1 and 8 characters long.

Example
The following command configures authentication for VRRP VLAN vrrp-1 with the password newvrrp:
configure vrrp vlan vrrp-1 vrid 1 authentication simple-password newvrrp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1049

VRRP Commands

configure vrrp vlan vrid delete ipaddress


configure vrrp vlan <vlan_name> vrid <vridval> delete <ipaddress>

Description
Deletes a virtual IP address from a specific VRRP virtual router.

Syntax Description
vlan_name vridval ipaddress Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255. Specifies the IP address of the virtual router in which this device participates.

Usage Guidelines
The restrictions on this command are as follows:

If the priority of the VR is 255, the IP address to be added must be owned by the VLAN on which the VR exists. If the priority is not 255, the IP address must not be owned by that VLAN. When a VR is enabled, it must have at least one virtual IP address. When the VR is not enabled, there are no restrictions on deleting the IP address.

Example
The following command removes IP address 10.1.2.3 from VLAN vlan-1:
configure vrrp vlan vlan-1 vrid 1 delete 10.1.2.3

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1050

ExtremeWare XOS 11.3 Command Reference

configure vrrp vlan vrid delete track-iproute

configure vrrp vlan vrid delete track-iproute


configure vrrp vlan <vlan_name> vrid <vridval> delete track-iproute <ipaddress>/<masklength>

Description
Deletes a tracking entry for the specified route.

Syntax Description
vlan_name vridval ipaddress masklength Specifies the name of a VRRP VLAN. Specifies the VRRP virtual router ID of the target virtual router. Value can be in the range of 1-255. Specifies the prefix of the route to track. Specifies the length of the route's prefix.

Default
N/A.

Usage Guidelines
Deleting a tracking entry while VRRP is enabled causes the VRRP VRs state to be re-evaluated for failover.

Example
The following command disables tracking of routes to the specified subnet for VLAN vlan-1:
configure vrrp vlan vlan-1 vrid 1 delete track-iproute 3.1.0.0/24

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1051

VRRP Commands

configure vrrp vlan vrid delete track-ping


configure vrrp vlan <vlan_name> vrid <vridval> delete track-ping <ipaddress>

Description
Deletes a tracking entry for the specified IP address.

Syntax Description
vlan_name vridval ipaddress Specifies the name of a VRRP VLAN. Specifies the VRRP virtual router ID of the target virtual router. Value can be in the range of 1-255. Specifies the IP address to be tracked.

Default
N/A.

Usage Guidelines
Deleting a tracking entry while VRRP is enabled will cause the VRRP VRs state to be re-evaluated for failover. A VRRP node with a priority of 255 may not recover from a ping-tracking failure if there is a Layer 2 switch between it and another VRRP node. In cases where a Layer 2 switch is used to connect VRRP nodes, Extreme Networks recommends that those nodes have priorities of less than 255.

Example
The following command disables ping tracking for the external gateway at 3.1.0.1:
configure vrrp vlan vlan-1 vrid 1 delete track-ping 3.1.0.1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1052

ExtremeWare XOS 11.3 Command Reference

configure vrrp vlan vrid delete track-vlan

configure vrrp vlan vrid delete track-vlan


configure vrrp vlan <vlan_name> vrid <vridval> delete track-vlan <target_vlan_name>

Description
Deletes the tracking of port connectivity to a specified VLAN.

Syntax Description
vlan_name vridval target_vlan_name Specifies the name of a VRRP VLAN. Specifies the VRRP virtual router ID of the target virtual router. Value can be in the range of 1-255. Specifies the name of the tracked VLAN.

Default
N/A.

Usage Guidelines
Deleting a tracking entry while VRRP is enabled will cause the VRRP VRs state to be re-evaluated for failover.

Example
The following command disables the tracking of port connectivity to VLAN vlan-2:
configure vrrp vlan vlan-1 vrid 1 delete track-vlan vlan-2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1053

VRRP Commands

configure vrrp vlan vrid dont-preempt


configure vrrp vlan <vlan_name> vrid <vridval> dont-preempt

Description
Specifies that a higher priority backup router does not preempt a lower priority master.

Syntax Description
vlan_name vridval Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255.

Default
The default setting is preempt.

Usage Guidelines
The preempt mode controls whether a higher priority backup router preempts a lower priority master. dont-preempt prohibits preemption. The router that owns the virtual IP address always preempts, independent of the setting of this parameter.

Example
The following command disallows preemption:
configure vrrp vlan vlan-1 vrid 1 dont-preempt

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1054

ExtremeWare XOS 11.3 Command Reference

configure vrrp vlan vrid preempt

configure vrrp vlan vrid preempt


configure vrrp vlan <vlan_name> vrid <vridval> preempt

Description
Specifies that a higher priority backup router preempts a lower priority master.

Syntax Description
vlan_name vridval Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255.

Default
The default setting is preempt.

Usage Guidelines
The preempt mode controls whether a higher priority backup router preempts a lower priority master. preempt allows preemption. The router that owns the virtual IP address always preempts, independent of the setting of this parameter.

Example
The following command allows preemption:
configure vrrp vlan vlan-1 vrid 1 preempt

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1055

VRRP Commands

configure vrrp vlan vrid priority


configure vrrp vlan <vlan_name> vrid <vridval> priority <priorityval>

Description
Configures the priority value of a VRRP virtual router.

Syntax Description
vlan_name vridval priorityval Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255. Specifies the priority value of the router. The default is 100. The priority range is 1-255.

Default
The default priority is 100.

Usage Guidelines
This command changes the priority of a VRRP VR. If the VR is assigned an IP address that is physically owned by the switch, the VR's priority is 255 and cannot be changed. If the IP address is not owned by switch, the priority cannot be changed to 255. To change the priority in either of the described cases, disable VRRP and remove the virtual IP address(es) first. To disable VRRP, use the disable vrrp {vlan <vlan_name> vrid <vridval>} command. To remove the virtual IP address(es), use the configure vrrp vlan <vlan_name> vrid <vridval> delete <ipaddress> command.

Example
The following command configures a priority of 150 for VLAN vrrp-1:
configure vrrp vlan vrrp-1 vrid 1 priority 150

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1056

ExtremeWare XOS 11.3 Command Reference

create vrrp vlan vrid

create vrrp vlan vrid


create vrrp vlan <vlan_name> vrid <vridval>

Description
Creates a VRRP virtual router on the switch.

Syntax Description
vlan_name vridval Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255.

Default
N/A.

Usage Guidelines
VRRP Virtual Router IDs can be used across multiple VLANs. You can create multiple virtual routers on different VLANs. Virtual Router IDs need not be unique to a specific VLAN. Before configuring any virtual router parameters, you must first create the VRRP instance on the switch. If you define VRRP parameters before creating the VRRP, you may see an error similar to the following:
Error: VRRP VR for vlan vrrp1, vrid 1 does not exist. Please create the VRRP VR before assigning parameters. Configuration failed on backup MSM, command execution aborted!

If this happens, create the VRRP instance and then configure its parameters.

Example
The following command creates a VRRP router on VLAN vrrp-1, with a VRRP virtual router ID of 1:
create vrrp vlan vrrp-1 vrid 1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1057

VRRP Commands

delete vrrp vlan vrid


delete vrrp vlan <vlan_name> vrid <vridval>

Description
Deletes a specified VRRP virtual router.

Syntax Description
vlan_name vridval Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes the VRRP virtual router on the VLAN vrrp-1 identified by VRID 2:
delete vrrp vlan vrrp-1 vrid 2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1058

ExtremeWare XOS 11.3 Command Reference

disable vrrp vrid

disable vrrp vrid


disable vrrp {vlan <vlan_name> vrid <vridval>}

Description
Disables a specific VRRP virtual router or all VRRP virtual routers.

Syntax Description
vlan_name vridval Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255.

Default
N/A.

Usage Guidelines
This disables a specific virtual router on the switch. If no VRRP VLAN is specified, all virtual routers on the switch are disabled.

Example
The following command disables all VRRP virtual routers on the switch:
disable vrrp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1059

VRRP Commands

enable vrrp vrid


enable vrrp {vlan <vlan_name> vrid <vridval>}

Description
Enables a specific VRRP virtual router or all VRRP virtual routers on the switch.

Syntax Description
vlan_name vridval Specifies the name of a VRRP VLAN. Specifies a VRRP Virtual Router ID (VRID). Value can be in the range of 1255.

Default
N/A.

Usage Guidelines
This enables a specific virtual router on the device. If you do not specify a VRRP virtual router, all VRRP virtual routers on this device are enabled.

Example
The following command enables all VRRP virtual routers on the switch:
enable vrrp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1060

ExtremeWare XOS 11.3 Command Reference

show vrrp

show vrrp
show vrrp {detail}

Description
Displays VRRP configuration information for all VRRP VLANs.

Syntax Description
detail Specifies more detailed VRRP information.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays a summary of status information for VRRP:
show vrrp

The following is sample output from this command:


VLAN Name VRID Pri Virtual IP Addr State v1(En) 0001 255 1.1.1.1 MSTR Master Mac Address TP/TR/TV/P/T 00:00:5e:00:01:01 0 0 0 Y 1

En-Enabled, Ds-Disabled, Pri-Priority, T-Advert Timer, P-Preempt TP-Tracked Pings, TR-Tracked Routes, TV-Tracked VLANs

The following command displays detailed status information for VRRP:


show vrrp detail

The following is sample output from this command:


VLAN: v1 VRID: 1 VRRP: Enabled State: Priority: 255(master) Advertisement Interval: 1 Preempt: Yes Authentication: None Virtual IP Addresses: 1.1.1.1 Tracked Pings: Tracked IP Routes: Tracked VLANs: * indicates a tracking condition has failed MASTER

ExtremeWare XOS 11.3 Command Reference

1061

VRRP Commands

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1062

ExtremeWare XOS 11.3 Command Reference

show vrrp vlan

show vrrp vlan


show vrrp vlan <vlan_name> {stats}

Description
Displays VRRP information for a particular VLAN.

Syntax Description
vlan_name stats Specifies the name of a VRRP VLAN. Specifies statistics for a particular VLAN.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays statistics for VLAN vrrp-1:
show vrrp vlan vrrp-1 stats

The following is sample output from this command:


VLAN vrrp-1, VR ID 25 Chksum Err:0, Ver Err:0, VRID Err:0, Auth Mismatch:0, Pkt-len Err:0 Become Master:0, Adv recv:0, Adv Err:0, Auth Fail:0, TTL Err:0 Pri-0-recv:0, Pri-0-snt:0, Addr-List Err:0, Invalid Auth Err:0

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1063

VRRP Commands

1064

ExtremeWare XOS 11.3 Command Reference

22 IP Unicast Commands
Extreme Networks switches provide full Layer 3, IP unicast routing. They exchange routing information with other routers on the network using either the Routing Information Protocol (RIP) or the Open Shortest Path First (OSPF) protocol. The switches dynamically build and maintain routing tables and determine the best path for each of its routes. Each host that uses the IP unicast routing functionality of the switch must have a unique IP address assigned. In addition, the default gateway assigned to the host must be the IP address of the router interface. The routing software and hardware directs IP traffic between router interfaces. A router interface is simply a VLAN that has an IP address assigned to it. As you create VLANs with IP addresses belonging to different IP subnets, you can also choose to route between the VLANs. The VLAN switching and IP routing functions occur within the switch. Each IP address and mask assigned to a VLAN must represent a unique IP subnet. You cannot configure the same IP subnet on different VLANs. The Extreme Networks switch maintains an IP routing table for network routes and host routes. The table is populated from the following sources:

Dynamically, by way of routing protocol packets or by ICMP redirects exchanged with other routers Statically, by way of routes entered by the administrator

Default routes, configured by the administrator Locally, by way of interface addresses assigned to the system By other static routes, as configured by the administrator

Dynamic routes are typically learned by way of RIP or OSPF. Routers that use RIP or OSPF exchange information in their routing tables in the form of advertisements. Using dynamic routes, the routing table contains only networks that are reachable. Dynamic routes are aged out of the table when an update for the network is not received for a period of time, as determined by the routing protocol. Static routes are manually entered into the routing table. Static routes are used to reach networks not advertised by routers. Static routes can also be used for security reasons, to control which routes you want advertised by the router. Static routes are never aged out of the routing table. A static route must be associated with a valid IP subnet. An IP subnet is associated with a single VLAN by its IP address and subnet mask. If the VLAN is subsequently deleted, the static route entries using that subnet must be deleted manually.

ExtremeWare XOS 11.3 Command Reference

1065

IP Unicast Commands When there are multiple, conflicting choices of a route to a particular destination, the router picks the route with the longest matching network mask. If these are still equal, the router picks the route using the following criteria (in the order specified):

Directly attached network interfaces ICMP redirects Static routes Directly attached network interfaces that are not active

If you define multiple default routes, the route that has the lowest metric is used. If there are multiple default routes that have the same lowest metric, the system picks one of the routes with the lowest gateway IP addresses. You can also configure blackhole routestraffic to these destinations is silently dropped. Internet Control Message Protocol (ICMP) is used to transmit information needed to control IP traffic. It is used mainly to provide information about routes to destination addresses. ICMP redirect messages inform hosts about more accurate routes to other systems, whereas ICMP unreachable messages indicate problems with a route. Additionally, ICMP can cause TCP connection to terminate gracefully if the route becomes unavailable. After IP unicast routing has been configured, you can configure the switch to forward Dynamic Host Configuration Protocol (DHCP) or BOOTP requests coming from clients on subnets being serviced by the switch and going to hosts on different subnets. This feature can be used in various applications, including DHCP services between Windows NT servers and clients running Windows 95. Proxy Address Resolution Protocol (ARP) was first developed so that ARP-capable devices could respond to ARP Request packets on behalf of ARP-incapable devices. Proxy ARP can also be used to achieve router redundancy and simplify IP client configuration. The Extreme Networks switch supports proxy ARP for this type of network configuration. After IP ARP has been configured, the system responds to ARP Requests on behalf of the device, as long as the following conditions are satisfied:

The valid IP ARP Request is received on a router interface. The target IP address matches the IP address configured in the proxy ARP table. The proxy ARP table entry indicates that the system should always answer this ARP Request, regardless of the ingress VLAN (the always parameter must be applied).

After all the proxy ARP conditions have been met, the switch formulates an ARP Response using the configured MAC address in the packet. In some networks, it is desirable to configure the IP host with a wider subnet than the actual subnet mask of the segment. Proxy ARP can be used so that the router answers ARP Requests for devices outside of the subnet. As a result, the host communicates as if all devices are local. In reality, communication with devices outside of the subnet are proxied by the router.

1066

ExtremeWare XOS 11.3 Command Reference

clear iparp

clear iparp
clear iparp {<ip_address> {vr <vr_name>} | vlan <vlan_name>}

Description
Removes dynamic entries in the IP ARP table.

Syntax Description
ip_address vlan_name vr_name Specifies an IP address. Specifies a VLAN name. Specifies a VR name.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
Permanent IP ARP entries are not affected. This command is virtual router command, and it applies to the current virtual router if you do not specify a virtual router.

Example
The following command removes a dynamically created entry from the IPARP table:
clear iparp 10.1.1.5

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1067

IP Unicast Commands

configure bootprelay add


configure bootprelay add <ip_address> {vr <vrid>}

Description
Configures the addresses to which BOOTP requests should be directed.

Syntax Description
ip_address vrid Specifies an IP address. Specifies a VR name.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
After IP unicast routing has been configured, you can configure the switch to forward Dynamic Host Configuration Protocol (DHCP) or BOOTP requests coming from clients on subnets being serviced by the switch and going to hosts on different subnets. To configure the relay function, follow these steps: 1 Configure VLANs and IP unicast routing. 2 Configure the addresses to which DHCP or BOOTP requests should be directed, using the following command:
configure bootprelay add <ip_address>

3 Enable the DHCP or BOOTP relay function, using the following command:
enable bootprelay

Example
The following command configures BOOTP requests to be directed to 123.45.67.8:
configure bootprelay add 123.45.67.8

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1068

ExtremeWare XOS 11.3 Command Reference

configure bootprelay delete

configure bootprelay delete


configure bootprelay delete [<ip_address> | all] {vr <vrid>}

Description
Removes one or all IP destination addresses for forwarding BOOTP packets.

Syntax Description
ip_address vrid all Specifies an IP address. Specifies a VR name. Specifies all IP address entries.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
None.

Example
The following command removes the destination address:
configure bootprelay delete 123.45.67.8

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1069

IP Unicast Commands

configure bootprelay dhcp-agent information check


configure bootprelay dhcp-agent information check

Description
Enables the Dynamic Host Configuration Protocol (DHCP) relay agent option (option 82) checking.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
In some instances, a DHCP server may not properly handle a DHCP request packet containing a relay agent option. Use this command to prevent DHCP reply packets with invalid or missing relay agent options from being forwarded to the client. To disable this check, use the following command:
unconfigure bootprelay dhcp-agent information check

Example
The following command configures the DHCP relay agent option check:
configure bootprelay dhcp-agent information check

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1070

ExtremeWare XOS 11.3 Command Reference

configure bootprelay dhcp-agent information option

configure bootprelay dhcp-agent information option


configure bootprelay dhcp-agent information option

Description
Enables the Dynamic Host Configuration Protocol (DHCP) relay agent option (option 82).

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
After IP unicast routing has been configured, you can configure the switch to forward DHCP or BOOTP requests coming from clients on subnets being serviced by the switch and going to hosts on different subnets. To configure the relay function, follow these steps: 1 Configure VLANs and IP unicast routing. 2 Enable the DHCP or BOOTP relay function, using the following command:
enable bootprelay {vr <vrid>}

3 Configure the addresses to which DHCP or BOOTP requests should be directed, using the following command:
configure bootprelay add <ip_address> {vr <vrid>}

4 Configure the DHCP relay agent option (option 82), using the following command:
configure bootprelay dhcp-agent information option

To disable the DHCP relay agent option (option 82), use the following command:
unconfigure bootprelay dhcp-agent information option

Example
The following command configures the DHCP relay agent option:
configure bootprelay dhcp-agent information option

History
This command was first available in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

1071

IP Unicast Commands

Platform Availability
This command is available on all platforms.

1072

ExtremeWare XOS 11.3 Command Reference

configure bootprelay dhcp-agent information policy

configure bootprelay dhcp-agent information policy


configure bootprelay dhcp-agent information policy [drop | keep | replace]

Description
Configures the Dynamic Host Configuration Protocol (DHCP) relay agent option (option 82) policy.

Syntax Description
drop keep replace Specifies to drop the packet. Specifies to keep the existing option 82 information in place. Specifies to replace the existing data with the switchs own data.

Default
Replace.

Usage Guidelines
Use this command to set a policy for the relay agent. Packets can be dropped, the option 82 information can be replaced (the default), or the packet can be forwarded with the information unchanged.

Example
The following command configures the DHCP relay agent option 82 policy to keep:
configure bootprelay dhcp-agent information policy keep

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1073

IP Unicast Commands

configure iparp add


configure iparp add <ip_addr> {vr <vr_name>} <mac>

Description
Adds a permanent entry to the ARP table. Specify the IP address and MAC address of the entry.

Syntax Description
ip_addr mac vr_name Specifies an IP address. Specifies a MAC address. Specifies a VR name.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
Add a permanent IP ARP entry to the system. The ip_address is used to match the IP interface address to locate a suitable interface.

Example
The following command adds a permanent IP ARP entry to the switch for IP address 10.1.2.5:
configure iparp add 10.1.2.5 00:11:22:33:44:55

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1074

ExtremeWare XOS 11.3 Command Reference

configure iparp add proxy

configure iparp add proxy


configure iparp add proxy [<ipNetmask> | <ip_addr> {<mask>}] {vr <vr_name>} {<mac>} {always}

Description
Configures the switch to respond to ARP Requests on behalf of devices that are incapable of doing so.

Syntax Description
ipNetmask ip_addr mask mac_address always vr_name Specifies an IP address/mask length. Specifies an IP address. Specifies a subnet mask. Specifies a MAC address. Specifies that the switch responds regardless of the VLAN that the request arrives from. Specifies a VR name.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
When mask is not specified, an address with the mask 255.255.255.255 is assumed. When mac_address is not specified, the MAC address of the switch is used in the ARP Response. When always is specified, the switch answers ARP Requests without filtering requests that belong to the same subnet of the receiving router interface. After IP ARP is configured, the system responds to ARP Requests on behalf of the device as long as the following conditions are satisfied:

The valid IP ARP Request is received on a router interface. The target IP address matches the IP address configured in the proxy ARP table. The source IP address is not on the same subnet as the target address (unless the always flag is set).

After all the proxy ARP conditions have been met, the switch formulates an ARP Response using the configured MAC address in the packet. The default maximum number of proxy entries is 256, but can be increased to 4096 by using the following command:
configure iparp max_proxy_entries <max_proxy_entries>

ExtremeWare XOS 11.3 Command Reference

1075

IP Unicast Commands

Example
The following command configures the switch to answer ARP Requests for all devices with the address range of 100.101.45.1 to 100.101.45.255:
configure iparp add proxy 100.101.45.0/24

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1076

ExtremeWare XOS 11.3 Command Reference

configure iparp delete

configure iparp delete


configure iparp delete <ip_addr> {vr <vr_name>}

Description
Deletes an entry from the ARP table. Specify the IP address of the entry.

Syntax Description
ip_addr vr_name Specifies an IP address. Specifies a VR name.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
Removes any IP ARP entry (dynamic or permanent) from the table. The ip_address is used to match the IP interface address to locate a suitable interface.

Example
The following command deletes an IP address entry from the ARP table:
configure iparp delete 10.1.2.5

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1077

IP Unicast Commands

configure iparp delete proxy


configure iparp delete proxy [[<ipNetmask> | <ip_addr> {<mask>}] {vr <vr_name>} | all]

Description
Deletes one or all proxy ARP entries.

Syntax Description
ipNetmask ip_addr mask all vr_name Specifies an IP address/mask length. Specifies an IP address. Specifies a subnet mask. Specifies all ARP entries. Specifies a VR name.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
Proxy ARP can be used for two purposes: 1 To support host that cannot process ARP traffic. In this case, the switch answers the ARP Request for that host. 2 To hide the IP topology from the host. The network administrator can configure a large network on the host machine (16-bit mask) and a smaller network on each router interface (for example, 22-bit mask). When the host sends ARP Request for another host on another subnet, the switch answers the ARP Request and all subsequent traffic will be sent directly to the router. You can configure up to 64 proxy ARP entries. When the mask is not specified, then software will assume a host address (that is, a 32-bit mask). When the MAC address is not specified, then the software uses the switch's MAC address as the proxy host. Always should be specified for type-1 usage, not always is the default (type-2).

Example
The following command deletes the IP ARP proxy entry 100.101.45.0/24:
configure iparp delete proxy 100.101.45.0/24

History
This command was first available in ExtremeWare XOS 10.1.

1078

ExtremeWare XOS 11.3 Command Reference

configure iparp delete proxy

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1079

IP Unicast Commands

configure iparp max_entries


configure iparp max_entries <max_entries>

Description
Configures the maximum allowed IP ARP entries.

Syntax Description
max_entries Specifies a number of maximum IP ARP entries.

Default
4096.

Usage Guidelines
Range: 1 - 20480. The maximum IP ARP entries include dynamic, static, and incomplete IP ARP entries.

Example
The following command sets the maximum IP ARP entries to 2000 entries:
configure iparp max-entries 2000

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1080

ExtremeWare XOS 11.3 Command Reference

configure iparp max_pending_entries

configure iparp max_pending_entries


configure iparp max_pending_entries <max_pending_entries>

Description
Configures the maximum allowed incomplete IP ARP entries.

Syntax Description
max_pending_entries Specifies a number of maximum IP ARP entries.

Default
256.

Usage Guidelines
Range: 1 - 4096.

Example
The following command sets the maximum pending IP ARP entries to 500 entries:
configure iparp max_pending_entries 500

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1081

IP Unicast Commands

configure iparp max_proxy_entries


configure iparp max_proxy_entries <max_proxy_entries>

Description
Configures the maximum allowed IP ARP proxy entries.

Syntax Description
max_proxy_entries Specifies maximum number of IP ARP proxy entries.

Default
256.

Usage Guidelines
Range: 0 - 4096.

Example
The following command sets the maximum IP ARP proxy entries to 500 entries:
configure iparp max_proxy_entries 500

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1082

ExtremeWare XOS 11.3 Command Reference

configure iparp timeout

configure iparp timeout


configure iparp timeout {vr <vr_name>} <minutes>

Description
Configures the IP ARP timeout period.

Syntax Description
vr_name minutes Specifies which virtual router IP ARP setting to change. Specifies a time in minutes.

Default
20 minutes.

Usage Guidelines
The range is 0-32,767. A setting of 0 disables timeout. When the switch learns an ARP entry, it begins the timeout for that entry. When the timer reaches 0, the entry will be aged out, unless IP ARP refresh is enabled. If ARP refresh is enabled, the switch will ARP for the address before the timer has expired. If the switch receives a response, it will reset the timer for that address.

Example
The following command sets the IP ARP timeout period to 10 minutes:
configure iparp timeout 10

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1083

IP Unicast Commands

configure iproute add


configure iproute add [<ipNetmask> | <ip_addr> <mask>] <gateway> <metric> {vr <vrname>} {multicast-only | unicast-only}

Description
Adds a static route to the routing table.

Syntax Description
ipNetmask ip_address mask gateway metric vrname multicast-only unicast-only Specifies an IP address/mask length. Specifies an IP address. Specifies a subnet mask. Specifies a VLAN gateway. Specifies a cost metric. Specifies the virtual router to which the route is added. Specifies only multicast traffic for the route. Specifies only unicast traffic for the route.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
Use a value of 255.255.255.255 for mask to indicate a host entry.

Example
The following command adds a static address to the routing table:
configure iproute add 10.1.1.0/24 123.45.67.1 5

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1084

ExtremeWare XOS 11.3 Command Reference

configure iproute add blackhole

configure iproute add blackhole


configure iproute add blackhole [<ipNetmask> | <ipaddress> <mask>] {vr <vrname>} {multicast-only | unicast-only}

Description
Adds a blackhole address to the routing table. All traffic destined for a configured blackhole IP address is silently dropped, and no Internet Control Message Protocol (ICMP) message is generated.

Syntax Description
ipNetmask ipaddress mask vrname multicast-only unicast-only Specifies an IP address/mask length. Specifies an IP address. Specifies a subnet mask. Specifies the virtual router to which the route is added. Specifies only multicast traffic for the route. Specifies only unicast traffic for the route.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
A blackhole entry configures packets with the specified destination IP subnet to be discarded. Blackhole entries are useful as a security measure or in special circumstances where a specific destination IP subnet must be discarded. Blackhole entries are treated like permanent entries in the event of a switch reset or power off/on cycle.

Example
The following command adds a blackhole address to the routing table for packets with a destination address of 100.101.145.4:
configure iproute add blackhole 100.101.145.4/32

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1085

IP Unicast Commands

configure iproute add blackhole default


configure iproute add blackhole {ipv4} default {vr <vrname>} {multicastonly | unicast-only}

Description
Adds a default blackhole route to the routing table. All traffic destined for an unknown IP destination is silently dropped, and no Internet Control Message Protocol (ICMP) message is generated.

Syntax Description
vr_name multicast-only unicast-only Specifies the virtual router to which the route is added. Specifies only multicast traffic for the route. Specifies only unicast traffic for the route.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
While a default route is for forwarding traffic destined to an unknown IP destination, and a blackhole route is for discarding traffic destined to a specified IP destination, a default blackhole route is for discarding traffic to the unknown IP destination. Using this command, all traffic with an unknown destination is discarded. The default blackhole route is treated like a permanent entry in the event of a switch reset or power off/on cycle. The default blackhole routes origin is b or blackhole and the gateway IP address for this route is 0.0.0.0.

Example
The following command adds a blackhole default route into the routing table:
configure iproute add blackhole default

History
This command was first available in ExtremeWare XOS 10.1. The ipv4 keyword was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1086

ExtremeWare XOS 11.3 Command Reference

configure iproute add default

configure iproute add default


configure iproute add default <gateway> {vr <vrname>} {<metric>} {multicast-only | unicast-only}

Description
Adds a default gateway to the routing table.

Syntax Description
gateway metric vrname Specifies a VLAN gateway Specifies a cost metric. If no metric is specified, the default of 1 is used. Specifies the virtual router to which the route is added.

Default
If no metric is specified, the default metric of 1 is used. If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
Default routes are used when the router has no other dynamic or static route to the requested destination. A default gateway must be located on a configured IP interface. Use the unicast-only or multicast-only options to specify a particular traffic type. If not specified, both unicast and multicast traffic uses the default route.

Example
The following command configures a default route for the switch:
configure iproute add default 123.45.67.1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1087

IP Unicast Commands

configure iproute delete


configure iproute delete [<ipNetmask> | <ipaddress> <mask>] <gateway> {vr <vrname>}

Description
Deletes a static address from the routing table.

Syntax Description
ipNetmask ipaddress mask gateway vrname Specifies an IP address/mask length. Specifies an IP address. Specifies a subnet mask. Specifies a VLAN gateway. Specifies the virtual router to which the route is deleted.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
Use a value of 255.255.255.255 or /32 for mask to indicate a host entry.

Example
The following command deletes an address from the gateway:
configure iproute delete 10.101.0.0/24 10.101.0.1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1088

ExtremeWare XOS 11.3 Command Reference

configure iproute delete blackhole

configure iproute delete blackhole


configure iproute delete blackhole [<ipNetmask> | <ipaddress> <mask>] {vr <vrname>}

Description
Deletes a blackhole address from the routing table.

Syntax Description
ipNetmask ipaddress mask vrname Specifies an IP address/mask length. Specifies an IP address. Specifies a netmask. Specifies the virtual router to which the route is deleted.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
None.

Example
The following command removes a blackhole address from the routing table:
configure iproute delete blackhole 100.101.145.4

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1089

IP Unicast Commands

configure iproute delete blackhole default


configure iproute delete blackhole default {vr <vrname>}

Description
Deletes a default blackhole route from the routing table.

Syntax Description
vrname Specifies a VR name.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
None.

Example
The following command deletes a blackhole default route from the routing table:
configure iproute delete blackhole default

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1090

ExtremeWare XOS 11.3 Command Reference

configure iproute delete default

configure iproute delete default


configure iproute delete default <gateway> {vr <vrname>}

Description
Deletes a default gateway from the routing table.

Syntax Description
gateway vrname Specifies a VLAN gateway. Specifies the virtual router to which the route is deleted.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
Default routes are used when the router has no other dynamic or static route to the requested destination. A default gateway must be located on a configured IP interface.

Example
The following command deletes a default gateway:
configure iproute delete default 123.45.67.1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1091

IP Unicast Commands

configure iproute priority


configure iproute {ipv4} priority [rip | blackhole | bootp | ebgp | ibgp | icmp | static | ospf-intra | ospf-inter | ospf-as-external | ospf-extern1 | ospf-extern2] <priority>

Description
Changes the priority for all routes from a particular route origin.

Syntax Description
rip bootp ebgp ibgp icmp blackhole static ospf-intra ospf-inter ospf-as-external ospf-extern1 ospf-extern2 priority Specifies RIP. Specifies BOOTP. Specifies E-BGP routes Specifies I-BGP routes Specifies ICMP. Specifies the blackhole route. Specifies static routes. Specifies OSPFIntra routing. Specifies OSPFInter routing. Specifies OSPF as External routing. Specifies OSPF External 1 routing. Specifies OSPF External 2 routing. Specifies a priority number in the range of 11 to 65534.

Default
Table 23 lists the relative priorities assigned to routes depending upon the learned source of the route.

Table 23: Relative route priorities


Route Origin Direct Blackhole Static ICMP EBGP IBGP OSPFIntra OSPFInter RIP OSPFAsExt OSPF External 1 OSPF External 2 Priority 10 50 1100 1200 1700 1900 2200 2300 2400 3100 3200 3300

1092

ExtremeWare XOS 11.3 Command Reference

configure iproute priority

Table 23: Relative route priorities (Continued)


Route Origin BOOTP Priority 5000

Usage Guidelines
Although these priorities can be changed, do not attempt any manipulation unless you are expertly familiar with the possible consequences. If you change the route priority, you must save the configuration and reboot the system. NOTE
The priority for a blackhole route can not overlap with the priority of any other route origin.

Example
The following command sets IP route priority for static routing to 1200:
configure iproute priority static 1200

History
This command was first available in ExtremeWare XOS 10.1. The route priority restrictions were added in ExtremeWare XOS 11.1. The ipv4 keyword was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1093

IP Unicast Commands

configure irdp
configure irdp [multicast | broadcast | <mininterval> <maxinterval> <lifetime> <preference>]

Description
Configures the destination address of the router advertisement messages.

Syntax Description
multicast broadcast mininterval maxinterval lifetime preference Specifies multicast setting. Specifies broadcast setting. Specifies the minimum time between advertisements. Specifies the maximum time between advertisements. Default is 600. Specifies the lifetime of the advertisement. Default is 1800. Specifies the router preference level. Default is 0.

Default
Broadcast (255.255.255.255). The default mininterval is 450.

Usage Guidelines
ICMP Router Discovery Protocol allows client machines to determine what default gateway address to use. The switch will send out IP packets at the intervals specified identifying itself as a default router. IRDP enabled client machines will use this information to determine which gateway address to use for routing data packets to other networks.

Example
The following command sets the address of the router advertiser messages to multicast:
configure irdp multicast

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1094

ExtremeWare XOS 11.3 Command Reference

configure vlan add secondary-ipaddress

configure vlan add secondary-ipaddress


configure vlan <vlan_name> add secondary-ipaddress [<ipaddress> {<netmask>} | <ipNetmask>]

Description
Configures secondary IP addresses on a VLAN to support multinetting.

Syntax Description
vlan_name ipaddress netmask ipNetmask Specifies a VLAN name. Specifies an IP address. Specifies a network mask. Specifies an IP address with network mask.

Default
N/A.

Usage Guidelines
Adding a secondary IP address to a VLAN enables multinetting. Secondary addresses are added to support legacy stub IP networks. Once you have added a secondary IP address to a VLAN, you cannot unconfigure the primary IP address of that VLAN until you delete all the secondary addresses. Delete secondary address with the following command:
configure vlan <vlan_name> delete secondary-ipaddress [<ipaddress> | all]

Example
The following command configures the VLAN multi to support the 10.1.1.0/24 subnet in addition to its primary subnet:
configure vlan multi add secondary-ipaddress 10.1.1.1/24

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1095

IP Unicast Commands

configure vlan delete secondary-ipaddress


configure vlan <vlan_name> delete secondary-ipaddress [<ipaddress> | all]

Description
Removes secondary IP addresses on a VLAN.

Syntax Description
vlan_name ipaddress all Specifies a VLAN name. Specifies an IP address. Specifies all secondary IP addresses.

Default
N/A.

Usage Guidelines
Delete secondary IP addresses that were added to support multinetting. Once you have added a secondary IP address to a VLAN, you cannot unconfigure the primary IP address of that VLAN until you delete all the secondary addresses. Use the all keyword to delete all the secondary IP addresses from a VLAN.

Example
The following command removes the 10.1.1.0 secondary IP address from the VLAN multi:
configure vlan multi delete secondary-ipaddress 10.1.1.1

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1096

ExtremeWare XOS 11.3 Command Reference

configure vlan udp-profile

configure vlan udp-profile


configure vlan <vlan_name> udp-profile [<profilename> | none]

Description
Associates a UDP Forwarding profile to a VLAN.

Syntax Description
vlan_name profilename none Specifies a VLAN name. Specifies a policy file to use for the UDP forwarding profile. Removes any UDP forwarding profile from the VLAN.

Default
No UDP profiles are associated with the VLAN.

Usage Guidelines
You can apply a UDP forwarding policy only to an L3 VLAN (a Vlan having at least one IP address configured on it). If there is no IP address configured on the VLAN, then the command will be rejected. A UDP forwarding policy must contain only the following attributes. Unrecognized attributes will be ignored.

Match attributes

Destination UDP Port Number (destination-port) Source IP address (source-ipaddress) Destination IP address (destination-ipaddress) VLAN name (vlan)

Action modified (set) attributes


Policy files used for UDP forwarding are processed differently from standard policy files. Instead of terminating when an entrys match clause becomes true, each entry in the policy file will be processed and the corresponding action will be taken for each true match clause. For example, if the following policy file is used as a UDP forwarding profile, any packets destined for UDP port 67 will be sent to IP address 20.0.0.5 AND flooded to VLAN to7:
entry one { if match all { destination-port 67 ; } then { destination-ipaddress 20.0.0.5 ; } }

ExtremeWare XOS 11.3 Command Reference

1097

IP Unicast Commands
entry two { if match all { destination-port 67 ; } then { vlan "to7" ; } }

If you include more than one VLAN set attribute or more than one destination-ipaddress set attribute in one policy entry, the last one will be accepted and the rest ignored. Therefore, you can have two valid set statements in each entry of a UDP forwarding policy; one a destination-ipaddress and one a VLAN. ExtremeWare XOS currently allows a maximum of eight entries in a UDP forwarding policy, so you can define a maximum of sixteen destinations for one inbound broadcast UDP packet: eight IP address and eight VLANs.

NOTE
It is strongly advised not to have more than eight entries in a UDP forwarding profile. The UDP forwarding module will process those entries even if the entries do not contain any attributes for UDP forwarding. Having more than eight entries will drastically reduce the performance of the system. If the inbound UDP traffic rate is very high, having more than eight entries could cause the system to freeze or become locked.

NOTE
If you rename a VLAN referred to in your UDP forwarding profile, you must manually edit the policy to reflect the new name, and refresh the policy.

You can also validate whether the UDP profile has been successfully associated with the VLAN by using the command show policy {<policy-name> | detail}. UDP forwarding is implemented as part of the netTools process, so the command will display netTools as a user of the policy.

Example
The following command associates the UDP forwarding profile port123_to_corporate to the VLAN tosales:
configure vlan to-sales udp-profile port123_to_corporate

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1098

ExtremeWare XOS 11.3 Command Reference

disable bootp vlan

disable bootp vlan


disable bootp vlan [<vlan> | all]

Description
Disables the generation and processing of BOOTP packets on a VLAN to obtain an IP address for the VLAN from a BOOTP server.

Syntax Description
vlan all Specifies a VLAN name. Specifies all VLANs.

Default
Disabled.

Usage Guidelines
None.

Example
The following command disables the generation and processing of BOOTP packets on a VLAN named accounting:
disable bootp vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1099

IP Unicast Commands

disable bootprelay
disable bootprelay {vr <vrid>}

Description
Disables the BOOTP relay function.

Syntax Description
vrid Specifies the virtual router to be disabled.

Default
Disabled.

Usage Guidelines
This command can disable the BOOTP relay functionality for a particular virtual router, or all of them. If you use the command without specifying a virtual router, the functionality is disabled for all virtual routers.

Example
The following command disables the forwarding of BOOTP requests:
disable bootprelay

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1100

ExtremeWare XOS 11.3 Command Reference

disable icmp address-mask

disable icmp address-mask


disable icmp address-mask {vlan <name>}

Description
Disables the generation of an ICMP address-mask reply on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Disabled.

Usage Guidelines
Disables the generation of an ICMP address-mask reply (type 18, code 0) when an ICMP address mask request is received. The default setting is disabled. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command disables the generation of an ICMP address-mask reply on VLAN accounting:
disable icmp address-mask vlan accounting

History
This command was first available in ExtremeWare XOS 10.1. The default was changed to disabled in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1101

IP Unicast Commands

disable icmp parameter-problem


disable icmp parameter-problem {vlan <name>}

Description
Disables the generation of an ICMP parameter-problem message on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Disables the generation of an ICMP parameter-problem message (type 12) when the switch cannot properly process the IP header or IP option information. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command disables the generation of an ICMP parameter-problem message on VLAN accounting:
disable icmp parameter-problem vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1102

ExtremeWare XOS 11.3 Command Reference

disable icmp port-unreachables

disable icmp port-unreachables


disable icmp port-unreachables {vlan <name>}

Description
Disables the generation of ICMP port unreachable messages on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Disables the generation of ICMP port unreachable messages (type 3, code 3) when a TCP or UDP request is made to the switch, and no application is waiting for the request, or access policy denies the request. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command disables ICMP port unreachable messages on VLAN accounting:
disable icmp port-unreachables vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1103

IP Unicast Commands

disable icmp redirects


disable icmp redirects {vlan <name>}

Description
Disables generation of ICMP redirect messages on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Disables the generation of ICMP redirects (Type 5) to hosts who direct routed traffic to the switch where the switch detects that there is another router in the same subnet with a better route to the destination.

Example
The following command disables ICMP redirects from VLAN accounting:
disable icmp redirects vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1104

ExtremeWare XOS 11.3 Command Reference

disable icmp time-exceeded

disable icmp time-exceeded


disable icmp time-exceeded {vlan <name>}

Description
Disables the generation of ICMP time exceeded messages on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Disables the generation of an ICMP time exceeded message (type 11) when the TTL field expires during forwarding. IP multicast packets do not trigger ICMP time exceeded messages. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command disables the generation of ICMP time exceeded messages on VLAN accounting:
disable icmp time-exceeded vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1105

IP Unicast Commands

disable icmp timestamp


disable icmp timestamp {vlan <name>}

Description
Disables the generation of an ICMP timestamp response on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Disables the generation of an ICMP timestamp response (type 14, code 0) when an ICMP timestamp request is received. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command disables the generation of an ICMP timestamp response on VLAN accounting:
disable icmp timestamp vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1106

ExtremeWare XOS 11.3 Command Reference

disable icmp unreachables

disable icmp unreachables


disable icmp unreachables {vlan <name>}

Description
Disables the generation of ICMP unreachable messages on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Disables the generation of an ICMP timestamp response (type 3, code 0) when an ICMP timestamp request is received. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command disables the generation of ICMP unreachable messages on all VLANs:
disable icmp unreachables

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1107

IP Unicast Commands

disable icmp useredirects


disable icmp useredirects

Description
Disables the modification of route table information when an ICMP redirect message is received.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
This option only applies to the switch when the switch is not in routing mode. If the switch has a route to a destination network, the switch will use that router as the gateway to forward the packets to. If that router knows about a better route to the destination, and the next hop is in the same subnet as the originating router, the second router will send an ICMP redirect message to the first router. If ICMP useredirects is disabled, the switch will disregard these messages, and continue to send the packets to the second router.

Example
The following command disables the changing of routing table information:
disable icmp useredirects

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1108

ExtremeWare XOS 11.3 Command Reference

disable iparp checking

disable iparp checking


disable iparp {vr <vr_name>} checking

Description
Disable checking if the ARP Request source IP address is within the range of the local interface or VLAN domain.

Syntax Description
vr_name Specifies a virtual router.

Default
Enabled.

Usage Guidelines
If you do not specify a virtual router, the command applies to the current virtual router.

Example
The following command disables IP ARP checking:
disable iparp checking

History
This command was first available in ExtremeWare XOS 10.1. The vr option was added in ExtremeWare XOS 11.0

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1109

IP Unicast Commands

disable iparp refresh


disable iparp {vr <vr_name>} refresh

Description
Disables IP ARP to refresh its IP ARP entries before timing out.

Syntax Description
vr_name Specifies a virtual router.

Default
Enabled.

Usage Guidelines
The purpose of disabling ARP refresh is to reduce ARP traffic in a high node count layer 2 switching only environment. If you do not specify a virtual router, the command applies to the current virtual router.

Example
The following command disables IP ARP refresh:
disable iparp refresh

History
This command was first available in ExtremeWare XOS 10.1. The vr option was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1110

ExtremeWare XOS 11.3 Command Reference

disable ipforwarding

disable ipforwarding
disable ipforwarding {broadcast} {vlan <vlan_name>}

Description
Disables routing (or routing of broadcasts) for one or all VLANs. If no argument is provided, disables routing for all VLANs.

Syntax Description
broadcast vlan_name Specifies broadcast IP forwarding. Specifies a VLAN name.

Default
Disabled.

Usage Guidelines
Disabling IP forwarding also disables broadcast forwarding. Broadcast forwarding can be disabled without disabling IP forwarding. When new IP interfaces are added, IP forwarding (and IP broadcast forwarding) is disabled by default. Other IP related configuration is not affected.

Example
The following command disables forwarding of IP broadcast traffic for a VLAN named accounting:
disable ipforwarding broadcast vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1111

IP Unicast Commands

disable ip-option loose-source-route


disable ip-option loose-source-route

Description
Disables processing of the loose source route IP option in the IPv4 packet header.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Disables the switch from forwarding IP packets with the IP option for loose source routing turned on. Packets with the loose source route option enabled will be dropped by the switch.

Example
The following command disables processing of the loose source route IP option:
disable ip-option loose-source-route

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1112

ExtremeWare XOS 11.3 Command Reference

disable ip-option record-route

disable ip-option record-route


disable ip-option record-route

Description
Disables processing of the record route IP option in the IPv4 packet header.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Disables the switch from adding itself into the IP options header when the record route IP option is enabled in a packet that is transiting the switch.

Example
The following command disables processing of the record route IP option:
disable ip-option record-route

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1113

IP Unicast Commands

disable ip-option record-timestamp


disable ip-option record-timestamp

Description
Disables processing of the record timestamp IP option in the IPv4 packet header.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Disables the switch from adding a timestamp into the IP options header when it receives a packet with the record timestamp IP option.

Example
The following command disables processing of the record timestamp IP option:
disable ip-option record-timestamp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1114

ExtremeWare XOS 11.3 Command Reference

disable ip-option strict-source-route

disable ip-option strict-source-route


disable ip-option strict-source-route

Description
Disables processing the strict source route IP option in the IPv4 packet header.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Disables the switch from forwarding IP packets that have the strict source routing IP option turned on. The switch will drop packets that have the strict source routing IP option enabled.

Example
The following command disables processing of the strict source route IP option:
disable ip-option strict-source-route

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1115

IP Unicast Commands

disable ip-option router-alert


disable ip-option router-alert

Description
Disables processing of the router alert IP option in IPv4 packet headers.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
None.

Example
The following command disables processing of the router alert IP option:
disable ip-option router-alert

History
This command was first available in EXOS 10.1.

Platform Availability
This command is available on all platforms.

1116

ExtremeWare XOS 11.3 Command Reference

disable irdp

disable irdp
disable irdp {vlan <name>}

Description
Disables the generation of ICMP router advertisement messages on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Disabled.

Usage Guidelines
If no optional argument is specified, all the IP interfaces are affected.

Example
The following command disables IRDP on VLAN accounting:
disable irdp vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1117

IP Unicast Commands

disable udp-echo-server
disable udp-echo-server {vr <vrid>}

Description
Disables UDP echo server support.

Syntax Description
vr Specifies a virtual router.

Default
Disabled.

Usage Guidelines
UDP Echo packets are used to measure the transit time for data between the transmitting and receiving end.

Example
The following command disables UDP echo server support:
disable udp-echo-server

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1118

ExtremeWare XOS 11.3 Command Reference

enable bootp vlan

enable bootp vlan


enable bootp vlan [<vlan> | all]

Description
Enables the generation and processing of BOOTP packets on a VLAN to obtain an IP address for the VLAN from a BOOTP server.

Syntax Description
vlan all Specifies a VLAN name. Specifies all VLANs.

Default
Disabled.

Usage Guidelines
None.

Example
The following command enables the generation and processing of BOOTP packets on a VLAN named accounting:
enable bootp vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1119

IP Unicast Commands

enable bootprelay
enable bootprelay {vr <vrid>}

Description
Enables the BOOTP relay function.

Syntax Description
This command has no arguments or variables.

Default
Disabled. The default virtual router is VR-Default.

Usage Guidelines
After IP unicast routing has been configured, you can configure the switch to forward Dynamic Host Configuration Protocol (DHCP) or BOOTP requests coming from clients on subnets being serviced by the switch and going to hosts on different subnets. This feature can be used in various applications, including DHCP services between Windows NT servers and clients running Windows 95. To configure the relay function, follow these steps: 1 Configure VLANs and IP unicast routing. 2 Configure the addresses to which DHCP or BOOTP requests should be directed, using the following command:
configure bootprelay add <ip_address>

3 Enable the DHCP or BOOTP relay function, using the following command:
enable bootprelay

Example
The following command enables the forwarding of BOOTP requests:
enable bootprelay

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1120

ExtremeWare XOS 11.3 Command Reference

enable icmp address-mask

enable icmp address-mask


enable icmp address-mask {vlan <name>}

Description
Enables the generation of an ICMP address-mask reply on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Disabled.

Usage Guidelines
Enables the generation of an ICMP address-mask reply (type 18, code 0) when an ICMP address mask request is received. The default setting is disabled. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command enables the generation of an ICMP address-mask reply on VLAN accounting:
enable icmp address-mask vlan accounting

History
This command was first available in ExtremeWare XOS 10.1. The default was changed to disabled in ExtremeWare 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1121

IP Unicast Commands

enable icmp parameter-problem


enable icmp parameter-problem {vlan <name>}

Description
Enables the generation of an ICMP parameter-problem message on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Enables the generation of an ICMP parameter-problem message (type 12) when the switch cannot properly process the IP header or IP option information. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command enables the generation of an ICMP parameter-problem message on VLAN accounting:
enable icmp parameter-problem vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1122

ExtremeWare XOS 11.3 Command Reference

enable icmp port-unreachables

enable icmp port-unreachables


enable icmp port-unreachables {vlan <name>}

Description
Enables the generation of ICMP port unreachable messages on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Enables the generation of ICMP port unreachable messages (type 3, code 3) when a TCP or UDP request is made to the switch, and no application is waiting for the request, or access policy denies the request. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command enables ICMP port unreachable messages on VLAN accounting:
enable icmp port-unreachables vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1123

IP Unicast Commands

enable icmp redirects


enable icmp redirects {vlan <name>}

Description
Enables generation of ICMP redirect messages on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
This option only applies to the switch when the switch is in routing mode. ICMP redirects are used in the situation where there are multiple routers in the same subnets. If a host sends a packet to it's default gateway, the gateway router will look at it's route table to find the best route to the destination. If it sees that the best route is through a router in the same subnet as the originating host, the switch will send an ICMP redirect (type 5) message to the host that originated the packet, telling it to use the other router with the better route. The switch will also forward the packet to the destination.

Example
The following command enables the generation of ICMP redirect messages on all VLANs:
enable icmp redirects

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1124

ExtremeWare XOS 11.3 Command Reference

enable icmp time-exceeded

enable icmp time-exceeded


enable icmp time-exceeded {vlan <name>}

Description
Enables the generation of ICMP time exceeded messages on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Enables the generation of an ICMP time exceeded message (type 11) when the TTL field expires during forwarding. IP multicast packets do not trigger ICMP time exceeded messages. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command enables the generation of ICMP time exceeded messages on VLAN accounting:
enable icmp time-exceeded vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1125

IP Unicast Commands

enable icmp timestamp


enable icmp timestamp {vlan <name>}

Description
Enables the generation of an ICMP timestamp response on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Enables the generation of an ICMP timestamp response (type 14, code 0) when an ICMP timestamp request is received. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command enables the generation of an ICMP timestamp response on VLAN accounting:
enable icmp timestamp vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1126

ExtremeWare XOS 11.3 Command Reference

enable icmp unreachables

enable icmp unreachables


enable icmp unreachables {vlan <name>}

Description
Enables the generation of ICMP unreachable messages on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
Enables the generation of an ICMP timestamp response (type 3, code 0) when an ICMP timestamp request is received. If a VLAN is not specified, the command applies to all IP interfaces. This command only affects the generation of certain ICMP packets. Filtering of ICMP packets usually forwarded by the switch is controlled by the access-list commands.

Example
The following command enables the generation of ICMP unreachable messages on all VLANs:
enable icmp unreachables

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1127

IP Unicast Commands

enable icmp useredirects


enable icmp useredirects

Description
Enables the modification of route table information when an ICMP redirect message is received.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
If the switch has a route to a destination network, the switch will use that router as the gateway to forward the packets to. If that router knows about a better route to the destination, and the next hop is in the same subnet as the originating router, the second router will send an ICMP redirect message to the originating router. If ICMP useredirects is enabled, the switch will add a route to the destination network using the third router as the next hop and start sending the packets to the third router.

Example
The following command enables the modification of route table information:
enable icmp useredirects

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1128

ExtremeWare XOS 11.3 Command Reference

enable iparp checking

enable iparp checking


enable iparp {vr <vr_name>} checking

Description
Enables checking if the ARP Request source IP address is within the range of the local interface or VLAN domain.

Syntax Description
vr_name Specifies a virtual router.

Default
Enabled.

Usage Guidelines
If you do not specify a virtual router, the command applies to the current virtual router.

Example
The following command enables IP ARP checking:
enable iparp checking

History
This command was first available in ExtremeWare XOS 10.1. The vr option was added in ExtremeWare XOS 11.0

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1129

IP Unicast Commands

enable iparp refresh


enable iparp {vr <vr_name>} refresh

Description
Enables IP ARP to refresh its IP ARP entries before timing out.

Syntax Description
vr_name Specifies a virtual router.

Default
Enabled.

Usage Guidelines
IP ARP refresh is used so that the switch does not have to wait for the ARP timer for a host to expire before re-ARPing for the host. If ARP refresh is enabled, the switch will re-ARP for the host at 3/4th of the configured ARP timer. For example: If the ARP timeout is set to 20 minutes, the switch will attempt to re-ARP for the host when the host entry is at 15 minutes. If the host replies, the ARP entry is reset back to 0, and the timer starts again. If you do not specify a virtual router, the command applies to the current virtual router.

Example
The following command enables IP ARP refresh:
enable iparp refresh

History
This command was first available in ExtremeWare XOS 10.1. The vr option was added in ExtremeWare XOS 11.0

Platform Availability
This command is available on all platforms.

1130

ExtremeWare XOS 11.3 Command Reference

enable ipforwarding

enable ipforwarding
enable ipforwarding {ipv4 | broadcast | ignore-broadcast | fast-directbroadcast} {vlan <vlan_name>}

Description
Enables IPv4 routing or IPv4 broadcast forwarding for one or all VLANs. If no argument is provided, enables IPv4 routing for all VLANs that have been configured with an IP address on the current virtual router.

Syntax Description
ipv4 broadcast ignore-broadcast fast-direct-broadcast vlan_name Specifies IPv4 forwarding Specifies broadcast IP forwarding. Specifies to ignore broadcast forwarding. Specifies fast direct broadcast forwarding. Specifies a VLAN name.

Default
Disabled.

Usage Guidelines
IP forwarding must first be enabled before IP broadcast forwarding can be enabled. When new IP interfaces are added, IP forwarding (and IP broadcast forwarding) is disabled by default. Other IP related configuration is not affected.

Example
The following command enables forwarding of IP traffic for all VLANs in the current virtual router context with IP addresses:
enable ipforwarding

The following command enables forwarding of IP broadcast traffic for a VLAN named accounting:
enable ipforwarding broadcast vlan accounting

History
This command was first available in ExtremeWare XOS 10.1. The ipv4 keyword was added in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

1131

IP Unicast Commands

Platform Availability
This command is available on all platforms.

1132

ExtremeWare XOS 11.3 Command Reference

enable ip-option loose-source-route

enable ip-option loose-source-route


enable ip-option loose-source-route

Description
Enables processing of the loose source route IP option in the IPv4 packet header.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
This enables the switch to forward IP packets that have the loose source route IP option (0x83) enabled. Source routing is used when a sending host specifies the router interfaces that the packet must traverse on it's way to it's destination. When loose source routing is used, it means that the packet may traverse through other routers that lie in between the designated router path. With loose source routing enabled, the switch will forward IP packets with the loose source route option enabled, if the switch's IP is in the designated list, or is not in the list.

Example
The following command enables processing of the loose source route IP option:
enable ip-option loose-source-route

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1133

IP Unicast Commands

enable ip-option record-route


enable ip-option record-route

Description
Enables processing of the record route IP option in the IPv4 packet header.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
IP option record-route (IP option 7) means that each router along the path should add it's IP address into the options data. Enabling means that the switch will add itself into the IP options header when the record route IP option is enabled in a packet that is transiting the switch.

Example
The following command enables processing of the record route IP option:
enable ip-option record-route

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1134

ExtremeWare XOS 11.3 Command Reference

enable ip-option record-timestamp

enable ip-option record-timestamp


enable ip-option record-timestamp

Description
Enables processing of the record timestamp IP option in the IPv4 packet header.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Enables the switch to use the timestamp IP option (0x44). When the switch receives an IP packet with the timestamp option turned on, it will insert the timestamp into the IP options header before forwarding the packet to the destination.

Example
The following command enables processing of the record timestamp IP option:
enable ip-option record-timestamp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1135

IP Unicast Commands

enable ip-option strict-source-route


enable ip-option strict-source-route

Description
Enables processing of the strict source route IP option in the IPv4 packet header.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
This enables the switch to forward IP packets that have the strict source route IP option (0x89) enabled. Source routing is used when a sending host specifies the router interfaces that the packet must traverse on it's way to it's destination. When strict source routing is used, it means that the packet must use the exact path of routers that lie in the designated router path. With strict source routing enabled, the switch will forward IP packets with the strict source route option enabled, only if the switch's IP is in the designated list and as long as the next hop in the list is directly attached to one of the router's interfaces.

Example
The following command enables processing of the strict source route IP option:
enable ip-option strict-source-route

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1136

ExtremeWare XOS 11.3 Command Reference

enable ip-option router-alert

enable ip-option router-alert


enable ip-option router-alert

Description
Enables processing of the router alert IP option in IPv4 packet headers.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
None.

Example
The following command enables processing of the router alert IP option:
enable ip-option router-alert

History
This command was first available in EXOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1137

IP Unicast Commands

enable iproute sharing


enable iproute sharing

Description
Enables load sharing if multiple routes to the same destination are available. When multiple routes to the same destination are available, load sharing can be enabled to distribute the traffic to multiple destination gateways. Only paths with the same lowest cost is will be shared.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
IP route sharing allows multiple equal-cost routes to be used concurrently. IP route sharing can be used with static routes or with OSPF routes. In OSPF, this capability is referred to as equal cost multipath (ECMP) routing. Configure static routes and/or OSPF as you would normally. ExtremeWare XOS supports route sharing across up to 8 static routes or ECMP routes for OSPF on the BlackDiamond 10K and 4 on the BlackDiamond 8800 family and Summit X450 switches. Route sharing is useful only in instances where you are constrained for bandwidth. This is typically not the case using Extreme switches. Using route sharing makes router troubleshooting more difficult because of the complexity in predicting the path over which the traffic will travel.

Example
The following command enables load sharing for multiple routes:
enable iproute sharing

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1138

ExtremeWare XOS 11.3 Command Reference

enable irdp

enable irdp
enable irdp {vlan <name>}

Description
Enables the generation of ICMP router advertisement messages on one or all VLANs.

Syntax Description
name Specifies a VLAN name.

Default
Disabled.

Usage Guidelines
ICMP Router Discovery Protocol allows client machines to determine what default gateway address to use. The switch will send out IP packets at the intervals specified identifying itself as a default router. IRDP enabled client machines will use this information to determine which gateway address to use for routing data packets to other networks. If no optional argument is specified, all the IP interfaces are affected.

Example
The following command enables IRDP on VLAN accounting:
enable irdp vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1139

IP Unicast Commands

enable udp-echo-server
enable udp-echo-server {vr <vrid>}{udp-port <port>}

Description
Enables UDP echo server support.

Syntax Description
port vr Specifies the UDP port. Specifies the virtual router.

Default
Disabled.

Usage Guidelines
UDP Echo packets are used to measure the transit time for data between the transmitting and receiving end.

Example
The following command enables UDP echo server support:
enable udp-echo-server

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1140

ExtremeWare XOS 11.3 Command Reference

rtlookup

rtlookup
rtlookup {<ipaddress> | <ipv6address>}{vr <vrname>}

Description
Performs a look-up in the route table to determine the best route to reach an IP address or host.

Syntax Description
ipaddress ipv6address vrname Specifies an IPv4 address. Specifies an IPv6 address. Specifies the virtual router to route from.

Default
N/A.

Usage Guidelines
None.

Example
The following command performs a look up in the route table to determine the best way to reach the specified IP address:
rtlookup 10.34.25.1

History
This command was first available in ExtremeWare XOS 10.1. The xhostname option was removed in ExtremeWare XOS 11.0 Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1141

IP Unicast Commands

show bootprelay
show bootprelay

Description
Displays the DHCP/BOOTP relay statistics and configuration for the virtual routers.

Syntax Description
This command has no arguments or variables.

Default
None.

Usage Guidelines
None.

Example
The following command displays the DHCP/BOOTP relay statistics for existing virtual routers:
show bootprelay

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1142

ExtremeWare XOS 11.3 Command Reference

show iparp

show iparp
show iparp {<ip_addr> | <mac> | vlan <vlan_name> | permanent} {vr <vr_name>}

Description
Displays the IP Address Resolution Protocol (ARP) table. You can filter the display by IP address, MAC address, VLAN, or permanent entries.

Syntax Description
ip_addr mac vlan_name permanent vr_name Specifies an IP address. Specifies a MAC address. Specifies a VLAN name. Specifies permanent entries. Specifies a virtual router.

Default
Show all entries, except for proxy entries.

Usage Guidelines
Displays the IP ARP table, including:

IP address MAC address Aging timer value VLAN name, VLAN ID and port number Flags

If you do not specify a virtual router, the command applies to the current virtual router. The show output displays the following information:
Dynamic entries Static entries Pending entries In Request In Response Out Request Out Response Failed requests Proxy Answered The number of dynamic (learned ARP) entries in the table. The number of configured (static ARP) entries in the table. The number of sent ARP requests that have not yet received a response. The number of ARP request packets received (by this virtual router). The number of ARP reply packets received (by this virtual router). The number of ARP request packets sent (by this virtual router). The number of ARP reply packets sent (by this virtual router). The number of failed ARP requests sent (by this virtual router). The number of ARP requests answered by the ARP proxy.

ExtremeWare XOS 11.3 Command Reference

1143

IP Unicast Commands

RX Error

The number of incorrect ARP request and reply packets received. The malformed packets include the following errors: incorrect ARP op code, hardware address type is not ethernet, the protocol address is not IP, and similar errors. IP addresses that have been used by other hosts on the network. The number of rejected ARP request packets. The source address for the last rejected ARP request. An example reason for an ARP request packet to be rejected is if the source address of the packet is not in the subnet. The port on which the last rejected ARP request packet arrived. The VLAN on which the last rejected ARP request packet arrived. Maximum ARP table size for the virtual router (each virtual router has its own ARP table). Maximum number of incomplete (pending) ARP entries allowed in the table. Whether IP ARP checking is enabled or disabled. IP ARP checking verifies if the ARP requests source address is in the receiving interfaces subnet. Whether ARP refresh is enabled or disabled. ARP refresh is performed when an ARP entrys age is three-fourths of the timeout value. Timeout value for a dynamic (learned) ARP entry.

Dup IP Addr Rejected Count Rejected IP

Rejected Port Rejected I/F Max ARP entries Max ARP pending entries ARP address check ARP refresh Timeout

Example
The following command displays the IP ARP table for the current virtual router:
show iparp

The following is sample output for the command:


VR VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default VR-Default Destination 10.10.10.6 10.128.32.1 10.128.32.2 10.128.32.4 10.128.32.5 10.128.32.6 10.128.32.7 10.128.32.8 10.128.32.9 10.128.32.10 10.128.32.11 10.128.32.12 10.128.32.13 10.128.32.16 10.128.32.17 10.128.32.19 10.128.32.20 10.128.32.24 10.128.32.26 10.128.32.30 10.128.32.54 10.128.32.55 10.128.32.59 10.128.32.99 10.128.32.101 10.128.32.104 Mac 00:04:96:1f:a5:71 00:01:30:ba:6a:a0 00:01:03:1c:ae:b0 00:d0:59:17:74:83 00:02:a5:c2:5c:dd 00:12:3f:1c:f8:fb 00:11:11:80:9c:b9 00:11:43:53:8e:f1 00:02:a5:bf:ac:70 00:11:43:44:18:68 00:12:3f:1c:e9:f2 00:02:a5:bf:af:79 00:11:43:40:89:91 00:0f:1f:c9:2d:80 00:06:5b:b1:6a:91 00:11:43:3a:96:1d 00:08:02:d5:c5:b7 00:12:3f:0a:44:92 00:50:04:ad:36:5e 00:b0:d0:23:f2:9a 00:b0:d0:59:e4:e2 00:a0:c9:0c:41:de 00:b0:d0:7c:d6:07 00:04:96:05:00:03 00:04:96:1f:a8:48 00:30:48:41:ed:45 Age 8 0 5 3 0 5 7 0 7 10 0 8 0 2 1 10 6 14 6 11 6 3 14 13 0 0 Static NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO VLAN bluered Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default Default VID Port 4092 1 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095 4095

1144

ExtremeWare XOS 11.3 Command Reference

show iparp
VR-Default VR-Default VR-Default VR-Default 10.128.32.105 10.128.32.106 10.128.32.108 10.128.32.116 : : : : : : : : : 1 0 111 110 0 0 0 00:30:48:41:ed:97 00:01:30:23:c1:00 00:04:96:1f:a5:71 00:04:96:1f:a4:0e 0 0 0 0 NO NO NO NO Default Default Default Default : : : 4095 4095 4095 4095 0 3 111

Dynamic Entries Pending Entries In Request Out Request Failed Requests Proxy Answered Rx Error Rejected Count Rejected Port

Static Entries In Response Out Response

Dup IP Addr Rejected IP Rejected I/F Max ARP pending entries ARP refresh

: : : : :

0.0.0.0

Max ARP entries : ARP address check: Timeout :

4096 Enabled 20 minutes

256 Enabled

History
This command was first available in ExtremeWare XOS 10.1. The vr option was added in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1145

IP Unicast Commands

show iparp proxy


show iparp proxy {[<ipNetmask> | <ip_addr> <mask>]} {vr <vr_name>}

Description
Displays the proxy ARP table.

Syntax Description
ipNetmask ip_address mask vr_name Specifies an IP address/mask length. Specifies an IP address. Specifies a subnet mask. Specifies a virtual router.

Default
N/A.

Usage Guidelines
If no argument is specified, then all proxy ARP entries are displayed. If you do not specify a virtual router, the command applies to the current virtual router.

Example
The following command displays the proxy ARP table:
show iparp proxy 10.1.1.5/24

History
This command was first available in ExtremeWare XOS 10.1. The vr option was added in ExtremeWare XOS 11.0

Platform Availability
This command is available on all platforms.

1146

ExtremeWare XOS 11.3 Command Reference

show ipconfig

show ipconfig
show ipconfig {ipv4} {vlan <vlan_name>}

Description
Displays configuration information for one or more VLANs.

Syntax Description
vlan_name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
If no VLAN information is specified, then global IP configuration is displayed. Otherwise, specific VLAN(s) information will be displayed. Global IP configuration information includes:

IP address/netmask/etc. IP forwarding information / IP multicast forwarding information VLAN name and VLANID ICMP configuration (global) IRDP configuration (global)

Example
The following command displays configuration information on a VLAN named accounting:
show ipconfig vlan accounting

History
This command was first available in ExtremeWare XOS 10.1. The ipv4 keyword was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1147

IP Unicast Commands

show iproute
show iproute {ipv4} {priority | vlan <vlan_name> | permanent | <ip_address> <netmask> | summary} {multicast | unicast} {vr <vrname>}}

Description
Displays the contents of the IP routing table or the route origin priority.

Syntax Description
priority vlan_name permanent ip_address netmask Specifies a route priority. Specifies a VLAN name. Specifies permanent routing. Specifies an IP address. Specifies a subnet mask.

Default
N/A.

Usage Guidelines
If a route is active and in use, it is preceded in the display by an *. If there are multiple routes to the same destination network, the * will indicate which route is the most preferable route. If you do not specify a virtual router, the command applies to the current virtual router.

Example
The following command displays detailed information about all IP routing:
show iproute

History
This command was first available in ExtremeWare XOS 10.1. The ipv4 keyword was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1148

ExtremeWare XOS 11.3 Command Reference

show iproute origin

show iproute origin


show iproute {ipv4} origin [bgp | ebgp | ibgp | direct | static | blackhole | rip | bootp | icmp | imbgp | ospf | ospf-intra | ospf-inter | ospfextern1 | ospf-extern2] {vr <vrname>}

Description
Displays the contents of the IP routing table for routes with the specified origin.

Syntax Description
origin Specifies the origin of the routes to display.

Default
N/A.

Usage Guidelines
Policies for IP routing can be configured based on the route origin. When routes are added to the IP routing table from various sources, the routing policies configured for the origin of the route is applied to the route. After matching on specified characteristics, the characteristics for the route can be modified using the policy. The characteristics that can be matched and modified are dependent on the origin of the route. Policies for IP routing can be dynamically changed. In the case of direct and static route origins, the changes are reflected immediately. In the case of routes that are sourced from other origin, the changes are reflected within 30 seconds.

Example
The following command displays all the BGP routes:
show iproute origin bgp

History
This command was first available in ExtremeWare XOS 10.1. The ipv4 keyword was added in ExtremeWare XOS 11.2

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1149

IP Unicast Commands

show ipstats
show ipstats {ipv4} {vlan <name> | vr <vrname>}

Description
Displays IP statistics for the CPU for the switch or for a particular VLAN.

Syntax Description
name vrname Specifies a VLAN name. Specifies a virtual router.

Default
N/A.

Usage Guidelines
This command only shows statistics of the CPU-handled packets. Not all packets are handled by the CPU. If you do not specify a virtual router, the command applies to the current virtual router. The fields displayed in the show ipstats command are defined in Table 24 though Table 27.

Table 24: Global IP statistics field definitions


Field InReceives InUnicast InBcast InMcast InHdrEr Bad vers Bad chksum Short pkt Short hdr Bad hdrlen Bad length InDelivers Bad Proto OutRequest OutDiscard OutNoRoute Definition Total number of incoming IP packets processed by the CPU. Total number of unicast IP packets processed by the CPU. Total number of broadcast IP packets processed by the CPU. Total number of multicast IP packets processed by the CPU. Total number of packets with an IP Header Error forwarded to the CPU. Total number of packets with a version other than IP v4 in the IP version field. Total number of packets with a bad IP checksum forwarded to the CPU. IP packets that are too short. IP packets with a header that is too short. IP packets with a header length that is less than the length specified. IP packets with a length less than that of the header. IP packets passed to upper layer protocols. IP packets with unknown (not standard) upper layer protocol. IP packets sent from upper layers to the IP stack. IP packets that are discarded due to lack of buffer space or the router interface being down, or broadcast packets with broadcast forwarding disabled. IP packets with no route to the destination.

1150

ExtremeWare XOS 11.3 Command Reference

show ipstats

Table 24: Global IP statistics field definitions (Continued)


Field Forwards ForwardOK Fwd Err NoFwding Redirects No route Bad TTL Bad MC TTL Bad IPdest Blackhole Output err MartianSrc Definition ForwardOK and Fwd Err aggregate count. Total number of IP packets forwarded correctly. Total number of IP packets that cannot be forwarded. Aggregate number of IP packets not forwarded due to errors. IP packets forwarded on the same network. Not used. IP packets with a bad time-to-live. IP packets with a bad multicast time-to-live. IP packets with an address that does not comply with the IP v4 standard. IP packets with a destination that is a blackhole entry. Not used. This is the same as Fwd Err. IP packets with an invalid source address.

Table 25: Global ICMP statistics field definitions


Field OutResp OutError InBadcode InTooshort Bad chksum In Badlen echo reply (In/Out): destination unreachable (In/Out): port unreachable (In/ Out): echo (In/Out): Definition Echo replies sent from the CPU. Redirect from broadcast or multicast source addresses. Incoming ICMP packets with an invalid CODE value. Incoming ICMP packets that are too short. Incoming ICMP packets with checksum errors. Incoming ICMP packets with length errors. ICMP echo reply packets that are received and transmitted. ICMP packets with destination unreachable that are received and transmitted. ICMP packets with port unreachable that are received and transmitted. ICMP echo packets that are received and transmitted.

Table 26: Global IGMP statistics field definitions


Field Out Query Out Report Out Leave In Query In Report In Leave In Error Definition Number of IGMP query messages sent by the router. Number of reports sent on an active multicast route interface for reserved multicast addresses and for regular IGMP reports forwarded by the query router. Number of IGMP out leave messages forwarded for IP multicast router interfaces. Number of IGMP query messages received. Number of IGMP report messages received (mostly from hosts). Number of IGMP leave messages received (mostly from hosts). Number of IGMP packets with bad header fields or checksum failures.

ExtremeWare XOS 11.3 Command Reference

1151

IP Unicast Commands

Table 27: Router interface statistics field definitions


Field Packets IN/OUT Octets IN/OUT Mcast packets IN/OUT Bcast packets IN/OUT Errors IN/OUT Discards IN/OUT Unknown Protocols IN/OUT Definition Total number of IP packets received or transmitted on a VLAN router interface. Total number of octets received or transmitted on a VLAN router interface. Total number of multicast packets received or transmitted on a VLAN router interface. Total number of broadcast packets received or transmitted on a VLAN router interface. Total number of IP packets with errors received or transmitted on a VLAN router interface. Total number of IP packets that cannot travel up to the CPU due to lack of buffer space. Total number of IP packets with unknown upper layer protocols received by the router interface.

Example
The following command displays IP statistics for the VLAN accounting:
show ipstats vlan accounting

History
This command was first available in ExtremeWare XOS 10.1. The keyword ipv4 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1152

ExtremeWare XOS 11.3 Command Reference

show udp-profile

show udp-profile
show udp-profile {vlan <vlan-name> | {policy} <policy-name>}

Description
Displays UDP forwarding profiles.

Syntax Description
vlan-name policy-name Specifies a VLAN. Specifies a UDP forwarding profile.

Default
If no VLAN or policy is specified, all configured profiles will be displayed.

Usage Guidelines
UDP profiles can also be displayed by using the policy manager command show policy {<policyname> | detail}. However, the format of the policy display will be different than this command

Example
The following command displays all the configured UDP forwarding profiles on the switch:
show udp-profile

The following is sample output:


UDP Profile Name: move_to7 Number of datagram forwarded: 181 Dest UDP Port: 67 Fwd to IP Addr: 20.0.0.5 Dest UDP Port: 67 Fwd to VLAN: to7 Applied to incoming traffic on VLANS: to-mariner

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1153

IP Unicast Commands

unconfigure bootprelay dhcp-agent information check


unconfigure bootprelay dhcp-agent information check

Description
Disables the Dynamic Host Configuration Protocol (DHCP) relay agent option (option 82) checking.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
In some instances, a DHCP server may not properly handle a DHCP request packet containing a relay agent option. Use this command to disable the switch from preventing DHCP reply packets with invalid or missing relay agent options from being forwarded to the client. To enable this check, use the following command:
configure bootprelay dhcp-agent information check

Example
The following command disables the DHCP relay agent option check:
unconfigure bootprelay dhcp-agent information check

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1154

ExtremeWare XOS 11.3 Command Reference

unconfigure bootprelay dhcp-agent information option

unconfigure bootprelay dhcp-agent information option


unconfigure bootprelay dhcp-agent information option

Description
Disables the Dynamic Host Configuration Protocol (DHCP) relay agent option (option 82).

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
To enable the DHCP relay agent option (option 82), use the following command:
configure bootprelay dhcp-agent information option

Example
The following command disables the DHCP relay agent option:
unconfigure bootprelay dhcp-agent information option

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1155

IP Unicast Commands

unconfigure bootprelay dhcp-agent information policy


unconfigure bootprelay dhcp-agent information policy

Description
Unconfigures the Dynamic Host Configuration Protocol (DHCP) relay agent option (option 82) policy.

Syntax Description
This command has no arguments or variables.

Default
Replace.

Usage Guidelines
Use this command to unconfigure the policy for the relay agent.

Example
The following command unconfigures the DHCP relay agent option 82 policy:
unconfigure bootprelay dhcp-agent information policy

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1156

ExtremeWare XOS 11.3 Command Reference

unconfigure icmp

unconfigure icmp
unconfigure icmp

Description
Resets all ICMP settings to the default values.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command resets all ICMP settings to the default values.
unconfigure icmp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1157

IP Unicast Commands

unconfigure iparp
unconfigure iparp

Description
Resets the following to their default values:

IP ARP timeout max ARP entries max ARP pending entries ARP checking ARP refresh

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command resets IP ARP timeout to its default value:
unconfigure iparp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1158

ExtremeWare XOS 11.3 Command Reference

unconfigure irdp

unconfigure irdp
unconfigure irdp

Description
Resets all router advertisement settings to the default values.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command resets all router advertisement settings to the default values.
unconfigure irdp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1159

IP Unicast Commands

unconfigure udp-profile
unconfigure vlan <vlan_name> udp-profile

Description
Removes any UDP forwarding profile from a VLAN.

Syntax Description
vlan_name Specifies a VLAN name.

Default
No UDP profiles are associated with the VLAN.

Usage Guidelines
None.

Example
The following command removes any UDP forwarding profile from the VLAN to-sales:
unconfigure vlan to-sales udp-profile

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1160

ExtremeWare XOS 11.3 Command Reference

23 IPv6 Unicast Commands


The switch provides full Layer 3, IPv6 unicast routing. It exchanges routing information with other routers on the network using either the IPv6 version of Routing Information Protocol (RIPng) or the IPv6 version of Open Shortest Path First (OSPFv3) protocol. The switch dynamically builds and maintains a routing table and determines the best path for each of its routes. Beginning in release 11.2, ExtremeWare XOS can provide both IPv4 and IPv6 routing at the same time. Separate routing tables are maintained for the two versions. Most commands that require you to specify an IP address can now accept either an IPv4 or IPv6 address and act accordingly. Additionally, many of the IP configuration, enabling, and display commands have added tokens for IPv4 and IPv6 to clarify the version required. For simplicity, existing commands affect IPv4 by default and require you to specify IPv6, so configurations from an earlier release will still correctly configure an IPv4 network. This chapter contains commands used with IPv6 unicast routing.

ExtremeWare XOS 11.3 Command Reference

1161

IPv6 Unicast Commands

clear neighbor-discovery cache


clear neighbor-discovery cache ipv6 {<ipv6address> {vr <vr_name>} | vlan <vlan_name> | vr <vr_name>}

Description
Deletes a dynamic entry from the neighbor cache.

Syntax Description
vr_name ipv6address vlan_name Specifies a virtual router. Specifies an IPv6 address. Specifies an IPv6 configured VLAN.

Default
N/A.

Usage Guidelines
This command clears dynamic entries from the neighbor cache. The vr option is used to specify the virtual router on which the operation is performed. When this option is omitted it applies to VRDefault. When the ipv6address or vlan options are specified, only the entries with matching IPv6 addresses or that correspond to that VLAN are cleared.

Example
The following command clears all entries from the neighbor cache:
clear neighbor-discovery cache

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1162

ExtremeWare XOS 11.3 Command Reference

configure iproute add

configure iproute add


configure iproute add <ipv6Netmask> [<ipv6Gateway> | <ipv6ScopedGateway>] {<metric>} {vr <vrname>} {multicast-only | unicast-only}

Description
Adds an IPv6 static route to the routing table.

Syntax Description
ipv6Netmask ipv6Gateway ipv6ScopedGateway metric vrname multicast-only unicast-only Specifies an IPv6 address/prefix length. Specifies a gateway. Specifies a scoped gateway. Specifies a cost metric. Specifies the virtual router to which the route is added. Specifies only multicast traffic for the route. Specifies only unicast traffic for the route.

Default
If you do not specify a virtual router, the current virtual router context is used. If you do not specify a metric, then the default metric of 1 is used.

Usage Guidelines
Use a prefix length of 128 to indicate a host entry.

Example
The following command adds a static route to the routing table:
configure iproute add 2001:db8:0:1111::/64 fe80::1111

History
This command was first available in ExtremeWare XOS 10.1. Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1163

IPv6 Unicast Commands

configure iproute add blackhole


configure iproute add blackhole [<ipv6Netmask>] {vr <vrname>} {multicastonly | unicast-only}

Description
Adds a blackhole address to the routing table. All traffic destined for a configured blackhole IP address is silently dropped.

Syntax Description
ipv6Netmask vrname multicast-only unicast-only Specifies an IPv6 address/prefix length. Specifies the virtual router to which the route is added. Specifies only multicast traffic for the route. Specifies only unicast traffic for the route.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
A blackhole entry directs packets with a matching specified address prefix to be discarded. Blackhole entries are useful as a security measure or in special circumstances where a specific destination address must be discarded. Blackhole entries are treated like permanent entries in the event of a switch reset or power off/on cycle. Blackhole entries are never aged out of the forwarding database (FDB). The packets are silently discarded. In other words, no ICMP message is sent to indicate that the packets are discarded.

Example
The following command causes packets with a destination address of 2001:db8::3452 to be silently discarded:
configure iproute add blackhole 2001:db8::3452/128

History
This command was first available in ExtremeWare XOS 10.1. Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1164

ExtremeWare XOS 11.3 Command Reference

configure iproute add blackhole ipv6 default

configure iproute add blackhole ipv6 default


configure iproute add blackhole ipv6 default {vr <vrname>} {multicast-only | unicast-only}

Description
Adds a default blackhole route to the routing table. All traffic destined for an unknown IP destination is silently dropped.

Syntax Description
vr_name multicast-only unicast-only Specifies the virtual router to which the route is added. Specifies only multicast traffic for the route. Specifies only unicast traffic for the route.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
While a default route is for forwarding traffic destined to an unknown IP destination, and a blackhole route is for discarding traffic destined to a specified IP destination, a default blackhole route is for discarding traffic to the unknown IP destination. Using this command, all traffic with an unknown destination is discarded. The default blackhole route is treated like a permanent entry in the event of a switch reset or power off/on cycle. The default blackhole routes origin is b or blackhole and the gateway IP address for this route is ::. The packets are silently discarded. In other words, no ICMP message is sent to indicate that the packets are discarded.

Example
The following command adds a blackhole default route into the routing table:
configure iproute add blackhole default

History
This command was first available in ExtremeWare XOS 10.1. Support for IPv6 was added in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

1165

IPv6 Unicast Commands

Platform Availability
This command is available on all platforms.

1166

ExtremeWare XOS 11.3 Command Reference

configure iproute add default

configure iproute add default


configure iproute add default [<ipv6Gateway> | <ipv6ScopedGateway>] {vr <vrname>} {<metric>} {multicast-only | unicast-only}

Description
Adds a default gateway to the routing table.

Syntax Description
ipv6Gateway metric ipv6ScopedGateway vrname Specifies a VLAN gateway IPv6 address. Specifies a cost metric. If no metric is specified, the default of 1 is used. Specifies a scoped gateway. Specifies the virtual router to which the route is added.

Default
If no metric is specified, the default metric of 1 is used. If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
Default routes are used when the router has no other dynamic or static route to the requested destination. A default gateway must be located on a configured IP interface. Use the unicast-only or multicast-only options to specify a particular traffic type. If not specified, both unicast and multicast traffic uses the default route.

Example
The following command configures a default route for the switch:
configure iproute add default 2001:db8::1234:5678

History
This command was first available in ExtremeWare XOS 10.1. Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1167

IPv6 Unicast Commands

configure iproute delete


configure iproute delete <ipv6Netmask> [<ipv6Gateway> | <ipv6ScopedGateway>] {<metric>} {vr <vrname>} {multicast-only | unicastonly}

Description
Deletes an IPv6 static route from the routing table.

Syntax Description
ipv6Netmask ipv6Gateway ipv6ScopedGateway metric vrname multicast-only unicast-only Specifies an IPv6 address/prefix length. Specifies a gateway. Specifies a scoped gateway. Specifies a cost metric. Specifies the virtual router to which the route is added. Specifies only multicast traffic for the route. Specifies only unicast traffic for the route.

Default
If you do not specify a virtual router, the current virtual router context is used. If you do not specify a metric, then the default metric of 1 is used.

Usage Guidelines
Use a prefix length of 128 to indicate a host entry.

Example
The following command deletes a static address from the routing table:
configure iproute delete 2001:db8:0:1111::/64 fe80::1111

History
This command was first available in ExtremeWare XOS 10.1. Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1168

ExtremeWare XOS 11.3 Command Reference

configure iproute delete blackhole

configure iproute delete blackhole


configure iproute delete blackhole [<ipv6Netmask>] {vr <vrname>} {multicast-only | unicast-only}

Description
Deletes a blackhole route from the routing table.

Syntax Description
ipv6Netmask vrname multicast-only unicast-only Specifies an IPv6 address/prefix length. Specifies the virtual router to which the route is added. Specifies only multicast traffic for the route. Specifies only unicast traffic for the route.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
A blackhole entry directs packets with a specified destination address to be discarded. Blackhole entries are useful as a security measure or in special circumstances where a specific destination address must be discarded. Blackhole entries are treated like permanent entries in the event of a switch reset or power off/on cycle. Blackhole entries are never aged out of the forwarding database (FDB).

Example
The following command deletes a blackhole route from the routing table for packets with a destination address of 2001:db8::3452, so the packets are no longer discarded:
configure iproute delete blackhole 2001:db8::3452/128

History
This command was first available in ExtremeWare XOS 10.1. Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1169

IPv6 Unicast Commands

configure iproute delete blackhole ipv6 default


configure iproute delete blackhole ipv6 default {vr <vrname>} {multicastonly | unicast-only}

Description
Deletes a default blackhole route from the routing table.

Syntax Description
vr_name multicast-only unicast-only Specifies the virtual router to which the route is added. Specifies only multicast traffic for the route. Specifies only unicast traffic for the route.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
While a default route is for forwarding traffic destined to an unknown IP destination, and a blackhole route is for discarding traffic destined to a specified IP destination, a default blackhole route is for discarding traffic to the unknown IP destination. Using this command, all traffic with an unknown destination is discarded. The default blackhole route is treated like a permanent entry in the event of a switch reset or power off/on cycle. The default blackhole routes origin is b or blackhole and the gateway IP address for this route is ::.

Example
The following command deletes a blackhole default route from the routing table:
configure iproute delete blackhole default

History
This command was first available in ExtremeWare XOS 10.1. Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1170

ExtremeWare XOS 11.3 Command Reference

configure iproute delete default

configure iproute delete default


configure iproute delete default [<ipv6Gateway> | <ipv6ScopedGateway>] {vr <vrname>} {<metric>} {multicast-only | unicast-only}

Description
Deletes a default gateway from the routing table.

Syntax Description
ipv6Gateway metric ipv6ScopedGateway vrname Specifies a VLAN gateway IPv6 address. Specifies a cost metric. If no metric is specified, the default of 1 is used. Specifies a scoped gateway. Specifies the virtual router to which the route is added.

Default
If no metric is specified, the default metric of 1 is used. If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
Default routes are used when the router has no other dynamic or static route to the requested destination. A default gateway must be located on a configured IP interface. Use the unicast-only or multicast-only options to specify a particular traffic type. If not specified, both unicast and multicast traffic uses the default route.

Example
The following command deletes a default route from the switch:
configure iproute delete default 2001:db8::1234:5678

History
This command was first available in ExtremeWare XOS 10.1. Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1171

IPv6 Unicast Commands

configure iproute ipv6 priority


configure iproute ipv6 priority [ripng | blackhole | icmp | static | ospfv3-intra | ospfv3-inter | ospfv3-as-external | ospfv3-extern1 | ospfv3extern2] <priority>

Description
Changes the priority for all routes from a particular route origin.

Syntax Description
ripng icmp blackhole static ospfv3-intra ospfv3-inter ospfv3-as-external ospfv3-extern1 ospfv3-extern2 priority Specifies RIPng. Specifies ICMP. Specifies the blackhole route. Specifies static routes. Specifies OSPFv3 Intra routing. Specifies OSPFv3 Inter routing. Specifies OSPFv3 as External routing. Specifies OSPFv3 External 1 routing. Specifies OSPFv3 External 2 routing. Specifies a priority number in the range of 11 to 65534.

Default
Table 28 lists the relative priorities assigned to routes depending upon the learned source of the route.

Table 28: Relative route priorities


Route Origin Direct BlackHole Static ICMP OSPF3Intra OSPF3Inter RIPg OSPFv3 ASExt OSPFv3 Extern1 OSPFv3 Extern2 Priority 10 50 1100 1200 2200 2300 2400 3100 3200 3300

1172

ExtremeWare XOS 11.3 Command Reference

configure iproute ipv6 priority

Usage Guidelines
Although these priorities can be changed, do not attempt any manipulation unless you are expertly familiar with the possible consequences. If you change the route priority, you must save the configuration and reboot the system. NOTE
The priority for a blackhole route can not overlap with the priority of any other route origin.

Example
The following command sets the IPv6 route priority for static routing to 1200:
configure iproute ipv6 priority static 1200

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1173

IPv6 Unicast Commands

configure neighbor-discovery cache add


configure neighbor-discovery cache {vr <vr_name>} add [<ipv6address> | <scoped_link_local>] <mac>

Description
Adds a static entry to the neighbor cache.

Syntax Description
vr_name ipv6address scoped_link_local mac Specifies a virtual router. Specifies an IPv6 address. Specifies a scoped, link-local address. Specifies a MAC address.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
This command adds static entries to the neighbor cache.

Example
The following command adds a static entry to the neighbor cache:
configure neighbor-discovery cache add fe80::2315 00:11:22:33:44:55

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1174

ExtremeWare XOS 11.3 Command Reference

configure neighbor-discovery cache delete

configure neighbor-discovery cache delete


configure neighbor-discovery cache delete {vr <vr_name>} [<ipv6address> | <scoped_link_local>]

Description
Deletes a static entry from the neighbor cache.

Syntax Description
vr_name ipv6address scoped_link_local Specifies a virtual router. Specifies an IPv6 address. Specifies a scoped, link-local address.

Default
If you do not specify a virtual router, the current virtual router context is used.

Usage Guidelines
This command deletes static entries from the neighbor cache.

Example
The following command deletes a static entry from the neighbor cache:
configure neighbor-discovery cache delete fe80::2315

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1175

IPv6 Unicast Commands

configure vlan router-discovery add prefix


configure vlan <vlan_name> router-discovery {ipv6} add prefix <prefix>

Description
Adds a prefix to the router discovery advertisements on the VLAN.

Syntax Description
vlan_name prefix Specifies an IPv6 configured VLAN. Specifies the prefix to add.

Default
N/A.

Usage Guidelines
This command adds a prefix to the router advertisement messages for the VLAN. Prefixes defined with this command are only included in the router advertisement messages and have no operational impact on VLANs. To configure the parameters for this prefix, use the following command:
configure vlan <vlan_name> router-discovery {ipv6} set prefix <prefix> [autonomousflag <auto_on_off> | onlink-flag <onlink_on_off> | preferred-lifetime <preflife> |valid-lifetime <validlife>]

Example
The following command adds the prefix 2001:db8:3456::/64 for the VLAN top_floor:
configure vlan top_floor router-discovery add prefix 2001:db8:3456::/64

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1176

ExtremeWare XOS 11.3 Command Reference

configure vlan router-discovery delete prefix

configure vlan router-discovery delete prefix


configure vlan <vlan_name> router-discovery {ipv6} delete prefix [<prefix> | all]

Description
Deletes prefixes from the router discovery advertisements on the VLAN.

Syntax Description
vlan_name prefix all Specifies an IPv6 configured VLAN. Specifies the prefix to delete. Specifies to delete all prefixes.

Default
N/A.

Usage Guidelines
This command deletes previously defined router advertisement prefixes.

Example
The following command deletes the prefix 2001:db8:3161::/64 for the VLAN top_floor:
configure vlan top_floor router-discovery delete 2001:db8:3161::/64

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1177

IPv6 Unicast Commands

configure vlan router-discovery default-lifetime


configure vlan <vlan_name> router-discovery {ipv6} default-lifetime <defaultlifetime>

Description
Configures the router lifetime value sent in router discovery advertisements on the VLAN.

Syntax Description
vlan_name defaultlifetime Specifies an IPv6 configured VLAN. Specifies the router lifetime. Range is 0, max-interval to 9000 seconds.

Default
1800 seconds

Usage Guidelines
This command configures the router lifetime value to be included in the router advertisement messages. The value is specified in seconds and is either 0, or between max-interval and 9000 seconds. A value of 0 indicates that the router is not to be used as a default router. After a host sends a router solicitation, and receives a valid router advertisement with a non-zero router lifetime, the host must desist from sending additional solicitations on that interface, until an event such as re-initialization takes place.

Example
The following command configures the default-lifetime to be 3600 seconds for the VLAN top_floor:
configure vlan top_floor router-discovery default-lifetime 3600

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1178

ExtremeWare XOS 11.3 Command Reference

configure vlan router-discovery hop-limit

configure vlan router-discovery hop-limit


configure vlan <vlan_name> router-discovery {ipv6} hop-limit <currenthoplimit>

Description
Configures the current hop limit value sent in router discovery advertisements on the VLAN.

Syntax Description
vlan_name currenthoplimit Specifies an IPv6 configured VLAN. Specifies the current hop limit. Range is 0 to 255.

Default
64

Usage Guidelines
Configures the current hop limit value to be included in the router advertisement messages. Hosts then use the current hop limit when they send packets. A value of 0 means unspecified by this router. The default value is 64. The maximum value is 255.

Example
The following command configures the current hop limit to be 32 for the VLAN top_floor:
configure vlan top_floor router-discovery hop-limit 32

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1179

IPv6 Unicast Commands

configure vlan router-discovery link-mtu


configure vlan <vlan_name> router-discovery {ipv6} link-mtu <linkmtu>

Description
Configures the link MTU value sent in router discovery advertisements on the VLAN.

Syntax Description
vlan_name linkmtu Specifies an IPv6 configured VLAN. Specifies the link MTU. Range is 0 to 9216.

Default
0, meaning that no link MTU information is sent.

Usage Guidelines
This command configures the link MTU placed into the router advertisement messages. Advertisement of the MTU helps ensure use of a consistent MTU by hosts on the VLAN. The minimum value is 0. The maximum value is 9216. The default value is 0, which means that no link MTU information is included in the router discovery messages.

Example
The following command configures the link MTU to be 5126 for the VLAN top_floor:
configure vlan top_floor router-discovery link-mtu 5126

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1180

ExtremeWare XOS 11.3 Command Reference

configure vlan router-discovery managed-config-flag

configure vlan router-discovery managed-config-flag


configure vlan <vlan_name> router-discovery {ipv6} managed-config-flag <on_off>

Description
Configures the managed address configuration flag value sent in router discovery advertisements on the VLAN.

Syntax Description
vlan_name on_off Specifies an IPv6 configured VLAN. Specifies setting the flag to on or off.

Default
Off.

Usage Guidelines
This command configures the contents of the managed address configuration flag in the router advertisement messages. A value of on tells hosts to use the administered (stateful) protocol (DHCP) for address autoconfiguration in addition to any addresses autoconfigured using stateless address autoconfiguration. A value of off tells hosts to use stateless address autoconfiguration. If this command is not entered, the default value is off.

Example
The following command configures the managed address configuration flag to be on for the VLAN top_floor:
configure vlan top_floor router-discovery managed-config-flag on

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1181

IPv6 Unicast Commands

configure vlan router-discovery max-interval


configure vlan <vlan_name> router-discovery {ipv6} max-interval <maxinterval>

Description
Configures the maximum time between unsolicited router discovery advertisements on the VLAN.

Syntax Description
vlan_name maxinterval Specifies an IPv6 configured VLAN. Specifies the maximum time between advertisements, in seconds. Range is 4 to 1800

Default
600 seconds

Usage Guidelines
This command configures the maximum amount of time before an unsolicited router advertisement message is advertised over the links corresponding to the VLAN.

Example
The following command configures the max-interval to be 300 seconds for the VLAN top_floor:
configure vlan top_floor router-discovery max-interval 300

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1182

ExtremeWare XOS 11.3 Command Reference

configure vlan router-discovery min-interval

configure vlan router-discovery min-interval


configure vlan <vlan_name> router-discovery {ipv6} min-interval <mininterval>

Description
Configures the minimum time between unsolicited router discovery advertisements on the VLAN.

Syntax Description
vlan_name mininterval Specifies an IPv6 configured VLAN. Specifies the minimum time between advertisements, in seconds. Range is 3 to 1350 (see guidelines).

Default
200 seconds, or max-interval * .33 (see guidelines)

Usage Guidelines
This command configures the minimum amount of time before an unsolicited router advertisement message is advertised over the links corresponding to the VLAN. The minimum value is 3 seconds. The maximum time is (.75 * max-interval) seconds. If you do not explicitly set this value, the min-interval value is reset whenever the max-interval is configured. Mininterval will then be dynamically adjusted to .33 times the max-interval.

Example
The following command configures the min-interval to be 300 seconds for the VLAN top_floor:
configure vlan top_floor router-discovery min-interval 300

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1183

IPv6 Unicast Commands

configure vlan router-discovery other-config-flag


configure vlan <vlan_name> router-discovery {ipv6} other-config-flag <on_off>

Description
Configures the other stateful configuration flag value sent in router discovery advertisements on the VLAN.

Syntax Description
vlan_name on_off Specifies an IPv6 configured VLAN. Specifies setting the flag to on or off.

Default
Off.

Usage Guidelines
This command configures the contents of the other stateful configuration flag in the router advertisement messages. When set to on, hosts use the administered (stateful) protocol (DHCP) for autoconfiguration of other (non-address) information. If this command is not entered, the default value is off.

Example
The following command configures the other stateful configuration flag to be on for the VLAN top_floor:
configure vlan top_floor router-discovery other-config-flag on

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1184

ExtremeWare XOS 11.3 Command Reference

configure vlan router-discovery reachable-time

configure vlan router-discovery reachable-time


configure vlan <vlan_name> router-discovery {ipv6} reachable-time <reachabletime>

Description
Configures the reachable time value in router discovery advertisements on the VLAN.

Syntax Description
vlan_name reachabletime Specifies an IPv6 configured VLAN. Specifies the reachable time value in advertisements, in milliseconds. Range is 0 to 3,600,000 (one hour).

Default
0, meaning that no reachable time information is sent.

Usage Guidelines
The reachable time is the time, in milliseconds, that a node assumes a neighbor is reachable after having received a reachability confirmation. A value of 0 means the time is unspecified by this router. The maximum value is 3,600,000 (1 hour). The default value is 0.

Example
The following command configures the reachable time to be 3,600,000 milliseconds for the VLAN top_floor:
configure vlan top_floor router-discovery reachable-time 3600000

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1185

IPv6 Unicast Commands

configure vlan router-discovery retransmit-time


configure vlan <vlan_name> router-discovery {ipv6} retransmit-time <retransmittime>

Description
Configures the retransmit time value in router discovery advertisements on the VLAN.

Syntax Description
vlan_name retransmittime Specifies an IPv6 configured VLAN. Specifies the reachable time value in advertisements, in milliseconds. Range is 0 to 4,294,967,295 (approximately 50 days).

Default
0, meaning that no retransmit time information is sent.

Usage Guidelines
This command configures the retransmit time value in the router advertisement messages. The retransmit time, in milliseconds, is the time between retransmitted neighbor solicitation messages. A value of 0 means the value is unspecified by this router. The maximum value is 4,294,967,295. The default value is 0.

Example
The following command configures the retransmit time to be 604,800,000 milliseconds (one week) for the VLAN top_floor:
configure vlan top_floor router-discovery retransmit-time 604800000

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1186

ExtremeWare XOS 11.3 Command Reference

configure vlan router-discovery set prefix

configure vlan router-discovery set prefix


configure vlan <vlan_name> router-discovery {ipv6} set prefix <prefix> [autonomous-flag <auto_on_off> | onlink-flag <onlink_on_off> | preferredlifetime <preflife> |valid-lifetime <validlife>]

Description
Sets the parameters for a prefix in the router discovery advertisements on the VLAN.

Syntax Description
vlan_name prefix auto_on_off onlink_on_off preflife validlife Specifies an IPv6 configured VLAN. Specifies which prefixs parameters to set. Specifies the autonomous flag. Specifies the on link flag. Specifies the preferred lifetime in seconds. Maximum value is 4,294,967,295. Specifies the valid lifetime in seconds. Maximum value is 4,294,967,295.

Default
The prefix parameter defaults are:

Valid lifetime2,592,000 seconds (30 days) On-link flagon Preferred lifetime604,800 seconds (7 days) Autonomous flagon

Usage Guidelines
This command configures the attributes associated with the specified prefix. The autonomous flag option modifies the autonomous flag of the prefix. The autonomous flag value specifies whether the prefix can be used for autonomous address configuration (on) or not (off). The onlink flag option modifies the on link flag of the prefix. The on link flag specifies whether the prefix can be used for on link determination (on) or not (off). The default value of the on link flag is on. The preferred lifetime option modifies the preferred lifetime of a prefix. The preferred lifetime value is the time (from when the packet is sent) that addresses generated from the prefix via stateless address autoconfiguration remain preferred. The maximum value is 4,294,967,295. The default value is 604,800 seconds (7 days). The valid lifetime option modifies the valid lifetime of a prefix. The valid lifetime value is the time (from when the packet was sent) that the prefix is valid for the purpose of on-link determination. The maximum value is a 4,294,967,295. The default value is 2,592,000 seconds (30 days).

ExtremeWare XOS 11.3 Command Reference

1187

IPv6 Unicast Commands

Example
The following command sets the on link parameter of the prefix 3aaa:3161::/64 to off, for the VLAN top_floor:
configure vlan top_floor router-discovery set prefix 3aaa:3161::/64 onlink-flag off

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1188

ExtremeWare XOS 11.3 Command Reference

configure tunnel ipaddress

configure tunnel ipaddress


configure tunnel <tunnel_name> ipaddress [{eui64} [<ipv6_address_mask> | <ipv6_address>] | ipv6-link-local]

Description
Configures an IPv6 address/prefix on a tunnel.

Syntax Description
tunnel_name eui64 ipv6_address_mask Ipv6_address ipv6-link-local Specifies an IPv6 tunnel. Specifies an EUI64 interface identifier for the lower 64 bits of the address. Specifies an IPv6 address / IPv6 prefix length. Specifies an IPv6 address. Specifies the link-local address for a tunnel.

Default
N/A.

Usage Guidelines
This command will configure an IPv6 address/prefix route on the specified tunnel. 6to4 tunnels must follow the standard address requirement. The address must be of the form 2002:<IPv4_source_endpoint>::/16, where <IPv4_source_endpoint> is replaced by the IPv4 source address of the endpoint, in hexadecimal, colon separated form. For example, for a tunnel endpoint located at IPv4 address 10.20.30.40, the tunnel address would be 2002:a14:1e28::/16. In hex, 10 is a, 20 is 14, 30 is 1e and 40 is 28. 6in4 tunnels have no restrictions on their address format or prefix allocations.

Example
The following command configures the 6in4 tunnel link39 with the IPv6 link-local address:
configure tunnel link39 ipv6-link-local

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1189

IPv6 Unicast Commands

create tunnel 6to4


create tunnel <tunnel_name> 6to4 source <source-address>

Description
Creates an IPv6-to-IPv4 (6to4) tunnel.

Syntax Description
tunnel_name source-address Specifies an IPv6 tunnel. Specifies an IPv4 address for the tunnel.

Default
N/A.

Usage Guidelines
This command will create a new IPv6-to-IPv4 (also known as a 6to4 tunnel), and add it to the system. A maximum of 1 6to4 tunnel can be configured on any particular virtual router. The tunnel name must be unique and cannot overlap the same name space as VLANs, other tunnels, or virtual routers. The source address of the tunnel must be one of the IPv4 addresses already configured on the switch. You cannot remove an IPv4 address from the switch if a tunnel is still exists that uses it.

Example
The following command creates the 6to4 tunnel link35 with source address 192.168.10.1:
create tunnel link35 6to4 source 192.168.10.1

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1190

ExtremeWare XOS 11.3 Command Reference

create tunnel ipv6-in-ipv4

create tunnel ipv6-in-ipv4


create tunnel <tunnel_name> ipv6-in-ipv4 destination <destination-address> source <source-address>

Description
Creates an IPv6-in-IPv4 (6in4) tunnel.

Syntax Description
tunnel_name source-address Specifies an IPv6 tunnel. Specifies an IPv4 address for the tunnel.

Default
N/A.

Usage Guidelines
This command will create a new IPv6-in-IPv4 (otherwise known as a configured tunnel or a 6in4 tunnel) and add it to the system. A maximum of 255 tunnels (including one 6to4 tunnel) can be configured on the system. The tunnel name must be unique and cannot overlap the same name space as VLANs, other tunnels, or virtual routers. The source address of the tunnel must be one of the IPv4 addresses already configured on the switch. You cannot remove an IPv4 address from the switch if a tunnel is still exists that uses it.

Example
The following command creates the 6in4 tunnel link39 with destination address 10.10.10.10 and source address 192.168.10.15:
create tunnel link39 ipv6-in-ipv4 destination 10.10.10.10 source 192.168.10.15

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1191

IPv6 Unicast Commands

delete tunnel
delete tunnel <tunnel_name>

Description
Deletes an IPv6 tunnel.

Syntax Description
tunnel_name Specifies an IPv6 tunnel.

Default
N/A.

Usage Guidelines
This command will destroy a previously created tunnel. The command acts on either a 6to4 or a 6in4 tunnel. Because the interface will be removed, all routes pointing out that interface will also be purged from the system at the time.

Example
The following command deletes the tunnel link39:
delete tunnel link39

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1192

ExtremeWare XOS 11.3 Command Reference

disable ipforwarding ipv6

disable ipforwarding ipv6


disable ipforwarding ipv6 {vlan <vlan_name> | tunnel <tunnel_name> | vr <vr_name>}

Description
Disables routing for one or all interfaces. If no argument is provided, disables routing for all interfaces on the current virtual router.

Syntax Description
vlan_name tunnel_name vr_name Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies a virtual router.

Default
Disabled.

Usage Guidelines
When new IPv6 interfaces are added, IP forwarding is disabled by default. Other IP related configuration is not affected.

Example
The following command disables forwarding of IPv6 traffic for a VLAN named accounting:
disable ipforwarding ipv6 vlan accounting

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1193

IPv6 Unicast Commands

disable router-discovery
disable router-discovery {ipv6} {vlan <vlan_name>}

Description
Disables router discovery advertisements on the VLAN and the processing of router discovery messages.

Syntax Description
vlan_name Specifies an IPv6 configured VLAN.

Default
N/A.

Usage Guidelines
If no VLAN is specified, Router Discovery is disabled on all IPv6 configured VLANs.

Example
The following command disables router discovery for the VLAN top_floor:
disable router-discovery vlan top_floor

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1194

ExtremeWare XOS 11.3 Command Reference

enable ipforwarding ipv6

enable ipforwarding ipv6


enable ipforwarding ipv6 {vlan <vlan_name> | tunnel <tunnel-name> | vr <vr_name>}

Description
Enables IP routing VLANs. If no argument is provided, enables IP routing for all VLANs and tunnels that have been configured with an IPv6 address on the current virtual router.

Syntax Description
vlan_name tunnel_name vr_name Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies a virtual router.

Default
Disabled.

Usage Guidelines
When new IPv6 interfaces are added, IP forwarding is disabled by default. Other IP related configuration is not affected.

Example
The following command enables forwarding of IPv6 traffic for all VLANs in the current virtual router context with IPv6 addresses:
enable ipforwarding ipv6

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1195

IPv6 Unicast Commands

enable router-discovery
enable router-discovery {ipv6} {vlan <vlan_name>}

Description
Enables router discovery advertisements on the VLAN and the processing of router discovery messages.

Syntax Description
vlan_name Specifies an IPv6 configured VLAN.

Default
N/A.

Usage Guidelines
This command is only valid when the specified VLAN has an IPv6 address associated with it. After IPv6 Router Discovery is enabled on a VLAN, router advertisement messages are regularly sent on all ports associated with the VLAN. If no VLAN is specified, Router Discovery is enabled on all IPv6 configured VLANs.

Example
The following command enables router discovery for the VLAN top_floor:
enable router-discovery vlan top_floor

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1196

ExtremeWare XOS 11.3 Command Reference

rtlookup

rtlookup
rtlookup [<ipaddress> | <ipv6address>]{vr <vrname>}

Description
Performs a look-up in the route table to determine the best route to reach an IP address or host.

Syntax Description
ipaddress ipv6address vrname Specifies an IPv4 address. Specifies an IPv6 address. Specifies the virtual router to route from.

Default
N/A.

Usage Guidelines
None.

Example
The following command performs a look up in the route table to determine the best way to reach the specified IP address:
rtlookup 3aaa:5643::ef80:2525:1023:5213

History
This command was first available in ExtremeWare XOS 10.1. The xhostname option was removed in ExtremeWare XOS 11.0. Support for IPv6 was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1197

IPv6 Unicast Commands

show ipconfig ipv6


show ipconfig ipv6 {vlan <vlan_name> | tunnel <tunnelname>}

Description
Displays configuration information for one or more interfaces.

Syntax Description
vlan_name tunnelname Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel.

Default
N/A.

Usage Guidelines
If no interface is specified, then global IP configuration is displayed. Otherwise, specific interface(s) will be displayed. Global IP configuration information includes:

IP address/netmask/etc. IP forwarding information / IP multicast forwarding information VLAN name and VLANID

Example
The following command displays configuration information on a VLAN named accounting:
show ipconfig ipv6 vlan accounting

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1198

ExtremeWare XOS 11.3 Command Reference

show iproute ipv6

show iproute ipv6


show iproute ipv6 {priority | vlan <vlan_name> | tunnel <tunnel-name> | <ipv6Netmask> | summary} {multicast | unicast} {vr <vrname>}}

Description
Displays the contents of the IPv6 routing table.

Syntax Description
priority vlan_name ipv6Netmask summary Specifies to display route priority. Specifies a VLAN name. Specifies an IPv6 address/prefix length. Specifies summary information

Default
N/A.

Usage Guidelines
If a route is active and in use, it is preceded in the display by an *. If there are multiple routes to the same destination network, the * will indicate which route is the most preferable route. If you do not specify a virtual router, the command applies to the current virtual router.

Example
The following command displays detailed information about all IPv6 routing:
show iproute ipv6

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1199

IPv6 Unicast Commands

show iproute ipv6 origin


show iproute ipv6 origin [direct | static | blackhole | ripng | ospfv3 | ospfv3-intra | ospv3-inter | ospfv3-extern1 | ospfv3-extern2] {vr <vrname>}

Description
Displays the contents of the IP routing table for routes with the specified origin.

Syntax Description
origin Specifies a display of the route origin.

Default
N/A.

Usage Guidelines
Policies for IP routing can be configured based on the route origin. When routes are added to the IP routing table from various sources, the routing policies configured for the origin of the route is applied to the route. After matching on specified characteristics, the characteristics for the route can be modified using the policy. The characteristics that can be matched and modified are dependent on the origin of the route. Policies for IP routing can be dynamically changed. In the case of direct and static route origins, the changes are reflected immediately. In the case of routes that are sourced from other origin, the changes are reflected within 30 seconds.

Example
The following command displays the RIPng routes:
show iproute ipv6 origin ripng

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1200

ExtremeWare XOS 11.3 Command Reference

show ipstats ipv6

show ipstats ipv6


show ipstats ipv6 {vlan <name> | tunnel <tunnelname> | vr <vrname>}

Description
Displays IPv6 statistics for the CPU for the switch or for a particular VLAN.

Syntax Description
name vrname Specifies a VLAN name. Specifies a virtual router.

Default
N/A.

Usage Guidelines
This command only shows statistics of the CPU-handled packets. Not all packets are handled by the CPU. If you do not specify a virtual router, the command applies to the current virtual router.

Example
The following command displays IPv6 statistics for the VLAN accounting:
show ipstats ipv6 vlan accounting

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1201

IPv6 Unicast Commands

show neighbor-discovery cache ipv6


show neighbor-discovery cache ipv6 {[<ipv6_addr> | <mac> | permanent] {vr <vr_name>} | vlan <vlan_name> | vr <vr_name>}

Description
Deletes a static entry from the neighbor cache.

Syntax Description
vr_name mac permanent ipv6_addr vlan_name Specifies a virtual router. Specifies a MAC address. Specifies static entries. Specifies an IPv6 address. Specifies an IPv6 configured VLAN.

Default
N/A.

Usage Guidelines
This command displays the entries present in the neighbor cache. The entries displayed can be filtered by IPv6 address, MAC address, or by VLAN. The permanent keyword filters the output to display static entries. The vr_name indicates the virtual router on which the operation is performed. In its absence, the operation applies to VR-Default.

Example
The following command shows all entries from the neighbor cache:
show neighbor-discovery cache ipv6

The following is sample output:


VR VR-Default VR-Default VR-Default Destination Mac 3ffe:100::7 00:01:30:00:6b:00 3ffe:100::99 00:01:02:33:33:33 3ffe:99::99 00:01:02:01:01:01 Age 0 0 0 Static NO YES YES VLAN gtag100 gtag100 gtag99 VID 100 100 99 Port 1:2

1202

ExtremeWare XOS 11.3 Command Reference

show neighbor-discovery cache ipv6

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1203

IPv6 Unicast Commands

show router-discovery
show router-discovery {ipv6} {vlan <vlan_name>}

Description
Displays the router discovery settings.

Syntax Description
vlan_name Specifies an IPv6 configured VLAN.

Default
N/A.

Usage Guidelines
If no VLAN is specified, the settings are displayed for all IPv6 configured VLANs.

Example
The following command displays router discovery settings for the VLAN top_floor:
show router-discovery vlan top_floor

The following is sample output:


Router Advertisements disabled on v1 Minimum/Maximum Interval: 200 / 600 Managed / Other Info Flags: Off / Off Link MTU: 0 Reachable Time: 0 Retrans Timer: 0 Current Hop Limit: 64 Default Lifetime: 1800 Number of Prefixes: 1, Prefix List: Valid Prefix Lifetime 11::1/64 2592000

Auto On

Preferred Lifetime OnLink 604800 On

History
This command was first available in ExtremeWare XOS 11.2.

1204

ExtremeWare XOS 11.3 Command Reference

show router-discovery

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1205

IPv6 Unicast Commands

show tunnel
show tunnel

Description
Displays system tunnel information.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command displays system tunnel information.

Example
The following command displays system tunnel information:
show tunnel

The following is sample output:


Name tunfour tunfive2 Total tunnels: 2 Flags: (U) Up / (D) Down Type 6in4 10.20.30.40 => 10.10.10.10 6to4 10.20.30.40 => *.*.*.* Flags U D

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1206

ExtremeWare XOS 11.3 Command Reference

unconfigure tunnel

unconfigure tunnel
unconfigure tunnel <tunnel_name> ipaddress <ipv6_address_mask>

Description
Unconfigures an IPv6 address/prefix route from a tunnel.

Syntax Description
tunnel_name ipv6_address_mask Specifies an IPv6 tunnel. Specifies an IPv6 address / IPv6 prefix length.

Default
N/A.

Usage Guidelines
This command will unconfigure an IPv6 address/prefix route from the specified tunnel.

Example
The following command unconfigures the 6in4 tunnel link39 with the address 3aaa::1111/64
unconfigure tunnel link39 3aaa::1111/64

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1207

IPv6 Unicast Commands

1208

ExtremeWare XOS 11.3 Command Reference

24 RIP Commands
This chapter describes commands used for the interior gateway protocol RIP. Routing Information Protocol (RIP) is an Interior Gateway Protocol (IGP) first used in computer routing in the Advanced Research Projects Agency Network (ARPAnet) as early as 1969. It is primarily intended for use in homogeneous networks of moderate size. To determine the best path to a distant network, a router using RIP always selects the path that has the least number of hops. Each router that data must traverse is considered to be one hop. The routing table in a router using RIP contains an entry for every known destination network. Each routing table entry contains the following information:

IP address of the destination network Metric (hop count) to the destination network IP address of the next router Timer that tracks the amount of time since the entry was last updated

The router exchanges an update message with each neighbor every 30 seconds (default value), or if there is a change to the overall routed topology (also called triggered updates). If a router does not receive an update message from its neighbor within the route timeout period (180 seconds by default), the router assumes the connection between it and its neighbor is no longer available. A new version of RIP, called RIP version 2 (RIPv2), expands the functionality of RIP version 1 to include:

Variable-Length Subnet Masks (VLSMs) Next-hop addresses Support for next-hop addresses allows for optimization of routes in certain environments Multicasting

If you are using RIP with supernetting/Classless Inter-Domain Routing (CIDR), you must use RIPv2 only, and RIP route aggregation must be turned off.

ExtremeWare XOS 11.3 Command Reference

1209

RIP Commands

clear rip counters


clear rip counters

Description
Clears the RIP counters (statistics).

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command clears the RIP statistics counters:
clear rip counters

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1210

ExtremeWare XOS 11.3 Command Reference

configure rip add vlan

configure rip add vlan


configure rip add vlan [<vlan-name> | all]

Description
Configures RIP on an IP interface.

Syntax Description
vlan-name all Specifies a VLAN name. Specifies all VLANs.

Default
N/A.

Usage Guidelines
When an IP interface is created, RIP configuration is disabled on the interface by default. When the RIP interface is disabled, the parameters are not reset to default automatically.

Example
The following command configures RIP on the VLAN finance:
configure rip add finance

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1211

RIP Commands

configure rip delete vlan


configure rip delete vlan [<vlan-name> | all]

Description
Disables RIP on an IP interface.

Syntax Description
vlan-name all Specifies a VLAN name. Specifies all VLANs.

Default
N/A.

Usage Guidelines
When an IP interface is created, RIP configuration is disabled on the interface by default. When the RIP interface is disabled by this command, the parameters are not reset to default automatically.

Example
The following command deletes RIP on a VLAN named finance:
configure rip delete finance

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1212

ExtremeWare XOS 11.3 Command Reference

configure rip garbagetime

configure rip garbagetime


configure rip garbagetime {<seconds>}

Description
Configures the RIP garbage time.

Syntax Description
seconds Specifies a time in seconds.

Default
120 seconds.

Usage Guidelines
None.

Example
The following command configures the RIP garbage time to have a 60-second delay:
configure rip garbagetime 60

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1213

RIP Commands

configure rip import-policy


configure rip import-policy [<policy-name> | none]

Description
Associates or removes the policy applied to RIP routes added to the system routing table.

Syntax Description
policy-name Specifies the policy to apply.

Default
No policy.

Usage Guidelines
Use this command to associate a policy with the RIP routes installed into the system table. Use the none option to remove the policy association.

Example
The following example applies the policy campuseast to RIP routes:
configure rip import-policy campuseast

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1214

ExtremeWare XOS 11.3 Command Reference

configure rip routetimeout

configure rip routetimeout


configure rip routetimeout <seconds>

Description
Configures the route timeout period.

Syntax Description
seconds Specifies a time in seconds.

Default
180 seconds.

Usage Guidelines
If a router does not receive an update message from its neighbor within the route timeout period (180 seconds by default), the router assumes the connection between it and its neighbor is no longer available.

Example
The following example sets the route timeout period to 120 seconds:
configure rip routetimeout 120

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1215

RIP Commands

configure rip vlan rxmode


configure rip [vlan <vlan-name> | all] rxmode [none | v1only | v2only | any]

Description
Changes the RIP receive mode for one or all VLANs.

Syntax Description
none v1only v2only any vlan-name all Specifies to drop all received RIP packets. Specifies to accept only RIP version 1 format packets. Specifies to accept only RIP version 2 format packets. Specifies to accept RIP version 1 and RIP version 2 packets. Specifies to apply settings to specific VLAN name. Specifies all VLANs.

Default
N/A.

Usage Guidelines
None.

Example
The following command configures the receive mode for the VLAN finance to accept only RIP version 1 format packets:
configure rip finance rxmode v1only

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1216

ExtremeWare XOS 11.3 Command Reference

configure rip vlan txmode

configure rip vlan txmode


configure rip [vlan <vlan-name> | all] txmode [none | v1only | v1comp | v2only]

Description
Changes the RIP transmission mode for one or all VLANs.

Syntax Description
none v1only v1comp v2only vlan-name all Specifies to not transmit any packets on this interface. Specifies to transmit RIP version 1 format packets to the broadcast address. Specifies to transmit RIP version 2 format packets to the broadcast address. Specifies to transmit RIP version 2 format packets to the RIP multicast address. Specifies to apply settings to a specific VLAN name. Specifies all VLANs.

Default
N/A.

Usage Guidelines
None.

Example
The following command configures the transmit mode for the VLAN finance to transmit version 2 format packets to the broadcast address:
configure rip finance txmode v1comp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1217

RIP Commands

configure rip updatetime


configure rip updatetime <seconds>

Description
Specifies the time interval in seconds within which RIP sends update packets.

Syntax Description
seconds Specifies a time in seconds. The range is 10 to 180.

Default
30 seconds.

Usage Guidelines
The router exchanges an update message with each neighbor every 30 seconds (default value), or if there is a change to the overall routed topology (also called triggered updates). The timer granularity is 10 seconds. Timer minimum is 10 seconds and maximum is 180 seconds.

Example
The following command sets the update timer to 60 seconds:
configure rip updatetime 60

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1218

ExtremeWare XOS 11.3 Command Reference

configure rip vlan cost

configure rip vlan cost


configure rip vlan [<vlan-name> | all] cost <cost>

Description
Configures the cost (metric) of the interface.

Syntax Description
vlan-name all cost Specifies a VLAN name. Specifies all VLANs. Specifies a cost metric.

Default
The default setting is 1.

Usage Guidelines
The specified interface cost is added to the cost of the route received through this interface.

Example
The following command configures the cost for the VLAN finance to a metric of 3:
configure rip vlan finance cost 3

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1219

RIP Commands

configure rip vlan route-policy


configure rip vlan [<vlan-name> | all] route-policy [in | out] [<policyname> | none]

Description
Configures RIP to ignore certain routes received from its neighbor, or to suppress certain routes when performing route advertisements.

Syntax Description
vlan-name all policy-name none Specifies a VLAN name. Specifies all VLANs. Specifies a policy. Removes any policy from the VLAN.

Default
N/A.

Usage Guidelines
Use the in option to configure an input route policy, which determines which RIP routes are accepted as valid routes. This policy can be combined with the trusted neighbor policy to accept selected routes only from a set of trusted neighbors. Use the out option to configure an output route policy, which determines which RIP routes are advertised on the VLAN.

Example
The following command configures the VLAN backbone to accept selected routes from the policy nosales:
configure rip vlan backbone route-policy in nosales

The following command uses the policy nosales to determine which RIP routes are advertised into the VLAN backbone:
configure rip vlan backbone route-policy out nosales

History
This command was first available in ExtremeWare XOS 10.1.

1220

ExtremeWare XOS 11.3 Command Reference

configure rip vlan route-policy

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1221

RIP Commands

configure rip vlan trusted-gateway


configure rip vlan [<vlan-name> | all] trusted-gateway [<policy-name> | none]

Description
Configures a trusted neighbor policy to determine trusted RIP router neighbors for the VLAN on the switch running RIP.

Syntax Description
vlan-name all policy-name none Specifies a VLAN name. Specifies all VLANs. Specifies a policy. Removes any trusted-gateway policy from the VLAN.

Default
N/A.

Usage Guidelines
Use this command to set a policy to determine trusted neighbors. A neighbor is defined by its IP address. Only the RIP control packets from trusted neighbors will be processed.

Example
The following command configures RIP to use the policy nointernet to determine from which RIP neighbor to receive (or reject) the routes to the VLAN backbone:
configure rip vlan backbone trusted-gateway nointernet

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1222

ExtremeWare XOS 11.3 Command Reference

disable rip

disable rip
disable rip

Description
Disables RIP for the whole router.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
RIP has a number of limitations that can cause problems in large networks, including:

A limit of 15 hops between the source and destination networks A large amount of bandwidth taken up by periodic broadcasts of the entire routing table Slow convergence Routing decisions based on hop count; no concept of link costs or delay Flat networks; no concept of areas or boundaries

Example
The following command disables RIP for the whole router:
disable rip

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1223

RIP Commands

disable rip aggregation


disable rip aggregation

Description
Disables the RIP aggregation of subnet information on a RIP version 2 (RIPv2) router.

Syntax Description
This command has no arguments or variables.

Default
RIP aggregation is disabled by default.

Usage Guidelines
The disable RIP aggregation command disables the RIP aggregation of subnet information on a switch configured to send RIPv2-compatible traffic. The switch summarizes subnet routes to the nearest class network route. The following rules apply when using RIP aggregation:

Within a class boundary, no routes are aggregated. If aggregation is disabled, subnet routes are never aggregated, even when crossing a class boundary.

Example
The following command disables RIP aggregation on the interface:
disable rip aggregation

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1224

ExtremeWare XOS 11.3 Command Reference

disable rip export

disable rip export


disable rip export [bgp | direct | e-bgp | i-bgp | ospf | ospf-extern1 | ospf-extern2 | ospf-inter | ospf-intra | static]

Description
Disables RIP from redistributing routes from other routing protocols.

Syntax Description
static bgp direct e-bgp i-bgp ospf ospf-intra ospf-inter ospf-extern1 ospf-extern2 Specifies static routes. Specifies BGP routes. Specifies interface routes (only interfaces that have IP forwarding enabled are exported). Specifies external BGP routes. Specifies internal BGP routes. Specifies all OSPF routes. Specifies OSPF-intra area routes. Specifies OSPF-inter area routes. Specifies OSPF external route type 1. Specifies OSPF external route type 2.

Default
Disabled.

Usage Guidelines
This command disables the exporting of BGP, static, direct, and OSPF-learned routes into the RIP domain.

Example
The following command disables RIP from redistributing any routes learned from OSPF:
disable rip export ospf

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1225

RIP Commands

disable rip originate-default


disable rip originate-default

Description
Disables the advertisement of a default route.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
The following command unconfigures a default route to be advertised by RIP if no other default route is advertised:
disable rip originate-default

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1226

ExtremeWare XOS 11.3 Command Reference

disable rip poisonreverse

disable rip poisonreverse


disable rip poisonreverse

Description
Disables poison reverse algorithm for RIP.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Like split horizon, poison reverse is a scheme for eliminating the possibility of loops in the routed topology. In this case, a router advertises a route over the same interface that supplied the route, but the route uses a hop count of 16, defining it as unreachable.

Example
The following command disables the split horizon with poison reverse algorithm for RIP:
disable rip poisonreverse

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1227

RIP Commands

disable rip splithorizon


disable rip splithorizon

Description
Disables the split horizon algorithm for RIP.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Split horizon is a scheme for avoiding problems caused by including routes in updates sent to the router from which the route was learned. Split horizon omits routes learned from a neighbor in updates sent to that neighbor.

Example
The following command disables the split horizon algorithm for RIP:
disable rip splithorizon

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1228

ExtremeWare XOS 11.3 Command Reference

disable rip triggerupdates

disable rip triggerupdates


disable rip triggerupdates

Description
Disables the trigger update mechanism. Triggered updates are a mechanism for immediately notifying a routers neighbors when the router adds or deletes routes or changes their metric.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Triggered updates occur whenever a router changes the metric for a route and it is required to send an update message immediately, even if it is not yet time for a regular update message to be sent. This will generally result in faster convergence, but may also result in more RIP-related traffic.

Example
The following command disables the trigger update mechanism:
disable rip triggerupdate

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1229

RIP Commands

disable rip use-ip-router-alert


disable rip use-ip-router-alert

Description
Disables router alert IP option in outgoing RIP control packets.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
The following command disables the RIP router alert IP option:
disable rip use-ip-router-alert

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1230

ExtremeWare XOS 11.3 Command Reference

enable rip

enable rip
enable rip

Description
Enables RIP for the whole router.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
RIP has a number of limitations that can cause problems in large networks, including:

A limit of 15 hops between the source and destination networks A large amount of bandwidth taken up by periodic broadcasts of the entire routing table Slow convergence Routing decisions based on hop count; no concept of link costs or delay Flat networks; no concept of areas or boundaries

Example
The following command enables RIP for the whole router:
enable rip

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1231

RIP Commands

enable rip aggregation


enable rip aggregation

Description
Enables the RIP aggregation of subnet information on a RIP version 2 (RIPv2) interface.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
The enable (disable) rip aggregation command enables (disables) the RIP aggregation of subnet information on an interface configured to send RIPv1 or RIPv2-compatible traffic. The switch summarizes subnet routes to the nearest class network route. The following rules apply when using RIP aggregation:

Subnet routes are aggregated to the nearest class network route when crossing a class boundary. Within a class boundary, no routes are aggregated. If aggregation is enabled, the behavior is the same as in RIPv1. If aggregation is disabled, subnet routes are never aggregated, even when crossing a class boundary.

Example
The following command enables RIP aggregation on the interface:
enable rip aggregation

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1232

ExtremeWare XOS 11.3 Command Reference

enable rip export

enable rip export


enable rip export [bgp | direct | e-bgp | i-bgp | ospf | ospf-extern1 | ospf-extern2 | ospf-inter | ospf-intra | static] [cost <number> {tag <number>} | policy <policy-name>]

Description
Enables RIP to redistribute routes from other routing functions.

Syntax Description
bgp direct e-bgp I-bgp ospf ospf-intra ospf-inter ospf-extern1 ospf-extern2 static cost <number> tag <number> <policy-name> Specifies BGP routes. Specifies interface routes (only interfaces that have IP forwarding enabled are exported). Specifies E-BGP routes. Specifies I-BGP routes. Specifies all OSPF routes. Specifies OSPF-intra area routes. Specifies OSPF-inter area routes. Specifies OSPF external route type 1. Specifies OSPF external route type 2. Specifies static routes. Specifies the cost metric, from 0-15. If set to 0, RIP uses the route metric obtained from the route origin. Specifies a tag number. Specifies a policy.

Default
Disabled.

Usage Guidelines
This command enables the exporting of BGP, static, direct, and OSPF-learned routes into the RIP domain. You can choose which types of OSPF routes are injected, or you can simply choose ospf, which will inject all learned OSPF routes regardless of type. The cost metric is inserted for all RIP-learned, static, and direct routes injected into RIP. If the cost metric is set to 0, the cost is inserted from the route. For example, with BGP, the cost could be the MED or the length of the BGP path. The tag value is used only by special routing applications. Use 0 if you do not have specific requirements for using a tag. Each protocol can have a policy associated with it to control or modify the exported routes.

ExtremeWare XOS 11.3 Command Reference

1233

RIP Commands

Example
The following command enables RIP to redistribute routes from all OSPF routes:
enable rip export ospf cost 0

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1234

ExtremeWare XOS 11.3 Command Reference

enable rip originate-default cost

enable rip originate-default cost


enable rip originate-default {always} cost <number> {tag<number>}

Description
Configures a default route to be advertised by RIP.

Syntax Description
always cost <number> tag <number> Specifies to always advertise the default route. Specifies a cost metric. The range is 1 - 15. Specifies a tag number.

Default
Disabled.

Usage Guidelines
If always is specified, RIP always advertises the default route to its neighbors. If always is not specified, RIP advertises a default route only if a reachable default route is in the system route table. The default route advertisement is filtered using the out policy. The cost metric is inserted for all RIP-learned, static, and direct routes injected into RIP. The tag value is used only by special routing applications.

Example
The following command configures a default route to be advertised by RIP if there is a default route in the system routing table:
enable rip originate-default cost 7

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1235

RIP Commands

enable rip poisonreverse


enable rip poisonreverse

Description
Enables poison reverse algorithm for RIP.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Like split horizon, poison reverse is a scheme for eliminating the possibility of loops in the routed topology. In this case, a router advertises a route over the same interface that supplied the route, but the route uses a hop count of 16, defining it as unreachable.

Example
The following command enables the split horizon with poison reverse algorithm for RIP:
enable rip poisonreverse

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1236

ExtremeWare XOS 11.3 Command Reference

enable rip splithorizon

enable rip splithorizon


enable rip splithorizon

Description
Enables the split horizon algorithm for RIP.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Split horizon is a scheme for avoiding problems caused by including routes in updates sent to the router from which the route was learned. Split horizon omits routes learned from a neighbor in updates sent to that neighbor.

Example
The following command enables the split horizon algorithm for RIP:
enable rip splithorizon

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1237

RIP Commands

enable rip triggerupdates


enable rip triggerupdates

Description
Enables the trigger update mechanism. Triggered updates are a mechanism for immediately notifying a routers neighbors when the router adds or deletes routes or changes their metric.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Triggered updates occur whenever a router changes the metric for a route and it is required to send an update message immediately, even if it is not yet time for a regular update message to be sent. This will generally result in faster convergence, but may also result in more RIP-related traffic.

Example
The following command enables the trigger update mechanism:
enable rip triggerupdate

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1238

ExtremeWare XOS 11.3 Command Reference

enable rip use-ip-router-alert

enable rip use-ip-router-alert


enable rip use-ip-router-alert

Description
Enables the router alert IP option in the outgoing RIP control packets.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
The following command enables the RIP router alert IP option:
enable rip use-ip-router-alert

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1239

RIP Commands

show rip
show rip

Description
Displays RIP specific configuration.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays RIP specific configuration:
show rip

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1240

ExtremeWare XOS 11.3 Command Reference

show rip interface

show rip interface


show rip interface {detail}

Description
Displays RIP-specific configuration and statistics for all VLANs.

Syntax Description
detail Specifies detailed display.

Default
Show summary output for all interfaces.

Usage Guidelines
Summary includes the following information per interface:

VLAN name IP address and mask interface status packets transmitted packets received number of triggered updates cost

Detail includes the following per interface:


VLAN name IP address and mask tx mode rx mode cost peer information (for each peer)

age version received packets received updates received bad packets received bad routes

in policy out policy

ExtremeWare XOS 11.3 Command Reference

1241

RIP Commands

trusted gateway policy packets transmitted sent triggered updates packets received bad packets received bad routes received

Example
The following command displays the RIP configuration for all VLANS:
show rip interface

The following command displays RIP-specific statistics for all VLANs:


show rip interface detail

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1242

ExtremeWare XOS 11.3 Command Reference

show rip interface vlan

show rip interface vlan


show rip interface vlan <vlan-name>

Description
Displays RIP specific statistics and configuration for a VLAN in detail.

Syntax Description
vlan-name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays RIP specific statistics for the VLAN accounting:
show rip interface accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1243

RIP Commands

show rip memory


show rip memory {detail | <memoryType}

Description
Displays RIP specific memory usage.

Syntax Description
detail memoryType Displays detail information. Specifies the memory type usage to display.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays RIP specific memory for all types:
show rip memory detail

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1244

ExtremeWare XOS 11.3 Command Reference

show rip routes

show rip routes


show rip routes {detail} {network <ripNetworkPrefix>}

Description
Displays routes advertised by RIP.

Syntax Description
detail ripNetworkPrefix Displays all available information from the RIP routing table. Specifies the route prefix for the routes to show.

Default
N/A.

Usage Guidelines
The routes displayed include all routes advertised by RIP, including routes exported from the system routing table and originated by other protocols, for example BGP.

Example
The following command displays a summary of RIP specific routes for the networks 10.0.0.0/8:
show rip routes network 10.0.0.0/8

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1245

RIP Commands

unconfigure rip
unconfigure rip {vlan <vlan-name> | all}

Description
Resets all RIP parameters to the default for all VLANs or for the specified VLAN.

Syntax Description
vlan-name Specifies a VLAN name.

Default
All.

Usage Guidelines
Does not change the enable/disable state of the RIP settings.

Example
The following command resets the RIP configuration to the default for the VLAN finance:
unconfigure rip finance

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1246

ExtremeWare XOS 11.3 Command Reference

25 RIPng Commands
This chapter describes commands used for the IPv6 interior gateway protocol RIPng. To determine the best path to a distant network, a router using RIPng always selects the path that has the least number of hops. Each router that data must traverse is considered to be one hop. The routing table in a router using RIPng contains an entry for every known destination network. Each routing table entry contains the following information:

IP address and prefix length of the destination network Metric (hop count) to the destination network IP address of the next hop router, if the destination is not directly connected Interface for the next hop Timer that tracks the amount of time since the entry was last updated A flag that indicates if the entry is a new one since the last update The source of the route, for example, static, RIPng, OSPFv3, etc.

The router exchanges an update message with each neighbor every 30 seconds (default value), or if there is a change to the overall routed topology (also called triggered updates). If a router does not receive an update message from its neighbor within the route timeout period (180 seconds by default), the router assumes the connection between it and its neighbor is no longer available.

ExtremeWare XOS 11.3 Command Reference

1247

RIPng Commands

clear ripng counters


clear ripng counters {vlan <vlan-name> | tunnel <tunnel-name>}

Description
Clears the RIPng global or interface-specific counters (statistics).

Syntax Description
vlan-name tunnel-name Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel.

Default
N/A.

Usage Guidelines
None.

Example
The following command clears the RIPng statistics counters:
clear ripng counters

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1248

ExtremeWare XOS 11.3 Command Reference

configure ripng add

configure ripng add


configure ripng add [vlan <vlan-name> | tunnel <tunnel-name> | [vlan | tunnel] all]

Description
Configures RIPng on an IP interface.

Syntax Description
vlan-name tunnel-name all Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all IPv6 configured VLANs or tunnels.

Default
N/A.

Usage Guidelines
For RIPng to be active on the interface, it must also be globally enabled using the command enable ripng. If the keyword all is specified, all IPv6 configured VLANs or tunnels will be configured for RIPng.

Example
The following command configures RIPng on the VLAN finance:
configure ripng add finance

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1249

RIPng Commands

configure ripng delete


configure ripng delete [vlan <vlan-name> | tunnel <tunnel-name> | [vlan | tunnel] all]

Description
Removes an interface from RIPng routing.

Syntax Description
vlan-name tunnel-name all Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all IPv6 configured VLANs or tunnels.

Default
N/A.

Usage Guidelines
This command removes an interface from RIPng routing. However, the RIPng-specific interface configuration will be preserved, even if RIPng is unconfigured on the interface. The interface configuration information is removed only when the IPv6 interface itself gets deleted by, for example, by unconfiguring all the IPv6 addresses on the interface.

Example
The following command removes the VLAN finance from RIPng routing:
configure ripng delete finance

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1250

ExtremeWare XOS 11.3 Command Reference

configure ripng garbagetime

configure ripng garbagetime


configure ripng garbagetime {<seconds>}

Description
Configures the RIPng garbage time.

Syntax Description
seconds Specifies a time in seconds. Range is 10 to 2400 seconds.

Default
120 seconds.

Usage Guidelines
This command configures the time interval after which a route in the RIPng routing database that has expired will be removed. The value is rounded off to nearest multiple of 10.

Example
The following command configures the RIPng garbage time to have a 60-second delay:
configure ripng garbagetime 60

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1251

RIPng Commands

configure ripng import-policy


configure ripng import-policy [<policy-name> | none]

Description
Associates or removes the policy applied to RIPng routes added to the system routing table.

Syntax Description
policy-name Specifies the policy to apply.

Default
No policy.

Usage Guidelines
Use this command to configure the policy to be applied to RIPng routes installed into the system routing table from the RIPng routing process. This policy can be used to modify parameters associated with routes installed into the routing table. Use the none option to remove the policy association. The following is a sample policy file that could be used with RIPng. It will drop any routes from the subnets 2001:db8:2ccc::/64 and 2001:db8:2ccd::/64:
entry filter_routes { If match any{ nlri 2001:db8:2ccc:: /64; nlri 2001:db8:2ccd:: /64; } then { deny; } }

Example
The following example applies the policy campuseast to RIPng routes:
configure ripng import-policy campuseast

History
This command was first available in ExtremeWare XOS 11.2.

1252

ExtremeWare XOS 11.3 Command Reference

configure ripng import-policy

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1253

RIPng Commands

configure ripng routetimeout


configure ripng routetimeout <seconds>

Description
Configures the route timeout period for RIPng.

Syntax Description
seconds Specifies a time in seconds. Range is 10 to 3600.

Default
180 seconds.

Usage Guidelines
If a router does not receive an update message from its neighbor within the route timeout period (180 seconds by default), the router assumes the connection between it and its neighbor is no longer available. The configured value is rounded off to the nearest multiple of 10.

Example
The following example sets the route timeout period to 120 seconds:
configure ripng routetimeout 120

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1254

ExtremeWare XOS 11.3 Command Reference

configure ripng updatetime

configure ripng updatetime


configure ripng updatetime <seconds>

Description
Specifies the time interval in seconds within which RIPng sends update packets.

Syntax Description
seconds Specifies a time in seconds. The range is 10 to 3600.

Default
30 seconds.

Usage Guidelines
The router exchanges an update message with each neighbor every 30 seconds (default value), or if there is a change to the overall routed topology (also called triggered updates). The timer granularity is 10 seconds. Timer minimum is 10 second and maximum is 3600 seconds.

Example
The following command sets the update timer to 60 seconds:
configure ripng updatetime 60

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1255

RIPng Commands

configure ripng cost


configure ripng [vlan <vlan-name> | tunnel <tunnel-name>] cost <metric>

Description
Configures the cost (metric) of the interface.

Syntax Description
vlan-name tunnel-name metric Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies a cost metric. Range is 1 to 15.

Default
The default setting is 1.

Usage Guidelines
The specified interface cost is added to the cost of the route received through this interface.

Example
The following command configures the cost for the VLAN finance to a metric of 3:
configure ripng vlan finance cost 3

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1256

ExtremeWare XOS 11.3 Command Reference

configure ripng route-policy

configure ripng route-policy


configure ripng [vlan <vlan-name> | tunnel <tunnel-name>] route-policy [in | out] [<policy-name> | none]

Description
Configures RIPng to ignore or modify certain routes received from its neighbors, or to suppress certain routes when performing route advertisements.

Syntax Description
vlan-name tunnel-name policy-name none Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies a policy. Removes any policy from the VLAN.

Default
N/A.

Usage Guidelines
Use the in option to configure an input route policy, which determines which RIPng routes are accepted as valid routes from RIPng neighbors. This policy can be combined with the trusted neighbor policy to accept selected routes only from a set of trusted neighbors. Use the out option to configure an output route policy, which determines which RIPng routes are advertised to other RIPng neighbors. The following is a sample policy file that could be used with RIPng. It will drop any routes from the subnets 2001:db8:2ccc::/64 and 2001:db8:2ccd::/64:
entry filter_routes { If match any{ nlri 2001:db8:2ccc:: /64; nlri 2001:db8:2ccd:: /64; } then { deny; } }

ExtremeWare XOS 11.3 Command Reference

1257

RIPng Commands

Example
The following command configures the VLAN backbone to accept routes from its neighbor as specified by the policy nosales:
configure ripng vlan backbone route-policy in nosales

The following command uses the policy nosales to determine which RIP routes are advertised into the VLAN backbone:
configure rip vlan backbone route-policy out nosales

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1258

ExtremeWare XOS 11.3 Command Reference

configure ripng trusted-gateway

configure ripng trusted-gateway


configure ripng [vlan <vlan-name> | tunnel <tunnel-name>] trusted-gateway [<policy-name> | none]

Description
Configures a trusted neighbor policy to determine trusted RIPng router neighbors for the interfaces on the switch running RIPng.

Syntax Description
vlan-name tunnel-name policy-name none Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies a policy. Removes any trusted-gateway policy from the VLAN.

Default
None. Control packets fall the neighbors are processed.

Usage Guidelines
Use this command to set a policy to determine trusted neighbors. A neighbor is defined by its IP address. Only the RIPng control packets from trusted neighbors will be processed. The following policy designates neighbors from the fe80:202:b3ff:fe4a:6ada:: /64 subnet and the neighbor at fe80:203::b3ff:fe4a:6ada as trusted gateways:
entry filter_gateways { If match any{ nlri fe80:202:b3ff:fe4a:6ada:: /64; nlri fe80:203::b3ff:fe4a:6ada ; } then { permit; } }

Example
The following command configures RIPng to use the policy nointernet to determine from which RIPng neighbor to receive (or reject) the routes to the VLAN backbone:
configure ripng vlan backbone trusted-gateway nointernet

ExtremeWare XOS 11.3 Command Reference

1259

RIPng Commands

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1260

ExtremeWare XOS 11.3 Command Reference

disable ripng

disable ripng
disable ripng

Description
Disables RIPng for the whole router.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
The following command disables RIPng for the whole router:
disable ripng

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1261

RIPng Commands

disable ripng export


disable ripng export [direct | ospfv3 | ospfv3-extern1 | ospfv3-extern2 | ospfv3-inter | ospfv3-intra | static]

Description
Disables RIPng from redistributing routes from other routing protocols.

Syntax Description
static direct ospfv3 ospfv3-intra ospfv3-inter ospfv3-extern1 ospfv3-extern2 Specifies user configured static routes. Specifies directly reachable subnets from the router (only interfaces that have IP forwarding enabled are exported). Specifies all OSPFv3 routes. Specifies OSPFv3-intra area routes. Specifies OSPFv3-inter area routes. Specifies OSPFv3 external route type 1. Specifies OSPFv3 external route type 2.

Default
Disabled.

Usage Guidelines
This command disables the exporting of static, direct, and OSPF-learned routes from the switch routing table into the RIPng domain.

Example
The following command disables RIPng from redistributing any routes learned from OSPFv3:
disable ripng export ospfv3

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1262

ExtremeWare XOS 11.3 Command Reference

disable ripng originate-default

disable ripng originate-default


disable ripng originate-default

Description
Disables the advertisement of a default route to the neighbors.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
The following command unconfigures a default route to be advertised by RIPng if no other default route is advertised:
disable ripng originate-default

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1263

RIPng Commands

disable ripng poisonreverse


disable ripng poisonreverse {vlan <vlan-name> | tunnel <tunnel_name> | [vlan | tunnel] all}

Description
Disables poison reverse algorithm for RIPng.

Syntax Description
vlan-name tunnel-name all Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all interfaces.

Default
Enabled.

Usage Guidelines
Like split horizon, poison reverse is a scheme for eliminating the possibility of loops in the routed topology. In this case, a router advertises a route over the same interface that supplied the route, but the route uses a hop count of 16, defining it as unreachable.

Example
The following command disables the split horizon with poison reverse algorithm for RIPng:
disable ripng poisonreverse

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1264

ExtremeWare XOS 11.3 Command Reference

disable ripng splithorizon

disable ripng splithorizon


disable ripng splithorizon {vlan <vlan-name> | tunnel <tunnel_name> | [vlan | tunnel] all}

Description
Disables the split horizon algorithm for RIPng.

Syntax Description
vlan-name tunnel-name all Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all interfaces.

Default
Enabled.

Usage Guidelines
Split horizon is a scheme for avoiding problems caused by including routes in updates sent to the router from which the route was learned. Split horizon omits routes learned from a neighbor in updates sent to that neighbor.

Example
The following command disables the split horizon algorithm for RIPng:
disable rip splithorizon

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1265

RIPng Commands

disable ripng triggerupdate


disable ripng triggerupdate {vlan <vlan-name> | tunnel <tunnel_name> | [vlan | tunnel] all}

Description
Disables the trigger update mechanism. Triggered updates are a mechanism for immediately notifying a routers neighbors when the router adds or deletes routes or changes their metric.

Syntax Description
vlan-name tunnel-name all Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all interfaces.

Default
Enabled.

Usage Guidelines
Triggered updates occur whenever a router changes the metric for a route and it is required to send an update message immediately, even if it is not yet time for a regular update message to be sent. This will generally result in faster convergence, but may also result in more RIPng-related traffic. When this feature is disabled, any metric change on the interface, or an interface going down will not be communicated until the next periodic update. To configure how often periodic updates are sent, use the following command:
configure ripng updatetime

Example
The following command disables the trigger update mechanism:
disable ripng triggerupdate

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1266

ExtremeWare XOS 11.3 Command Reference

enable ripng

enable ripng
enable ripng

Description
Enables RIPng for the whole router.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Although RIPng is useful in small networks, it has a number of limitations that can cause problems in large networks, including:

A limit of 15 hops between the source and destination networks A large amount of bandwidth taken up by periodic broadcasts of the entire routing table Slow convergence Routing decisions based on hop count; no concept of link costs or delay Flat networks; no concept of areas or boundaries

For larger networks, consider OSPFv3 as an alternative IGP.

Example
The following command enables RIPng for the whole router:
enable ripng

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1267

RIPng Commands

enable ripng export


enable ripng export [direct | ospfv3 | ospfv3-extern1 | ospfv3-extern2 | ospfv3-inter | ospfv3-intra | static] [cost <number> {tag <number>} | policy <policy-name>]

Description
Enables RIPng to redistribute routes from other routing functions.

Syntax Description
direct ospfv3 ospfv3-intra ospfv3-inter ospfv3-extern1 ospfv3-extern2 static cost <number> tag <number> <policy-name> Specifies interface routes (only interfaces that have IP forwarding enabled are exported). Specifies all OSPFv3 routes. Specifies OSPFv3-intra area routes. Specifies OSPFv3-inter area routes. Specifies OSPFv3 external route type 1. Specifies OSPFv3 external route type 2. Specifies static routes. Specifies the cost metric, from 0-15. If set to 0, RIPng uses the route metric obtained from the route origin. Specifies a tag number. Specifies a policy.

Default
Disabled. However, direct routes will always be advertised for all the interfaces where RIPng is enabled. For those interfaces where RIPng is not enabled, the corresponding direct route could be redistributed if direct route export is enabled through this command. Default tag is 0.

Usage Guidelines
This command enables the exporting of static, direct, and OSPFv3-learned routes from the routing table into the RIPng domain. You can choose which types of OSPFv3 routes are injected, or you can simply choose ospfv3, which will inject all learned OSPFv3 routes regardless of type. The cost metric is inserted for all RIPng-learned, static, and direct routes injected into RIPng. If the cost metric is set to 0, the cost is inserted from the route table. The tag value is used only by special routing applications. Use 0 if you do not have specific requirements for using a tag. Each protocol can have a policy associated with it to control or modify the exported routes.

1268

ExtremeWare XOS 11.3 Command Reference

enable ripng export The following is sample policy file which modifies the cost of redistributed routes from OSPFv3 and statically configured routes:
entry filter_rt { If match any { Route-origin ospfv3; Route-origin static; } then { cost 10; } }

Example
The following command enables RIPng to redistribute routes from all OSPFv3 routes:
enable ripng export ospfv3 cost 0

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1269

RIPng Commands

enable ripng originate-default


enable ripng originate-default {always} cost <metric> {tag <number>}

Description
Configures a default route to be advertised by RIPng.

Syntax Description
always cost <metric> tag <number> Specifies to advertise the default route in addition to learned default route. Specifies a cost metric. The range is 1 - 15. Specifies a tag number.

Default
Disabled.

Usage Guidelines
If always is specified, RIPng always advertises the default route to its neighbors. If always is not specified, RIPng advertises a default route only if a reachable default route is in the system route table (the route is learned from other neighbors). The default route advertisement is filtered using the out policy. Use the command, configure ripng
route-policy, to specify the out policy.

The cost metric is inserted for all RIPng-learned, static, and direct routes injected into RIPng. The tag value is used only by special routing applications.

Example
The following command configures a default route to be advertised by RIPng if there is a default route in the system routing table:
enable ripng originate-default cost 7

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1270

ExtremeWare XOS 11.3 Command Reference

enable ripng poisonreverse

enable ripng poisonreverse


enable ripng poisonreverse {vlan <vlan-name> | tunnel <tunnel_name> | [vlan | tunnel] all}

Description
Enables the split horizon with poison reverse algorithm for RIPng on specified interfaces.

Syntax Description
vlan-name tunnel-name all Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all interfaces.

Default
Enabled.

Usage Guidelines
Used with split horizon, poison reverse is a scheme for eliminating the possibility of loops in the routed topology. In this case, a router advertises a route over the same interface that supplied the route, but the route uses a hop count of 16, defining it as unreachable. If both split horizon and poison reverse are enabled, poison reverse takes precedence.

Example
The following command enables split horizon with poison reverse for RIPng on all IPv6 interfaces in the virtual router:
enable ripng poisonreverse

The following command enables split horizon with poison reverse for all the IPv6 configured VLANs in the virtual router:
enable ripng poisonreverse vlan all

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1271

RIPng Commands

enable ripng splithorizon


enable ripng splithorizon {vlan <vlan-name> | tunnel <tunnel_name> | [vlan | tunnel] all}

Description
Enables the split horizon algorithm for RIPng.

Syntax Description
vlan-name tunnel-name all Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all interfaces.

Default
Enabled.

Usage Guidelines
Split horizon is a scheme for avoiding problems caused by including routes in updates sent to the router from which the route was learned. Split horizon omits routes learned from a neighbor in updates sent to that neighbor.

Example
The following command enables the split horizon algorithm for RIPng on all IPv6 configured interfaces:
enable ripng splithorizon

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1272

ExtremeWare XOS 11.3 Command Reference

enable ripng triggerupdates

enable ripng triggerupdates


enable ripng triggerupdates {vlan <vlan-name> | tunnel <tunnel_name> | [vlan | tunnel] all}

Description
Enables the trigger update mechanism. Triggered updates are a mechanism for immediately notifying a routers neighbors when the router adds or deletes routes or changes their metric.

Syntax Description
vlan-name tunnel-name all Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all interfaces.

Default
Enabled.

Usage Guidelines
Triggered updates occur whenever a router changes the metric for a route and it is required to send an update message immediately, even if it is not yet time for a regular update message to be sent. This will generally result in faster convergence, but may also result in more RIPng-related traffic.

Example
The following command enables the trigger update mechanism on all IPv6 configured interfaces:
enable ripng triggerupdate

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1273

RIPng Commands

show ripng
show ripng

Description
Displays RIPng global configuration and runtime information.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays RIPng global configuration and runtime information:
show ripng

The following is sample output from this command:


Ripng Routing :Enabled Triggered Updates: Enabled Update Interval : 30 Garbage Timeout : 120 Originate Default: Disabled Sys Import-Policy: None Redistribute: Aggregation Route Timeout Hold Down Time : Disabled : 180 : 0

Protocol Status Cost Tag Policy ----------------------------------------------------------Direct Enabled 0 0 none Static Disabled 0 0 none OSPFIntra Disabled 0 0 none OSPFInter Disabled 0 0 none OSPFExt1 Disabled 0 0 none OSPFExt2 Disabled 0 0 none

History
This command was first available in ExtremeWare XOS 11.2.

1274

ExtremeWare XOS 11.3 Command Reference

show ripng

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1275

RIPng Commands

show ripng interface


show ripng interface {detail | vlan <vlan-name> | tunnel <tunnel-name>}

Description
Displays RIPng-specific configuration and statistics for the specified interface.

Syntax Description
detail vlan-name tunnel-name Specifies detailed display. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel.

Default
Show summary output for all interfaces.

Usage Guidelines
Displays the RIPng interface configuration and runtime information. If no interface is specified, only the summary data for all the configured interfaces is displayed. If an interface is specified, only the data for that interface is displayed in detail. If the keyword detail is specified, detailed data for all interfaces is displayed.

Example
The following command displays the RIPng configuration summary for all interfaces:
show ripng interface

The following is sample output from this command:


VLAN v1 v2 v3 v4 IP Address 22cc::3 22bb::1 2abc::1 3ffe::1 /64 /64 /120 /64 Flags rif-pst rif-pst rif-pst rif-pst Sent Packets 106349 106349 106351 106349 Rcvd Packets 106349 106095 0 139124 Triggered Cost Updates 3 15 3 1 4 1 3 1

Flags: (f) (n) (p) (t)

Interface Forwarding Enabled, (i) Interface RIPng Enabled Multinetted Interface, (r) Router RIPng Enabled Poison Reverse Enabled, (s) Split Horizon Enabled Trigerred Update Enabled.

1276

ExtremeWare XOS 11.3 Command Reference

show ripng interface The following command displays RIPng-specific statistics for the VLAN v1:
show ripng interface v1

The following is sample output from this command:


VLAN Router RIPng Input Policy Trusted GW Policy Split Horizon Rcved Packets Sent Trig. Updates Rcved Bad Routes : : : : : : : : v1 Enabled None gw6 Enabled 106358 3 0 Interface Cost Output Policy Poison Reverse Triggered Updates Sent Packets Rcved Bad Packets : : : : : : : 22cc::3/64 15 None Enabled Enabled 106358 0

Neighbor Addresses : fe80::201:30ff:fe94:f400 Interface Addresses : 22cc::3/64, fe80::280:c8ff:feb9:2855/64

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1277

RIPng Commands

show ripng routes


show ripng routes {detail} {network <ripngNetworkPrefix>}

Description
Displays all matching routes in the RIPng routing database.

Syntax Description
detail ipv6-prefix prefix-length Displays all available information from the RIPng routing table. Specifies the route prefix for the routes to show. Specifies the address mask of the IPv6 prefix.

Default
N/A.

Usage Guidelines
The routes displayed include all routes advertised by RIPng, including routes exported from the system routing table and originated by other protocols, for example OSPFv3 (also called redistributed routes).

Example
The following command displays a summary of RIPng specific routes:
show ripng routes

The following is sample output from this command:


*> * *> * *> * * *> * Network 2aaa::/64 2bbb::/64 2ccc::/64 Next Hop fe80::201:30ff:fef4:5ca0%v1 fe80::201:30ff:fe94:f400%v2 fe80::201:30ff:fef4:5ca0%v1 fe80::201:30ff:fe94:f400%v2 (local) fe80::201:30ff:fef4:5ca0%v1 fe80::201:30ff:fe94:f400%v2 (local) fe80::201:30ff:fe94:f400%v2 Mtr 2 2 2 3 1 2 3 1 2 VLAN v1 v2 v1 v2 (direct) v1 v2 (direct) v2

2ddd::/64

The following command displays the detailed RIPng route information:


show ripng routes detail

1278

ExtremeWare XOS 11.3 Command Reference

show ripng routes The following is sample output from this command:
IPv6 RIPng routing table entry for 2aaa::/64 Paths: (2 available, best #1) fe80::201:30ff:fef4:5ca0%v1 from fe80::201:30ff:fef4:5ca0%v1 (v1) Metric 2, tag 0, timeout in 02:38, valid, best fe80::201:30ff:fe94:f400%v2 from fe80::201:30ff:fe94:f400%v2 (v2) Metric 2, tag 0, timeout in 02:44, valid IPv6 RIPng routing table entry for 2bbb::/64 Paths: (2 available, best #1) fe80::201:30ff:fef4:5ca0%v1 from fe80::201:30ff:fef4:5ca0%v1 (v1) Metric 2, tag 0, timeout in 02:38, valid, best fe80::201:30ff:fe94:f400%v2 from fe80::201:30ff:fe94:f400%v2 (v2) Metric 3, tag 0, timeout in 02:44, valid IPv6 RIPng routing table entry for 2ccc::/64 Paths: (3 available, best #1) Local from direct Metric 1, tag 0, no timeout, valid, best fe80::201:30ff:fef4:5ca0%v1 from fe80::201:30ff:fef4:5ca0%v1 (v1) Metric 2, tag 0, timeout in 02:38, valid fe80::201:30ff:fe94:f400%v2 from fe80::201:30ff:fe94:f400%v2 (v2) Metric 3, tag 0, timeout in 02:44, valid

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1279

RIPng Commands

unconfigure ripng
unconfigure ripng {vlan <vlan-name> | tunnel <tunnel-name> | vlan all | tunnel all}

Description
Resets RIPng parameters to the default value.

Syntax Description
vlan-name tunnel-name all Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies either all IPv6 configured VLANs or all IPv6 tunnels.

Default
N/A.

Usage Guidelines
Issuing the command unconfigure ripng resets all the interfaces and the global configuration to the defaults, and disables RIPng, as that is the default.

Example
The following command resets the RIPng configuration to the default for the VLAN finance:
unconfigure rip finance

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1280

ExtremeWare XOS 11.3 Command Reference

26 OSPF Commands
This chapter describes commands used for the interior gateway protocol OSPF. Open Shortest Path First (OSPF) is a link-state protocol that distributes routing information between routers belonging to a single IP domain, also known as an autonomous system (AS). In a link-state routing protocol, each router maintains a database describing the topology of the autonomous system. Each participating router has an identical database maintained from the perspective of that router. From the link-state database (LSDB), each router constructs a tree of shortest paths, using itself as the root. The shortest path tree provides the route to each destination in the autonomous system. When several equal-cost routes to a destination exist, traffic can distributed among them. The cost of a route is described by a single metric. OSPF allows parts of a networks to be grouped together into areas. The topology within an area is hidden from the rest of the autonomous system. Hiding this information enables a significant reduction in link-state advertisement (LSA) traffic, and reduces the computations needed to maintain the LSDB. Routing within the area is determined only by the topology of the area. The three types of routers defined by OSPF are as follows:

Internal Router (IR)An internal router has all of its interfaces within the same area. Area Border Router (ABR)An ABR has interfaces belonging to two or more areas. It is responsible for exchanging summary advertisements with other ABRs. Autonomous System Border Router (ASBR)An ASBR acts as a gateway between OSPF and other routing protocols, or other autonomous systems.

Each switch that is configured to run OSPF must have a unique router ID. It is recommended that you manually set the router ID of the switches participating in OSPF, instead of having the switch automatically choose its router ID based on the highest interface IP address. Not performing this configuration in larger, dynamic environments could result in an older LSDB remaining in use.

NOTE
Do not set the router ID to 0.0.0.0.

Licensing
To use the complete OSPF functionality, you must have a Core license installed on your switch. The BlackDiamond 10K ships with a Core, or Advanced Core license. Other platforms can be upgraded to a Core license. See the section Software Licensing on page 33 for more information about licensing. A subset of OSPF, called OSPF Edge Mode, is available with an Advanced Edge license.

ExtremeWare XOS 11.3 Command Reference

1281

OSPF Commands

OSPF Edge Mode


OSPF Edge Mode is a subset of OSPF available on platforms with an Advanced Edge license. There are two restrictions on OSPF Edge Mode:

At most, two Active OSPF VLAN interfaces are permitted. There is no restriction on the number of Passive interfaces. The OSPF Priority on VLANs is zero, and is not configurable. This prevents the system from acting as a DR or BDR

1282

ExtremeWare XOS 11.3 Command Reference

clear ospf counters

clear ospf counters


clear ospf counters { interfaces [all | vlan <vlan-name> | area <area-identifier>] | area [all | <area-identifier>] | virtual-link [all | <router-identifier> <area-identifier>] | neighbor [all | routerid [<ip-address> {<ip-mask>} | <ipNetmask>] | vlan <vlan-name>] | system }

Description
Clears the OSPF counters (statistics).

Syntax Description
vlan-name router-identifier area-identifier ip-address ip-mask ipNetmask system Specifies a VLAN name. Specifies a router interface number. Specifies an OSPF area. Specifies an IP address Specifies a subnet mask. Specifies IP address / Netmask Specifies the OSPF system counters.

Default
N/A.

Usage Guidelines
The global command clear counters also clears all OSPF counters. This global command is the equivalent of clear ospf counters for OSPF.

Example
The following command clears the OSPF counters for area 1.1.1.1:
clear ospf counters area 1.1.1.1

History
This command was first available in ExtremeWare XOS 10.1.

ExtremeWare XOS 11.3 Command Reference

1283

OSPF Commands

Platform Availability
This command is available on all platforms.

1284

ExtremeWare XOS 11.3 Command Reference

configure ospf cost

configure ospf cost


configure ospf [area <area-identifier> | vlan [<vlan-name> | all]] cost [automatic | <cost>]

Description
Configures the cost metric of one or all interface(s) or an area.

Syntax Description
area-identifier vlan-name all automatic cost Specifies an OSPF area. Specifies a VLAN name. Specifies all VLANs. Determine the advertised cost from the OSPF metric table. Specifies the cost metric.

Default
The default cost is automatic.

Usage Guidelines
The range is 1 through 65535.

Example
The following command configures the cost metric of the VLAN accounting:
configure ospf vlan accounting cost 10

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1285

OSPF Commands

configure ospf priority


configure ospf [area <area-identifier> | vlan [<vlan-name> | all]] priority <priority>

Description
Configures the priority used in the designated router and backup designated router election algorithm for one or all OSPF interface(s) or for all the interfaces within the area.

Syntax Description
area-identifier vlan-name all priority Specifies an OSPF area. Specifies a VLAN name. Specifies all VLANs. Specifies a priority range. The range is 0 through 255.

Default
The default setting is 1.

Usage Guidelines
The range is 0 through 255, and the default setting is 1. Setting the value to 0 ensures that the router is never selected as the designated router or backup designated router.

Example
The following command sets all the interfaces in area 1.2.3.4 to not be selected as the designated router:
configure ospf area 1.2.3.4 priority 0

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms with a core license.

1286

ExtremeWare XOS 11.3 Command Reference

configure ospf authentication

configure ospf authentication


configure ospf [vlan [<vlan-name> | all] | area <area-identifier> | virtual-link <router-identifier> <area-identifier>] authentication [{encrypted} simple-password <simple-password> | {encrypted} md5 <md5_key_id> <md5_key>| none]

Description
Specifies the authentication password (up to eight characters) or Message Digest 5 (MD5) key for one or all interfaces in a specific area or a virtual link.

Syntax Description
vlan-name all area-identifier router-identifier encrypted simple-password md5-key_id md5_key none Specifies a VLAN name. Specifies all VLANs Specifies an OSPF area. Specifies the router ID of the remote router. Indicates that the password (or key) is already encrypted. Specifies an authentication password (up to 8 ASCII characters). Specifies a Message Digest 5 key, from 0-255. Specifies a numeric value from 0-65,536. Can also be alphanumeric, up to 26 characters. Disables authentication.

Default
N/A.

Usage Guidelines
The md5_key is a numeric value with the range 0 to 65,536 or alphanumeric. When the OSPF area is specified, authentication information is applied to all OSPF interfaces within the area. The encrypted keyword is primarily for the output of the show configuration command, so the password (or key) is not revealed in the command output. Do not use it to set the password or key.

Example
The following command configures MD5 authentication on the VLAN subnet_26:
configure ospf vlan subnet_26 authentication md5 32 test

History
This command was first available in ExtremeWare XOS 10.1.

ExtremeWare XOS 11.3 Command Reference

1287

OSPF Commands

Platform Availability
This command is available on all platforms.

1288

ExtremeWare XOS 11.3 Command Reference

configure ospf add virtual-link

configure ospf add virtual-link


configure ospf add virtual-link <router-identifier> <area-identifier>

Description
Adds a virtual link connected to another ABR.

Syntax Description
router-identifier area-identifier Specifies the router ID of the other end of the link. Specifies an OSPF area.

Default
N/A.

Usage Guidelines
A virtual link provides a logical path between the ABR of the disconnected area and the ABR of the normal area that connects to the backbone. A virtual link must be established between two ABRs that have a common area, with one ABR connected to the backbone. Specify the following:

router-identifierFar-end router interface number. area-identifierTransit area used for connecting the two end-points. The transit area cannot have the area identifier 0.0.0.0. and cannot be a stub area or an NSSA.

Example
The following command configures a virtual link between the two interfaces:
configure ospf add virtual-link 10.1.2.1 10.1.0.0

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1289

OSPF Commands

configure ospf add vlan area


configure ospf add vlan [<vlan-name> | all] area <area-identifier> {passive}

Description
Enables OSPF on one or all VLANs (router interfaces).

Syntax Description
vlan-name all area-identifier passive Specifies a VLAN name. Specifies all VLANs. Specifies the area to which the VLAN is assigned. Specifies to stop sending and receiving hello packets on this interface.

Default
Disabled.

Usage Guidelines
None.

Example
The following command enables OSPF on a VLAN named accounting:
configure ospf add vlan accounting area 0.0.0.1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1290

ExtremeWare XOS 11.3 Command Reference

configure ospf add vlan area link-type

configure ospf add vlan area link-type


configure ospf add vlan <vlan-name> area <area-identifier> link-type [auto | broadcast | point-to-point] {passive}

Description
Configures the OSPF link type.

Syntax Description
vlan-name area-identifier auto broadcast point-to-point passive Specifies a VLAN name. Specifies the area to which the VLAN is assigned. Specifies to automatically determine the OSPF link type based on the interface type. Specifies a broadcast link, such as Ethernet. Routers must elect a DR and a BDR during synchronization. Specifies a point-to-point link type, such as PPP. Specifies to stop sending and receiving packets on this interface.

Default
Auto.

Usage Guidelines
The passive parameter indicates that the router only synchronizes and listens, and does not originate or send any new information on the interface.

Example
The following command configures the OSPF link type as automatic on a VLAN named accounting:
configure ospf add vlan accounting area 0.0.0.1 link-type auto

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1291

OSPF Commands

configure ospf area external-filter


configure ospf area <area-identifier> external-filter [<policy-map> |none]

Description
Configures an external filter policy.

Syntax Description
area-identifier policy-map none Specifies the OSPF target area. Specifies a policy. Specifies not to apply an external filter (removes the existing policy, if any).

Default
N/A.

Usage Guidelines
For switches configured to support multiple OSPF areas (an ABR function), a policy can be applied to an OSPF area that filters a set of OSPF external routes from being advertised into that area. Using the none mode specifies that no external filter is applied.

Example
The following command configures an external filter policy, nosales:
configure ospf area 1.2.3.4 external-filter nosales

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1292

ExtremeWare XOS 11.3 Command Reference

configure ospf area interarea-filter

configure ospf area interarea-filter


configure ospf area <area-identifier> interarea-filter [<policy-map> | none]

Description
Configures a global inter-area filter policy.

Syntax Description
area-identifier policy-map none Specifies the OSPF target area. Specifies a policy. Specifies not to apply an interarea filter.

Default
N/A.

Usage Guidelines
For switches configured to support multiple OSPF areas (an ABR function), a policy can be applied to an OSPF area that filters a set of OSPF inter-area routes from being sourced from any other areas.

Example
The following command configures an inter-area filter policy, nosales:
configure ospf area 0.0.0.6 interarea-filter nosales

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1293

OSPF Commands

configure ospf area add range


configure ospf area <area-identifier> add range [<ip-address> <ip-mask> | <ipNetmask>] [advertise | noadvert] [type-3 | type-7]

Description
Configures a range of IP addresses in an OSPF area to be aggregated.

Syntax Description
area-identifier ip-address ip-mask ipNetmask advertise noadvertise type-3 type-7 Specifies an OSPF area. Specifies an IP address Specifies a subnet mask. Specifies IP address / Netmask. Specifies to advertise the aggregated range of IP addresses. Specifies not to advertise the aggregated range of IP addresses. Specifies type 3 LSA, summary LSA. Specifies type 7 LSA, NSSA external LSA.

Default
N/A.

Usage Guidelines
If advertised, the aggregated IP range is exported as a single LSA by the ABR.

Example
The following command is used to summarize a certain range of IP addresses within an area and export them out as a single address:
configure ospf area 1.2.3.4 add range 10.1.2.0/24 advertise type-3

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1294

ExtremeWare XOS 11.3 Command Reference

configure ospf area delete range

configure ospf area delete range


configure ospf area <area-identifier> delete range [<ip-address> <ip-mask> | <ipNetmask>]

Description
Deletes a range of aggregated IP addresses in an OSPF area.

Syntax Description
area-identifier ip-address ip-mask ipNetmask Specifies an OSPF area. Specifies an IP address. Specifies a subnet mask. Specifies IP address / Netmask.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes an aggregated IP address range:
configure ospf area 1.2.3.4 delete range 10.1.2.0/24

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1295

OSPF Commands

configure ospf area normal


configure ospf area <area-identifier> normal

Description
Configures an OSFP area as a normal area.

Syntax Description
area-identifier Specifies an OSPF area.

Default
Normal.

Usage Guidelines
A normal area is an area that is not any of the following:

Stub area NSSA

Virtual links can be configured through normal areas. External routes can be distributed into normal areas.

Example
The following command configures an OSPF area as a normal area:
configure ospf area 10.1.0.0 normal

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1296

ExtremeWare XOS 11.3 Command Reference

configure ospf area nssa stub-default-cost

configure ospf area nssa stub-default-cost


configure ospf area <area-identifier> nssa [summary | nosummary] stubdefault-cost <cost> {translate}

Description
Configures an OSPF area as an NSSA.

Syntax Description
area-identifier summary nosummary cost translate Specifies an OSPF area. Specifies that type-3 can be propagated into the area. Specifies that type-3 cannot be propagated into the area. Specifies a cost metric. Specifies whether type-7 LSAs are translated into type-5 LSAs.

Default
N/A.

Usage Guidelines
NSSAs are similar to the existing OSPF stub area configuration option, but have the following two additional capabilities:

External routes originating from an ASBR connected to the NSSA can be advertised within the NSSA. External routes originating from the NSSA can be propagated to other areas, including the backbone area, if translated to type 5 LSAs.

When configuring an OSPF area as an NSSA, the translate option should only be used on NSSA border routers, where translation is to be enforced. If translate is not used on any NSSA border router in a NSSA, one of the ABRs for that NSSA is elected to perform translation (as indicated in the NSSA specification). The option should not be used on NSSA internal routers. Doing so inhibits correct operation of the election algorithm.

Example
The following command configures an OSPF area as an NSSA:
configure ospf area 10.1.1.0 nssa summary stub-default-cost 10 translate

History
This command was first available in ExtremeWare XOS 10.1.

ExtremeWare XOS 11.3 Command Reference

1297

OSPF Commands

Platform Availability
This command is available on all platforms.

1298

ExtremeWare XOS 11.3 Command Reference

configure ospf area stub stub-default-cost

configure ospf area stub stub-default-cost


configure ospf area <area-identifier> stub [summary | nosummary] stubdefault-cost <cost>

Description
Configures an OSPF area as a stub area.

Syntax Description
area-identifier summary nosummary cost Specifies an OSPF area. Specifies that type-3 can be propagated into the area. Specifies that type-3 cannot be propagated into the area. Specifies a cost metric.

Default
N/A.

Usage Guidelines
A stub area is connected to only one other area. The area that connects to a stub area can be the backbone area. External route information is not distributed into stub areas. Stub areas are used to reduce memory and computation requirements on OSPF routers.

Example
The following command configures an OSPF area as a stub area:
configure ospf area 0.0.0.6 stub nosummary stub-default-cost 10

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1299

OSPF Commands

configure ospf area timer


configure ospf area <area-identifier> timer <retransmit-interval> <transitdelay> <hello-interval> <dead-interval> {<wait-timer-interval>}

Description
Configures the timers for all interfaces in the same OSPF area.

Syntax Description
area-identifier retransmit-interval transit-delay hello-interval dead-interval Specifies an OSPF area. Specifies the length of time that the router waits before retransmitting an LSA that is not acknowledged. The range is 1- 3,600 seconds. Specifies the length of time it takes to transmit an LSA packet over the interface. The range is 0 - 3,600 seconds. Specifies the interval at which routers send hello packets. The range is 1 65,535 seconds. Specifies the interval after which a neighboring router is declared down due to the fact that hello packets are no longer received from the neighbor. The range is 1 - 2,147,483,647 seconds. Specifies the interval between the interface coming up and the election of the DR and BDR. Usually equal to the dead timer interval.

wait-timer-interval

Default

retransmit intervalDefault: 5 transit delayDefault: 1 hello intervalDefault: 10 dead intervalDefault: 40 wait timer intervalDefault: dead interval

Usage Guidelines
Configuring OSPF timers on a per-area basis is a shorthand for applying the timers and authentication to each VLAN in the area at the time of configuration. If you add more VLANs to the area, you must configure the timers and authentication for the new VLANs explicitly. Specify the following:

retransmit intervalIf you set an interval that is too short, unnecessary retransmissions will result. transit delayThe transit delay must be greater than 0. hello intervalSmaller times allow routers to discover each other more quickly, but also increase network traffic.

1300

ExtremeWare XOS 11.3 Command Reference

configure ospf area timer


dead intervalThis interval should be a multiple of the hello interval. wait timer intervalThis interval is required by the OSPF standard to be equal to the router dead interval. Under some circumstances, setting the wait interval to smaller values can help OSPF routers on a broadcast network to synchronize more quickly at the expense of possibly electing an incorrect DR or BDR. This value should not be set to less than the hello interval. The default value is equal to the router dead interval.

Example
The following command sets the timers in area 0.0.0.2:
configure ospf area 0.0.0.2 timer 10 1 20 200

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1301

OSPF Commands

configure ospf ase-limit


configure ospf ase-limit <number> {timeout <seconds>}

Description
Configures the AS-external LSA limit and overflow duration associated with OSPF database overflow handling.

Syntax Description
number seconds Specifies the number of external routes that can be held in a link-state database. Specifies a duration for which the system has to remain in the overflow state.

Default
The default for timeout is 0, which indicates that once the router goes into overflow state, it stays there until OSPF is disabled and then re-enabled.

Usage Guidelines
None.

Example
The following command configures the AS-external LSA limit and overflow duration:
configure ospf ase-limit 50000 timeout 1800

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1302

ExtremeWare XOS 11.3 Command Reference

configure ospf ase-summary add

configure ospf ase-summary add


configure ospf ase-summary add [<ip-address> <ip-mask> | <ipNetmask>] cost <cost> {tag <number>}

Description
Aggregates AS-external routes in a specified address range.

Syntax Description
ip-address ip-mask ipNetmask cost tag Specifies an IP address. Specifies a subnet mask. Specifies IP address / Netmask. Specifies a metric that will be given to the summarized route. Specifies an OSPF external route tag.

Default
N/A.

Usage Guidelines
This command is only valid on an ASBR.

Example
The following command summarizes AS-external routes:
configure ospf ase-summary add 175.1.0.0/16 cost 10

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1303

OSPF Commands

configure ospf ase-summary delete


configure ospf ase-summary delete [<ip-address> <ip-mask> | <ipNetmask>]

Description
Deletes an aggregated OSPF external route.

Syntax Description
ip-address ip-mask ipNetmask Specifies an IP address. Specifies a subnet mask. Specifies IP address / Netmask.

Default
N/A.

Usage Guidelines
This command is only valid on an ASBR.

Example
The following command deletes the aggregated AS-external route:
configure ospf ase-summary delete 175.1.0.0/16

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1304

ExtremeWare XOS 11.3 Command Reference

configure ospf delete virtual-link

configure ospf delete virtual-link


configure ospf delete virtual-link <router-identifier> <area-identifier>

Description
Removes a virtual link.

Syntax Description
router-identifier area-identifier Specifies the router ID of the other end of the link. Specifies an OSPF area.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes a virtual link:
configure ospf delete virtual-link 10.1.2.1 10.1.0.0

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1305

OSPF Commands

configure ospf delete vlan


configure ospf delete vlan [<vlan-name> | all]

Description
Disables OSPF on one or all VLANs (router interfaces).

Syntax Description
vlan-name all Specifies a VLAN name. Specifies all VLANs.

Default
N/A.

Usage Guidelines
None.

Example
The following command disables OSPF on VLAN accounting:
configure ospf delete vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1306

ExtremeWare XOS 11.3 Command Reference

configure ospf import-policy

configure ospf import-policy


configure ospf import-policy [<policy-map> | none]

Description
Associates or removes the policy applied to OSPF routes added to the system routing table.

Syntax Description
policy-map Specifies the policy to apply.

Default
No policy.

Usage Guidelines
Use this command to associate a policy with the OSPF routes installed into the system table. Use the none option to remove the policy association.

Example
The following example applies the policy campuseast to OSPF routes:
configure ospf import-policy campuseast

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1307

OSPF Commands

configure ospf lsa-batch-interval


configure ospf lsa-batch-interval <seconds>

Description
Configures the OSPF LSA batching interval.

Syntax Description
seconds Specifies a time in seconds.

Default
The default setting is 30 seconds.

Usage Guidelines
The range is between 0 (disabled) and 600 seconds, using multiples of 5 seconds. The LSAs added to the LSDB during the interval are batched together for refresh or timeout.

Example
The following command configures the OSPF LSA batch interval to a value of 100 seconds:
configure ospf lsa-batch-interval 100

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1308

ExtremeWare XOS 11.3 Command Reference

configure ospf metric-table

configure ospf metric-table


configure ospf metric-table 10M <cost_10m> 100M <cost_100m> 1G <cost_1g> {10G <cost_10g>}

Description
Configures the automatic interface costs for 10 Mbps, 100 Mbps, and 1 Gbps interfaces, and optionally, the 10 Gbps interface.

Syntax Description
cost Specifies the interface cost for the indicated interfaces.

Default

10 MbpsThe default cost is 10. 100 MbpsThe default cost is 5. 1 GbpsThe default cost is 4. 10 GbpsThe default cost is 2.

Usage Guidelines
None.

Example
The following command configures the automatic interface costs for 10 Mbps, 100 Mbps, and 1 Gbps interfaces:
configure ospf metric-table 10m 20 100m 10 1g 2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1309

OSPF Commands

configure ospf restart


configure ospf restart [none | planned | unplanned | both]

Description
Configures the router as a graceful OSPF restart router.

Syntax Description
none planned unplanned both Do not act as a graceful OSPF restart router. Only act as a graceful OSPF restart router for planned restarts. Only act as a graceful OSPF restart router for unplanned restarts. Act as a graceful OSPF restart router for both planned and unplanned restarts.

Default
The default is none.

Usage Guidelines
This command configures the router as a graceful OSPF router. When configured for planned restarts, it will advertise Grace-LSAs before restarting (for example, during an upgrade of the OSPF module). When configured for unplanned restarts, it will advertise Grace-LSAs after restarting but before sending any Hellos. When configured for both, the router will advertise restarting regardless of whether the restart was planned or unplanned.

Example
The following command configures a router to perform graceful OSPF restarts only for planned restarts:
configure ospf restart planned

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

1310

ExtremeWare XOS 11.3 Command Reference

configure ospf restart grace-period

configure ospf restart grace-period


configure ospf restart grace-period <seconds>

Description
Configures the grace period sent out in Grace-LSAs and used by a restarting router.

Syntax Description
seconds Grace period, in seconds. The default value is 120 seconds. Range is 1 to 1800 seconds.

Default
The default is 120 seconds.

Usage Guidelines
This command configures the grace period sent out to helper neighbor routers and used by the restarting router. The value of the grace period must be greater that the dead interval, and less than the LSA refresh time.

Example
The following command configures a router to send LSAs with a 240 second grace period during graceful OSPF restarts:
configure ospf restart grace-period 240

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1311

OSPF Commands

configure ospf restart-helper


configure ospf [vlan [all | <vlan-name>] | area <area-identifier> | virtual-link <router-identifier> <area-identifier>] restart-helper [none | planned | unplanned | both]

Description
Configures the router as a graceful OSPF restart helper router.

Syntax Description
vlan-name all area-identifier router-identifier none planned unplanned both Specifies a VLAN name. Specifies all VLANs Specifies an OSPF area. Specifies the router ID of the remote router of the virtual link. Do not act as a graceful OSPF restart helper router. Only act as a graceful OSPF restart helper router for planned restarts. Only act as a graceful OSPF restart helper router for unplanned restarts. Act as a graceful OSPF restart helper router for both planned and unplanned restarts.

Default
The router default is none.

Usage Guidelines
This command configures the router as a graceful OSPF restart helper router for a single or multiple routers. When the router is acting as a helper, it will continue to advertise the restarting router as if it was fully adjacent. One OSPF interface may not help more than one restarting router. An OSPF interface may not enter helper mode when the router is performing a graceful restart. All the interfaces to a neighbor router must be configured as graceful restart helpers, or the router will not support graceful restart for its neighbor.

Example
The following command configures a router to be a graceful OSPF helper router for planned restarts for all routers in area 10.20.30.40:
configure ospf area 10.20.30.40 restart-helper planned

History
This command was first available in ExtremeWare XOS 11.3.

1312

ExtremeWare XOS 11.3 Command Reference

configure ospf restart-helper

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1313

OSPF Commands

configure ospf routerid


configure ospf routerid [automatic | <router-identifier>]

Description
Configures the OSPF router ID. If automatic is specified, the switch uses the highest IP interface address as the OSPF router ID.

Syntax Description
automatic router-identifier Specifies to use automatic addressing. Specifies a router address.

Default
Automatic.

Usage Guidelines
Each switch that is configured to run OSPF must have a unique router ID. It is recommended that you manually set the router ID of the switches participating in OSPF, instead of having the switch automatically choose its router ID based on the highest interface IP address. Not performing this configuration in larger, dynamic environments could result in an older link-state database remaining in use. NOTE
Do not set the router ID to 0.0.0.0.

Example
The following command sets the router ID:
configure ospf routerid 10.1.6.1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1314

ExtremeWare XOS 11.3 Command Reference

configure ospf spf-hold-time

configure ospf spf-hold-time


configure ospf spf-hold-time <seconds>

Description
Configures the minimum number of seconds between Shortest Path First (SPF) recalculations.

Syntax Description
seconds Specifies a time in seconds. The range is 0 to 300 seconds.

Default
3 seconds.

Usage Guidelines
None.

Example
The following command configures the minimum number of seconds between Shortest Path First (SPF) recalculations:
configure ospf spf-hold-time 6

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1315

OSPF Commands

configure ospf virtual-link timer


configure ospf virtual-link <router-identifier> <area-identifier> timer <retransmit-interval> <transit-delay> <hello-interval> <dead-interval>

Description
Configures the timers for a virtual link.

Syntax Description
router-identifier area-identifier retransmit-interval transit-delay hello-interval dead-interval Specifies the router ID of the other end of the link. Specifies an OSPF area. Specifies the length of time that the router waits before retransmitting an LSA that is not acknowledged. The range is 1 - 3,600 seconds. Specifies the length of time it takes to transmit an LSA packet over the interface. The range is 0 - 3,600 seconds. Specifies the interval at which routers send hello packets. The range is 1 65,535 seconds. Specifies the interval after which a neighboring router is declared down due to the fact that hello packets are no longer received from the neighbor. The range is 1 - 2,147,483,647 seconds.

Default

retransmit intervalDefault: 5 transit delayDefault: 1 hello intervalDefault: 10 dead intervalDefault: 40 wait timer intervalDefault: dead interval

Usage Guidelines
Configuring OSPF timers on a per-area basis is a shorthand for applying the timers and authentication to each VLAN in the area at the time of configuration. If you add more VLANs to the area, you must configure the timers and authentication for the new VLANs explicitly.

Example
The following command sets the timers on the virtual link in area 0.0.0.2 and remote router ID 6.6.6.6:
configure ospf virtual-link 6.6.6.6 0.0.0.2 timer 10 1 20 200

History
This command was first available in ExtremeWare XOS 10.1.

1316

ExtremeWare XOS 11.3 Command Reference

configure ospf virtual-link timer

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1317

OSPF Commands

configure ospf vlan area


configure ospf vlan <vlan-name> area <area-identifier>

Description
Associates a VLAN (router interface) with an OSPF area. By default, all router interfaces are associated with area 0.0.0.0.

Syntax Description
vlan-name area-identifier Specifies a VLAN name. Specifies an OSPF area.

Default
Area 0.0.0.0

Usage Guidelines
Any OSPF network that contains more than one area is required to have an area configured as area 0, also called the backbone. All areas in an autonomous system must be connected to the backbone. When designing networks, you should start with area 0, and then expand into other areas. The backbone allows summary information to be exchanged between ABRs. Every ABR hears the area summaries from all other ABRs. The ABR then forms a picture of the distance to all networks outside of its area by examining the collected advertisements, and adding in the backbone distance to each advertising router. When a VLAN is configured to run OSPF, by default you must assign it to an area.

Example
The following command associates the VLAN accounting with an OSPF area:
configure ospf vlan accounting area 0.0.0.6

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1318

ExtremeWare XOS 11.3 Command Reference

configure ospf vlan neighbor add

configure ospf vlan neighbor add


configure ospf vlan <vlan-name> neighbor add <ip-address>

Description
Configures the IP address of a point-to-point neighbor.

Syntax Description
vlan-name ip-address Specifies a VLAN name. Specifies an IP address.

Default
N/A.

Usage Guidelines
None.

Example
The following command configures the IP address of a point-to-point neighbor:
configure ospf vlan accounting neighbor add 10.0.0.1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1319

OSPF Commands

configure ospf vlan neighbor delete


configure ospf vlan <vlan-name> neighbor delete <ip-address>

Description
Deletes the IP address of a point-to-point neighbor.

Syntax Description
vlan-name ip-address Specifies a VLAN name. Specifies an IP address.

Default
N/A.

Usage Guidelines
None.

Example
The following command deletes the IP address of a point-to-point neighbor:
configure ospf vlan accounting neighbor delete 10.0.0.1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1320

ExtremeWare XOS 11.3 Command Reference

configure ospf vlan timer

configure ospf vlan timer


configure ospf vlan [<vlan-name> | all] timer <retransmit-interval> <transit-delay> <hello-interval> <dead-interval> {<wait-timer-interval>}

Description
Configures the OSPF wait interval for a VLAN or all VLANs.

Syntax Description
vlan-name retransmit-interval transit-delay hello-interval dead-interval Specifies a VLAN name. Specifies the length of time that the router waits before retransmitting an LSA that is not acknowledged. The range is 1 - 3,600. Specifies the length of time it takes to transmit an LSA packet over the interface. The range is 0 - 3,600 seconds. Specifies the interval at which routers send hello packets. The range is 1 65,535 seconds. Specifies the interval after which a neighboring router is declared down due to the fact that hello packets are no longer received from the neighbor. The range is 1 - 2,147,483,647. Specifies the interval between the interface coming up and the election of the DR and BDR. Usually equal to the dead timer interval.

wait-timer-interval

Default

retransmit interval5 seconds. transit delay1 second. hello interval10 seconds. dead interval40 seconds. wait timer intervaldead interval.

Usage Guidelines
Specify the following:

retransmit intervalIf you set an interval that is too short, unnecessary retransmissions will result. transit delayThe transit delay must be greater than 0. hello intervalSmaller times allow routers to discover each other more quickly, but also increase network traffic. dead intervalThis interval should be a multiple of the hello interval. wait timer intervalThis interval is required by the OSPF standard to be equal to the router dead interval. Under some circumstances, setting the wait interval to smaller values can help OSPF routers on a broadcast network to synchronize more quickly at the expense of possibly electing an incorrect DR or BDR. This value should not be set to less than the hello interval. The default value is equal to the router dead interval.

ExtremeWare XOS 11.3 Command Reference

1321

OSPF Commands

Example
The following command configures the OSPF wait interval on the VLAN accounting:
configure ospf vlan accounting timer 10 15 20 60 60

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1322

ExtremeWare XOS 11.3 Command Reference

create ospf area

create ospf area


create ospf area <area-identifier>

Description
Creates an OSPF area.

Syntax Description
area-identifier Specifies an OSPF area.

Default
Area 0.0.0.0

Usage Guidelines
Area 0.0.0.0 does not need to be created. It exists by default.

Example
The following command creates an OSPF area:
create ospf area 1.2.3.4

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1323

OSPF Commands

delete ospf area


delete ospf area [<area-identifier> | all]

Description
Deletes an OSPF area or all OSPF areas.

Syntax Description
area-identifier all Specifies an OSPF area. Specifies all areas.

Default
N/A.

Usage Guidelines
An OSPF area cannot be deleted if it has an associated interface. Also, area 0.0.0.0 cannot be deleted.

Example
The following command deletes an OSPF area:
delete ospf area 1.2.3.4

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1324

ExtremeWare XOS 11.3 Command Reference

disable ospf

disable ospf
disable ospf

Description
Disables the OSPF process for the router.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command disables the OSPF process for the router:
disable ospf

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1325

OSPF Commands

disable ospf capability opaque-lsa


disable ospf capability opaque-lsa

Description
Disables opaque LSAs across the entire system.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Opaque LSAs are a generic OSPF mechanism used to carry auxiliary information in the OSPF database. Opaque LSAs are most commonly used to support OSPF traffic engineering. Normally, support for opaque LSAs is auto-negotiated between OSPF neighbors. In the event that you experience interoperability problems, you can disable opaque LSAs. If your network uses opaque LSAs, all routers on your OSPF network should support opaque LSAs. Routers that do not support opaque LSAs do not store or flood them. At minimum a wellinterconnected subsection of your OSPF network needs to support opaque LSAs to maintain reliability of their transmission. On an OSPF broadcast network, the designated router (DR) must support opaque LSAs or none of the other routers on that broadcast network will reliably receive them. You can use the OSPF priority feature to give preference to an opaque-capable router, so that it becomes the elected DR. For transmission to continue reliably across the network, the backup designated router (BDR) must also support opaque LSAs.

Example
The following command disables opaque LSAs across the entire system:
disable ospf capability opaque-lsa

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1326

ExtremeWare XOS 11.3 Command Reference

disable ospf export

disable ospf export


disable ospf export [bgp | direct | e-bgp | i-bgp | rip | static]

Description
Disables redistribution of routes to OSPF.

Syntax Description
bgp direct i-bgp e-bgp rip static Specifies BGP routes. Specifies direct routes. Specifies I-BGP routes. Specifies E-BGP routes. Specifies RIP routes. Specifies static routes.

Default
The default setting is disabled.

Usage Guidelines
Use this command to stop OSPF from exporting routes derived from other protocols.

Example
The following command disables OSPF to export BGP-related routes to other OSPF routers:
disable ospf export bgp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1327

OSPF Commands

disable ospf originate-default


disable ospf originate-default

Description
Disables the generation of a default external LSA.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command disables generating a default external LSA:
disable ospf originate-default

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1328

ExtremeWare XOS 11.3 Command Reference

disable ospf restart-helper-lsa-check

disable ospf restart-helper-lsa-check


disable ospf [vlan [all | <vlan-name>] | area <area-identifier> | virtuallink <router-identifier> <area-identifier>] restart-helper-lsa-check

Description
Disables the restart helper router from terminating graceful OSPF restart when received LSAs would affect the restarting router.

Syntax Description
vlan-name all area-identifier router-identifier Specifies a VLAN name. Specifies all VLANs Specifies an OSPF area. Specifies the router ID of the remote router of the virtual link.

Default
The defaut is enabled.

Usage Guidelines
This command disables the restart helper router from terminating graceful OSPF restart when received LSAs would affect the restarting router.

Example
The following command disables a router from terminating graceful OSPF restart for all routers in area 10.20.30.40 if it receives an LSA that would affect routing:
disable ospf area 10.20.30.40 restart-helper-lsa-check

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1329

OSPF Commands

disable ospf use-ip-router-alert


disable ospf use-ip-router-alert

Description
Disables the router alert IP option in outgoing OSPF control packets.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
The following command disables the OSPF router alert IP option:
disable ospf use-ip-router-alert

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1330

ExtremeWare XOS 11.3 Command Reference

enable ospf

enable ospf
enable ospf

Description
Enables the OSPF process for the router.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command enables the OSPF process for the router:
enable ospf

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1331

OSPF Commands

enable ospf capability opaque-lsa


enable ospf capability opaque-lsa

Description
Enables opaque LSAs across the entire system.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Opaque LSAs are a generic OSPF mechanism used to carry auxiliary information in the OSPF database. Opaque LSAs are most commonly used to support OSPF traffic engineering. Normally, support for opaque LSAs is auto-negotiated between OSPF neighbors. In the event that you experience interoperability problems, you can disable opaque LSAs. If your network uses opaque LSAs, all routers on your OSPF network should support opaque LSAs. Routers that do not support opaque LSAs do not store or flood them. At minimum a wellinterconnected subsection of your OSPF network needs to support opaque LSAs to maintain reliability of their transmission. On an OSPF broadcast network, the designated router (DR) must support opaque LSAs or none of the other routers on that broadcast network will reliably receive them. You can use the OSPF priority feature to give preference to an opaque-capable router, so that it becomes the elected DR. For transmission to continue reliably across the network, the backup designated router (BDR) must also support opaque LSAs.

Example
The following command enables opaque LSAs across the entire system:
enable ospf capability opaque-lsa

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1332

ExtremeWare XOS 11.3 Command Reference

enable ospf export

enable ospf export


enable ospf export [bgp | direct | e-bgp | i-bgp | rip | static] [cost <cost> type [ase-type-1 | ase-type-2] {tag <number>} | <policy-map>]

Description
Enables redistribution of routes to OSPF.

Syntax Description
bgp i-bgp direct e-bgp rip static cost ase-type-1 ase-type-2 number policy-map Specifies BGP routes. Specifies I-BGP routes. Specifies direct routes. Specifies E-BGP routes. Specifies RIP routes. Specifies static routes. Specifies a cost metric. Specifies AS-external type 1 routes. Specifies AS-external type 2 routes. Specifies a tag value. Specifies a policy.

Default
The default tag number is 0. The default setting is disabled.

Usage Guidelines
After OSPF export is enabled, the OSPF router is considered to be an ASBR. Interface routes that correspond to the interface that has OSPF enabled are ignored. The cost metric is inserted for all BGP, RIP-learned, static, and direct routes injected into OSPF. If the cost metric is set to 0, the cost is inserted from the route. The tag value is used only by special routing applications. Use 0 if you do not have specific requirements for using a tag. The tag value in this instance has no relationship with 802.1Q VLAN tagging. The same cost, type, and tag values can be inserted for all the export routes, or a policy can be used for selective insertion. When a policy is associated with the export command, the policy is applied on every exported route. The exported routes can also be filtered using a policy.

Example
The following command enables OSPF to export BGP-related routes using LSAs to other OSPF routers:
enable ospf export bgp cost 1 ase-type-1 tag 0

ExtremeWare XOS 11.3 Command Reference

1333

OSPF Commands

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1334

ExtremeWare XOS 11.3 Command Reference

enable ospf originate-default

enable ospf originate-default


enable ospf originate-default {always} cost <cost> type [ase-type-1 | asetype-2] {tag <number>}

Description
Enables a default external LSA to be generated by OSPF, if no other default route is originated by OSPF by way of RIP and static route re-distribution.

Syntax Description
always cost ase-type-1 ase-type-2 number Specifies for OSPF to always advertise the default route. Specifies a cost metric. Specifies AS-external type 1 routes. Specifies AS-external type 2 routes. Specifies a tag value.

Default
N/A.

Usage Guidelines
If always is specified, OSPF always advertises the default route. If always is not specified, OSPF adds the default LSA if a reachable default route is in the route table.

Example
The following command generates a default external type-1 LSA:
enable ospf originate-default cost 1 ase-type-1 tag 0

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1335

OSPF Commands

enable ospf restart-helper-lsa-check


enable ospf [vlan [all | <vlan-name>] | area <area-identifier> | virtuallink <router-identifier> <area-identifier>] restart-helper-lsa-check

Description
Enables the restart helper router to terminate graceful OSPF restart when received LSAs would affect the restarting router.

Syntax Description
vlan-name all area-identifier router-identifier Specifies a VLAN name. Specifies all VLANs Specifies an OSPF area. Specifies the router ID of the remote router of the virtual link.

Default
The defaut is enabled.

Usage Guidelines
This command configures the restart helper router to terminate graceful OSPF restart when received LSAs would affect the restarting router. This will occur when the restart-helper receives an LSA that will be flooded to the restarting router or when there is a changed LSA on the restarting router's retransmission list when graceful restart is initiated.

Example
The following command configures a router to terminate graceful OSPF restart for all routers in area 10.20.30.40 if it receives an LSA that would affect routing:
enable ospf area 10.20.30.40 restart-helper-lsa-check

History
This command was first available in ExtremeWare XOS 11.3.

Platform Availability
This command is available on all platforms.

1336

ExtremeWare XOS 11.3 Command Reference

enable ospf use-ip-router-alert

enable ospf use-ip-router-alert


enable ospf use-ip-router-alert

Description
Enables the generation of the OSPF router alert IP option.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
The following command enables the OSPF router alert IP option:
enable ospf use-ip-router-alert

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1337

OSPF Commands

show ospf
show ospf

Description
Displays global OSPF information.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays global OSPF information:
show ospf

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1338

ExtremeWare XOS 11.3 Command Reference

show ospf area

show ospf area


show ospf area {<area-identifier>}

Description
Displays information about OSPF areas.

Syntax Description
area-identifier Specifies an OSPF area.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays information about OSPF area 1.2.3.4:
show ospf area 1.2.3.4

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1339

OSPF Commands

show ospf area detail


show ospf area detail

Description
Displays information about all OSPF areas.

Syntax Description
detail Specifies to display the information in detailed format.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays information about all OSPF areas:
show ospf area detail

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1340

ExtremeWare XOS 11.3 Command Reference

show ospf ase-summary

show ospf ase-summary


show ospf ase-summary

Description
Displays the OSPF external route aggregation configuration.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays the OSPF external route aggregation configuration:
show ospf ase-summary

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1341

OSPF Commands

show ospf interfaces detail


show ospf interfaces detail

Description
Displays detailed information about all OSPF interfaces.

Syntax Description
detail Specifies to display the information in detailed format.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays information about all OSPF interfaces:
show ospf interfaces detail

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1342

ExtremeWare XOS 11.3 Command Reference

show ospf interfaces

show ospf interfaces


show ospf interfaces {vlan <vlan-name> | area <area-identifier>}

Description
Displays information about one or all OSPF interfaces.

Syntax Description
vlan-name area-identifier Specifies a VLAN name. Specifies an OSPF area.

Default
If no argument is specified, all OSPF interfaces are displayed.

Usage Guidelines
None.

Example
The following command displays information about one or all OSPF interfaces on the VLAN accounting:
show ospf interfaces vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1343

OSPF Commands

show ospf lsdb


show ospf lsdb {detail | stats} {area [<area-identifier> | all]} {{lstype} [<lstype> | all]} {lsid <lsid-address>{<lsid-mask>}} {routerid <routerid-address> {<routerid-mask>}} {interface[[<ipaddress>{<ip-mask>} | <ipNetmask>] | vlan <vlan-name>]}

Description
Displays a table of the current Link-State Database (LSDB).

Syntax Description
detail stats area-identifier all lstype lsid lsid-mask interface routerid-address vlan-name Specifies to display all fields of matching LSAs in a multi-line format. Specifies to display the number of matching LSAs, but not any of their contents. Specifies an OSPF area. Specifies all OSPF areas. Specifies an LS type Specifies an LS ID. Specifies an LS ID mask Specifies to display interface types. Specifies a LSA router ID address. Specifies a VLAN name.

Default
Display in summary format.

Usage Guidelines
ExtremeWare XOS provides several filtering criteria for the show ospf lsdb command. You can specify multiple search criteria and only the results matching all of the criteria are displayed. This allows you to control the displayed entries in large routing tables. A common use of this command is to omit all optional parameters, resulting in the following shortened form:
show ospf lsdb

The shortened form displays all areas and all types in a summary format. You can filter the display using either the area ID, the remote router ID, or the link-state ID. The default setting is all with no detail. If detail is specified, each entry includes complete LSA information.

1344

ExtremeWare XOS 11.3 Command Reference

show ospf lsdb

Example
The following command displays all areas and all types in a summary format:
show ospf lsdb

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1345

OSPF Commands

show ospf memory


show ospf memory {detail | <memoryType}

Description
Displays OSPF specific memory usage.

Syntax Description
detail memoryType Displays detail information. Specifies the memory type usage to display.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays OSPF specific memory for all types:
show ospf memory detail

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1346

ExtremeWare XOS 11.3 Command Reference

show ospf neighbor

show ospf neighbor


show ospf neighbor {routerid [<ip-address> {<ip-mask>} | <ipNetmask>]} {vlan <vlan-name>} {detail}

Description
Displays information about an OSPF neighbor.

Syntax Description
ip-address ip-mask ipNetmask vlan-name detail Specifies an IP address Specifies a subnet mask. Specifies IP address / Netmask Specifies a VLAN name. Specifies detail information.

Default
If no argument is specified, all OSPF neighbors are displayed.

Usage Guidelines
None.

Example
The following command displays information about the OSPF neighbors on the VLAN accounting:
show ospf neighbor vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1347

OSPF Commands

show ospf virtual-link


show ospf virtual-link {<router-identifier> <area-identifier>}

Description
Displays virtual link information about a particular router or all routers.

Syntax Description
router-identifier area-identifier Specifies a router interface number. Specifies an OSPF area.

Default
N/A.

Usage Guidelines
area-identifierTransit area used for connecting the two end-points. The transit area cannot have an area identifier of 0.0.0.0 and cannot be a stub or NSSA area.

Example
The following command displays virtual link information about a particular router:
show ospf virtual-link 1.2.3.4 10.1.6.1

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1348

ExtremeWare XOS 11.3 Command Reference

unconfigure ospf

unconfigure ospf
unconfigure ospf {vlan <vlan-name> | area <area-identifier>}

Description
Resets one or all OSPF interfaces to the default settings.

Syntax Description
vlan-name area-identifier Specifies a VLAN name. Specifies an OSPF area.

Default
N/A.

Usage Guidelines
None.

Example
The following command resets the OSPF interface to the default settings on the VLAN accounting:
unconfigure ospf accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1349

OSPF Commands

1350

ExtremeWare XOS 11.3 Command Reference

27 OSPFv3 Commands
This chapter describes commands used for the IPv6 interior gateway protocol OSPFv3. Open Shortest Path First (OSPFv3) is a link-state protocol that distributes routing information between routers belonging to a single IP domain, also known as an autonomous system (AS). In a link-state routing protocol, each router maintains a database describing the topology of the autonomous system. Each participating router in an area has an identical database maintained from the perspective of that router. OSPFv3 supports IPv6, and uses commands only slightly modified from that used to support IPv4. OSPFv3 has retained the use of the four-byte, dotted decimal numbers for router IDs, LSA IDs, and area IDs. From the link-state database (LSDB), each router constructs a tree of shortest paths, using itself as the root. The shortest path tree provides the route to each destination in the autonomous system. When several equal-cost routes to a destination exist, traffic can distributed among them. The cost of a route is described by a single metric. OSPFv3 allows parts of a networks to be grouped together into areas. The topology within an area is hidden from the rest of the autonomous system. Hiding this information enables a significant reduction in link-state advertisement (LSA) traffic, and reduces the computations needed to maintain the LSDB. Routing within the area is determined only by the topology of the area. The three types of routers defined by OSPFv3 are as follows:

Internal Router (IR)An internal router has all of its interfaces within the same area. Area Border Router (ABR)An ABR has interfaces belonging to two or more areas. It is responsible for exchanging summary advertisements with other OSPFv3 routers. Autonomous System Border Router (ASBR)An ASBR acts as a gateway between OSPFv3 and other routing protocols, or other autonomous systems.

Each switch that is configured to run OSPFv3 must have a unique router ID. It is recommended especially that you manually set the router ID of the switches participating in OSPFv3, instead of having the switch automatically choose its router ID based on the highest interface IPv4 address, since your router may not have an IPv4 address. Not performing this configuration in larger, dynamic environments could result in an older LSDB remaining in use.

NOTE
Do not set the router ID to 0.0.0.0.

Licensing
To use OSPFv3, you must have a Core license installed on your switch. The BlackDiamond 10K ships with a Core, or Advanced Core license. Other platforms can be upgraded to a Core license. See the section Software Licensing on page 33 for more information about licensing.

ExtremeWare XOS 11.3 Command Reference

1351

OSPFv3 Commands

clear ospfv3 counters


clear ospfv3 {domain <domainName>} counters { interfaces [[vlan | tunnel] all | vlan <vlan-name> | tunnel <tunnel-name> | area <area-identifier>] | area [all | <area-identifier>] | virtual-link [all | {routerid} <router-identifier> {area} <area-identifier>] | neighbor [all | routerid <router-identifier> | vlan <vlan-name> | tunnel <tunnel-name>] | system }

Description
Clears the OSPFv3 counters (statistics).

Syntax Description
domainName all vlan-name tunnel-name router-identifier area-identifier system Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies all VLANs, tunnels, areas, neighbors, or virtual-links. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies a router identifier, a four-byte, dotted decimal number. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies the OSPFv3 system/global counters.

Default
N/A.

Usage Guidelines
The global command clear counters also clears all OSPFv3 counters. This global command is the equivalent of clear ospfv3 counters for OSPFv3. This command can be used to clear various OSPFv3 counters (Interface, Area, Virtual-Link, System etc.). The following is the list of various counters that would be reset to zero by this command:

Neighbor specific counters


Number of state changes Number of events Number of Hellos rxed Number of Hellos txed

Interface/VLAN/Virtual-link/Tunnel specific counters


1352

ExtremeWare XOS 11.3 Command Reference

clear ospfv3 counters


Number of DB Description rxed Number of DB description txed Number of LS request rxed Number of LS request txed Number of LS update rxed Number of LS update txed Number of LS ack rxed Number of LS ack txed Number of rxed OSPFv3 packet discarded Number of state changes Number of events All counters of interfaces associated with an area Number of SPF runs Number of self originated LSAs Number of received LSAs

Area Specific counters


Domain (global)/system specific counters


Example
The following command clears the OSPFv3 counters for area 1.1.1.1:
clear ospfv3 counters area 1.1.1.1

The following command clears all the OSPFv3 counters for the neighbor 192.168.0.1 in the domain ospfcore:
clear ospfv3 domain ospf-core counters neighbor 192.168.0.1

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1353

OSPFv3 Commands

configure ospfv3 add interface


configure ospfv3 {domain <domainName>} add [vlan <vlan-name> | tunnel <tunnel-name>] {instance-id <instanceId>} area <area-identifier> link-type [auto | broadcast | point-to-point] {passive}

Description
Enables OSPFv3 on an interface.

Syntax Description
domainName vlan-name tunnel-name instanceId area-identifier auto broadcast point-to-point passive Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies the instance ID for this interfaces. Range is 0 to 255. Specifies the area to which the VLAN is assigned. Specifies to automatically determine the OSPFv3 link type based on the interface type. Specifies a broadcast link, such as Ethernet. Routers must elect a DR and a BDR during synchronization. Specifies a point-to-point link type, such as PPP. Specifies to stop sending and receiving hello packets on this interface.

Default
The default link-type is Auto. The default instance ID is 0.

Usage Guidelines
This command is used to enable the OSPFv3 protocol on an IPv6 configured VLAN or an IPv6 tunnel. The instance ID is used to control the selection of other routers as neighbors. The router will become a neighbor only with routers that have the same instance ID. An interface can have only one instance ID associated with it in one OSPFv3 domain. However, the same interface can be associated with another OSPFv3 domain with a different instance ID. An interface associated with two OSPFv3 domains cannot have same instance ID. To change the instance ID associated with an interface, you must first remove the interface from the OSPFv3 area and then add it back with a different instance ID. The passive parameter indicates that the router only synchronizes and listens, and does not originate or send any new information on the interface. Enable IPv6 forwarding before enabling OSPFv3, otherwise, you will receive a warning message.

1354

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 add interface

NOTE
Configuration of the link-type parameter is not supported. OSPFv3 will always consider the link-type to be broadcast.

Example
The following command adds the VLAN accounting (enabling OSPFv3 on the interface), to the area 0.0.0.1 with an instance ID of 2:
configure ospfv3 add vlan accounting instance-id 2 area 0.0.0.1 link-type auto

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1355

OSPFv3 Commands

configure ospfv3 add interface all


configure ospfv3 {domain <domainName>} add [vlan | tunnel] all {instance-id <instanceId>} area <area-identifier> {passive}

Description
Enables OSPFv3 on all VLANs or all tunnels (router interfaces).

Syntax Description
domainName all instanceId area-identifier passive Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies all IPv6 configured VLANs or all IPv6 tunnels. Specifies the instance ID for these interfaces. Range is 0 to 255. Specifies the area to which the interfaces are assigned. Specifies to stop sending and receiving hello packets on this interface.

Default
OSPFv3 is disabled on the interfaces. The default instance ID is 0.

Usage Guidelines
This command is used to enable the OSPFv3 protocol on all IPv6 configured VLANs or all IPv6 tunnels. The instance ID is used to control the selection of other routers as neighbors. The router will become a neighbor only with routers that have the same instance ID. An interface can have only one instance ID associated with it in one OSPFv3 domain. However, the same interface can be associated with another OSPFv3 domain with a different instance ID. An interface associated with two OSPFv3 domains cannot have same instance ID. To change the instance ID associated with an interface, you must first remove the interface from the OSPFv3 area and then add it back with a different instance ID. The passive parameter indicates that the router only synchronizes and listens, and does not originate or send any new information on the interface.

Example
The following command enables OSPFv3 on all IPv6 tunnels:
configure ospfv3 add tunnel all area 0.0.0.1

1356

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 add interface all

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1357

OSPFv3 Commands

configure ospfv3 add virtual-link


configure ospfv3 {domain <domainName>} add virtual-link {routerid} <routeridentifier> {area} <area-identifier>

Description
Adds a virtual link connected to another ABR.

Syntax Description
domainName router-identifier area-identifier Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies the router ID of the other end of the link. Specifies the transit area identifier, a four-byte, dotted decimal number.

Default
N/A.

Usage Guidelines
A virtual link provides a logical path between the ABR of the disconnected area and the ABR of the normal area that connects to the backbone. A virtual link must be established between two ABRs that have a common area, with one ABR connected to the backbone. Specify the following:

router-identifierFar-end router identifier, a four-byte, dotted decimal number. area-identifierTransit area used for connecting the two end-points. The transit area cannot have the area identifier 0.0.0.0. and cannot be a stub area or an NSSA.

Example
The following command configures a virtual link with router ID 10.1.2.1 through the transit area 10.1.0.0:
configure ospfv3 add virtual-link 10.1.2.1 10.1.0.0

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1358

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 area add range

configure ospfv3 area add range


configure ospfv3 {domain <domainName>} area <area-identifier> add range <ipv6netmask> [advertise | noadvert] inter-prefix

Description
Configures a range of IP addresses in an OSPFv3 area to be aggregated.

Syntax Description
domainName area-identifier ipv6netmask advertise noadvert inter-prefix Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies an IPv6 address / prefix length. Specifies to advertise the aggregated range of IP addresses. Specifies not to advertise the aggregated range of IP addresses. Specifies aggregate, inter-area-prefix LSAs.

Default
No OSPFv3 inter-area-prefix LSAs are configured.

Usage Guidelines
If advertised, the aggregated IP range is exported as a single LSA by the ABR.

Example
The following command is used to summarize a certain range of IP addresses within an area and export them out as a single address to area 0.0.0.1:
configure ospfv3 area 0.0.0.1 add range 2aaa:456:3ffe::/64 advertise inter-prefix

History
This command was first available in ExtremeWare XOS 11.2

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1359

OSPFv3 Commands

configure ospfv3 area cost


configure ospfv3 {domain <domainName>} area <area-identifier> cost [automatic | <cost>]

Description
Configures the cost of sending a packet to all interfaces belonging to an area.

Syntax Description
domainName area-identifier automatic cost Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Determine the advertised cost from the OSPFv3 metric table. Specifies the cost metric. Range is 1 to 65535.

Default
The default cost is automatic. The default domain is OSPF-Default.

Usage Guidelines
Use this command to set the cost of the links belonging to area manually, if the default cost needs to be overwritten. The interface cost is advertised as the link cost in router-LSA.

Example
The following command configures the cost of area 0.0.0.1 to 10. All the links of this area will inherit the area's cost value of 10.
configure ospfv3 domain ospf-enterprise area 0.0.0.1 cost 10

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1360

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 area delete range

configure ospfv3 area delete range


configure ospfv3 {domain <domainName>} area <area-identifier> delete range <ipv6netmask>

Description
Removes a range of IP addresses in an OSPFv3 area to be aggregated.

Syntax Description
domainName area-identifier ipv6netmask Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies an IPv6 address / prefix length.

Default
No OSPFv3 inter-area-prefix LSAs are configured.

Usage Guidelines
If you attempt to delete a range that was not configured, you will receive an error message.

Example
The following command is used to delete a summary network from area 0.0.0.1:
configure ospfv3 area 0.0.0.1 delete range 2aaa:456:3ffe::/64

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1361

OSPFv3 Commands

configure ospfv3 area external-filter


configure ospfv3 {domain <domainName>} area <area-identifier> externalfilter [<policy-map> |none]

Description
Configures an external filter policy.

Syntax Description
domainName area-identifier policy-map none Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies the OSPFv3 target area. Specifies a policy. Specifies not to apply an external filter (removes the existing policy, if any).

Default
N/A.

Usage Guidelines
For switches configured to support multiple OSPFv3 areas (an ABR function), a policy can be applied to an OSPFv3 area that filters a set of OSPFv3 external routes from being advertised into that area, in other words, filtering some of the inbound AS-external-LSAs. OPSFv3 routers that do not have enough memory to hold the entire AS-external-LSAa should configure an external area filter to drop part of the external-LSAs. Configuring this policy will enable routers with limited resources to be put into an OSPFv3 network. Using the none mode specifies that no external filter is applied. Policy files for this command will only recognize the following policy attributes:

Match attributes

nlri <IPv6-address>/<mask-len> permit deny

Action (set) attributes


Any other policy attribute will not be recognized and will be ignored. The following is an example of an external area policy file:
entry one { if match any{ nlri 2001:db8:3e5c::/48; nlri 2001:db8:2146:2341::/64;

1362

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 area external-filter


} then { deny; } }

Example
The following command configures an external filter policy, nosales for area 1.2.3.4:
configure ospfv3 area 1.2.3.4 external-filter nosales

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1363

OSPFv3 Commands

configure ospfv3 area interarea-filter


configure ospfv3 {domain <domainName>} area <area-identifier> interareafilter [<policy-map> |none]

Description
Configures an inter-area filter policy.

Syntax Description
domainName area-identifier policy-map none Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies the OSPFv3 target area. Specifies a policy. Specifies not to apply an inter-area filter (removes the existing policy, if any).

Default
N/A.

Usage Guidelines
ExtremeWare XOS OSPFv3 can apply an inter-area policy to filter some inter-area-prefix-LSAs and interarea-router-LSAs from other areas. This can reduce the size of link state database of routers belonging to the area. Using the none mode specifies that no external filter is applied. Policy files for this command will only recognize the following policy attributes:

Match attributes

nlri <IPv6-address>/<mask-len> permit deny

Action (set) attributes


Any other policy attribute will not be recognized and will be ignored. The following is an example of an external area policy file:
entry one { if match any{ nlri 2001:db8:3e5c::/48; nlri 2001:db8:2146:2341::/64; } then { deny; } }

1364

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 area interarea-filter


entry two { if match any{ nlri 2001:db8:444::/48; nlri 2001:db8:541f:65bd::/64; } then { permit; } }

Example
The following command configures an inter-area filter policy, nosales for area 1.2.3.4:
configure ospfv3 area 1.2.3.4 interarea-filter nosales

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1365

OSPFv3 Commands

configure ospfv3 area normal


configure ospfv3 {domain <domainName>} area <area-identifier> normal

Description
Configures an OSFPv3 area as a normal area.

Syntax Description
domainName area-identifier Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number.

Default
Normal.

Usage Guidelines
A normal area is an area that is not any of the following:

Stub area NSSA

Virtual links can be configured through normal areas. External routes can be distributed into normal areas.

Example
The following command configures an OSPFv3 area as a normal area:
configure ospfv3 area 10.1.0.0 normal

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1366

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 area priority

configure ospfv3 area priority


configure ospfv3 {domain <domainName>} area <area-identifier> priority <priority>

Description
Configures the priority used in the designated router and backup designated router election algorithm for all the interfaces within the area.

Syntax Description
domainName area-identifier priority Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies a priority range. The range is 0 through 255.

Default
The default setting is 1.

Usage Guidelines
When two routers are attached to a network, both attempt to become the designated router. The one with the higher priority takes precedence. If there is a tie, the router with the higher router ID takes precedence. Setting the value to 0 ensures that the router is never selected as the designated router or backup designated router.

Example
The following command sets all the interfaces in area 1.2.3.4 to not be selected as the designated router:
configure ospfv3 area 1.2.3.4 priority 0

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1367

OSPFv3 Commands

configure ospfv3 area stub


configure ospfv3 {domain <domainName>} area <area-identifier> stub [summary | nosummary] stub-default-cost <cost>

Description
Configures an OSPFv3 area as a stub area.

Syntax Description
domainName area-identifier summary nosummary cost Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies that inter-area LSAs can be propagated into the area. Specifies that inter-area LSAs cannot be propagated into the area. Specifies a cost metric.

Default
N/A.

Usage Guidelines
A stub area is connected to only one other area. The area that connects to a stub area can be the backbone area. External route information is not distributed into stub areas. Stub areas are used to reduce memory consumption requirements on OSPFv3 routers.

Example
The following command configures an OSPFv3 area as a stub area:
configure ospfv3 area 0.0.0.6 stub nosummary stub-default-cost 10

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1368

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 area timer

configure ospfv3 area timer


configure ospfv3 {domain <domainName>} area <area-identifier> timer {retransmit-interval} <retransmit-interval> {transit-delay} <transit-delay> {hello-interval} <hello-interval> {dead-interval} <dead-interval>

Description
Configures the timers for all interfaces in the same OSPFv3 area.

Syntax Description
domainName area-identifier retransmit-interval transit-delay hello-interval dead-interval Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies the length of time that the router waits before retransmitting an LSA that is not acknowledged. The range is 1- 3,600 seconds. Specifies the length of time it takes to transmit an LSA packet over the interface. The range is 0 - 3,600 seconds. Specifies the interval at which routers send hello packets. The range is 1 65,535 seconds. Specifies the interval after which a neighboring router is declared down due to the fact that hello packets are no longer received from the neighbor. The range is 1 - 2,147,483,647 seconds.

Default

retransmit intervalDefault: 5 seconds transit delayDefault: 1 second hello intervalDefault: 10 seconds dead intervalDefault: 40 seconds

Usage Guidelines
Configuring OSPFv3 timers on a per-area basis is a shorthand for applying the timers to each VLAN and tunnel in the area at the time of configuration. If you add more VLANs or tunnels to the area, you must configure the timers for them explicitly. Specify the following:

retransmit intervalIf you set an interval that is too short, unnecessary retransmissions will result. transit delayThe transit delay must be greater than 0. hello intervalSmaller times allow routers to discover each other more quickly, but also increase network traffic. dead intervalThis interval should be a multiple of the hello interval.

The value of the dead interval and the hello interval must be same for all OSPFv3 routers connected to a common link. The value of the dead interval and the hello interval are advertised by OSPFv3 in Hello

ExtremeWare XOS 11.3 Command Reference

1369

OSPFv3 Commands packets. The shorter the hello interval, the earlier topological changes will be detected, but more routing traffic will ensue. The retransmit interval must be greater than the expected round trip delay between any two routers on the attached network. The setting of this parameter must be conservative, or needless retransmission will result.

NOTE
The wait interval for the interface is not separately configurable. It is always equal to the dead interval.

Example
The following command sets the timers in area 0.0.0.2:
configure ospfv3 area 0.0.0.2 timer 10 1 20 200

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1370

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 delete interface

configure ospfv3 delete interface


configure ospfv3 {domain <domainName>} delete [vlan <vlan-name> | tunnel <tunnel-name> | [vlan | tunnel] all]

Description
Disables OSPFv3 on one or all VLANs or tunnels (router interfaces).

Syntax Description
domainName vlan-name tunnel-name all Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all VLANs, or tunnels.

Default
N/A.

Usage Guidelines
None.

Example
The following command disables OSPFv3 on VLAN accounting:
configure ospfv3 delete vlan accounting

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1371

OSPFv3 Commands

configure ospfv3 delete virtual-link


configure ospfv3 {domain <domainName>} delete virtual-link {routerid} <router-identifier> {area} <area-identifier>

Description
Deletes a virtual link connected to another ABR.

Syntax Description
domainName router-identifier area-identifier Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies the router ID of the other end of the link. Specifies the transit area identifier, a four-byte, dotted decimal number.

Default
N/A.

Usage Guidelines
A virtual link provides a logical path between the ABR of the disconnected area and the ABR of the normal area that connects to the backbone. A virtual link must be established between two ABRs that have a common area, with one ABR connected to the backbone. Specify the following:

router-identifierFar-end router identifier, a four-byte, dotted decimal number. area-identifierTransit area used for connecting the two end-points. The transit area cannot have the area identifier 0.0.0.0. and cannot be a stub area or an NSSA.

Example
The following command deletes a virtual link with router ID 10.1.2.1 through the transit area 10.1.0.0:
configure ospfv3 delete virtual-link 10.1.2.1 10.1.0.0

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1372

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 import-policy

configure ospfv3 import-policy


configure ospfv3 {domain <domainName>} import-policy [<policy-map> | none]

Description
Associates or removes the policy applied to OSPFv3 routes added to the system routing table.

Syntax Description
domainName policy-map none Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies the policy to apply. Specifies to remove any policy previously applied.

Default
No policy.

Usage Guidelines
Use this command to associate a policy with the OSPFv3 routes installed into the system table. Use the none option to remove the policy association. The import policy cannot be used to filter routes from being added to the routing table. It can only be used to change the attributes of routes. Policy files for this command will only recognize the following policy attributes:

Match attributes

nlri <IPv6-address>/<mask-len> route-origin [ospfv3 | ospfv3-extern1 | ospfv3-extern2 | ospfv3-inter | ospfv3-intra] cost <cost> tag <number>

Action (set) attributes


Any other policy attribute will not be recognized and will be ignored.

Example
The following example applies the policy campuseast to OSPFv3 routes:
configure ospfv3 import-policy campuseast

History
This command was first available in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

1373

OSPFv3 Commands

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1374

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 interface area

configure ospfv3 interface area


configure ospfv3 {domain <domainName>} [vlan <vlan-name> | tunnel <tunnelname>] area <area-identifier>

Description
Moves an interface from one OSPFv3 area to another.

Syntax Description
domainName vlan-name tunnel-name area-identifier Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies an OSPFv3 area, a four-byte, dotted decimal number.

Default
Area 0.0.0.0

Usage Guidelines
Use this command to move an already configured interface from one area to another. The instance ID associated with the interface will be unchanged.

Example
The following command moves the VLAN accounting to the OSPFv3 area 0.0.0.6:
configure ospfv3 vlan accounting area 0.0.0.6

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1375

OSPFv3 Commands

configure ospfv3 interface cost


configure ospfv3 {domain <domainName>} [vlan <vlan-name> | tunnel <tunnelname> | [vlan | tunnel] all]] cost [automatic | <cost>]

Description
Configures the cost of one or all interface(s).

Syntax Description
domainName vlan-name tunnel-name all automatic cost Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all IPv6 configured VLANs or all IPv6 tunnels. Determine the advertised cost from the OSPFv3 metric table. Specifies the cost metric. Range is 1 to 65535.

Default
The default cost is automatic.

Usage Guidelines
Use this command to set the cost of an interface (a VLAN or tunnel) manually, if the default cost needs to be overwritten. The interface cost is advertised as the link cost in router-LSA.

Example
The following command configures the cost metric of the VLAN accounting:
configure ospfv3 vlan accounting cost 10

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1376

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 interface priority

configure ospfv3 interface priority


configure ospfv3 {domain <domainName>} [vlan <vlan-name> | tunnel <tunnelname> | [vlan | tunnel] all] priority <priority>

Description
Configures the priority used in the designated router and backup designated router election algorithm for one or all OSPFv3 interface(s).

Syntax Description
domainName vlan-name tunnel-name all priority Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all IPv6 configured VLANs or all IPv6 tunnels. Specifies a priority range. The range is 0 through 255.

Default
The default setting is 1.

Usage Guidelines
When two routers are attached to a network, both attempt to become the designated router. The one with the higher priority takes precedence. If there is a tie, the router with the higher router ID takes precedence. Setting the value to 0 ensures that the router is never selected as the designated router or backup designated router.

Example
The following command sets the priority of the interface VLAN corporate to 10:
configure ospfv3 domain ospf-internal vlan corporate priority 10

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1377

OSPFv3 Commands

configure ospfv3 interface timer


configure ospfv3 {domain <domainName>} [vlan <vlan-name> | tunnel <tunnelname> | [vlan | tunnel] all] timer {retransmit-interval} <retransmitinterval> {transit-delay} <transit-delay> {hello-interval} <hello-interval> {dead-interval} <dead-interval>

Description
Configures the timers for all interfaces in the same OSPFv3 area.

Syntax Description
domainName vlan-name tunnel-name all retransmit-interval transit-delay hello-interval dead-interval Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies all IPv6 configured VLANs or all IPv6 tunnels. Specifies the length of time that the router waits before retransmitting an LSA that is not acknowledged. The range is 1- 3,600 seconds. Specifies the length of time it takes to transmit an LSA packet over the interface. The range is 0 - 3,600 seconds. Specifies the interval at which routers send hello packets. The range is 1 65,535 seconds. Specifies the interval after which a neighboring router is declared down due to the fact that hello packets are no longer received from the neighbor. The range is 1 - 2,147,483,647 seconds.

Default

retransmit intervalDefault: 5 seconds transit delayDefault: 1 second hello intervalDefault: 10 seconds dead intervalDefault: 40 seconds

Usage Guidelines
Use this command to configure the OSPFv3 timers on a per-interface basis. Specify the following:

retransmit intervalIf you set an interval that is too short, unnecessary retransmissions will result. transit delayThe transit delay must be greater than 0. hello intervalSmaller times allow routers to discover each other more quickly, but also increase network traffic. dead intervalThis interval should be a multiple of the hello interval.

1378

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 interface timer The value of the dead interval and the hello interval must be same for all OSPFv3 routers connected to a common link. The value of the dead interval and the hello interval are advertised by OSPFv3 in Hello packets. The shorter the hello interval, the earlier topological changes will be detected, but more routing traffic will ensue. The retransmit interval must be greater than the expected round trip delay between any two routers on the attached network. The setting of this parameter must be conservative, or needless retransmission will result.

NOTE
The wait interval for the interface is not separately configurable. It is always equal to the dead interval.

Example
The following command sets the timers for the VLAN corporate:
configure ospfv3 domain ospf-default vlan corporate timer retransmit-interval 10 transit-delay 2 hello-interval 20 dead-interval 80

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1379

OSPFv3 Commands

configure ospfv3 metric-table


configure ospfv3 {domain <domainName>} metric-table 10M <cost_10m> 100M <cost_100m> 1G <cost_1g> {10G <cost_10g>}

Description
Configures the automatic interface costs for 10 Mbps, 100 Mbps, and 1 Gbps interfaces, and optionally, the 10 Gbps interface.

Syntax Description
domainName cost_x Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies the interface cost for the indicated interfaces. Range is 1 to 65535.

Default

10 MbpsThe default cost is 100. 100 MbpsThe default cost is 50. 1 GbpsThe default cost is 40. 10 GbpsThe default cost is 20.

Usage Guidelines
The value of the costs can not be greater for higher speed interfaces. In other words, the following condition must be true: cost_10m >= cost_100m >= cost_1g >= cost_10g

Example
The following command configures the automatic interface costs for 10 Mbps, 100 Mbps, and 1 Gbps interfaces:
configure ospfv3 metric-table 10m 200 100m 100 1g 20

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1380

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 routerid

configure ospfv3 routerid


configure ospfv3 {domain <domainName>} routerid [automatic | <routeridentifier>]

Description
Configures the OSPFv3 router ID. If automatic is specified, the switch uses the highest IPv4 interface address as the OSPFv3 router ID.

Syntax Description
domainName automatic router-identifier Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies to use automatic addressing. Specifies a router identifier, a four-byte, dotted decimal number.

Default
Automatic.

Usage Guidelines
Each switch that is configured to run OSPFv3 must have a unique router ID. The router ID is a fourbyte, dotted decimal number, like an IPv4 address. Even though the IP address format has changed from IPv4 to IPv6, the router ID format has not. It is recommended that you manually set the router ID of the switches participating in OSPFv3, instead of having the switch automatically choose its router ID based on the highest interface IPv4 address (if it exists). Not performing this configuration in larger, dynamic environments could result in an older link-state database remaining in use. This command is accepted only when OSPFv3 is globally disabled.

NOTE
Do not set the router ID to 0.0.0.0.

Example
The following command sets the router ID to 10.1.6.1:
configure ospfv3 routerid 10.1.6.1

History
This command was first available in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

1381

OSPFv3 Commands

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1382

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 spf-hold-time

configure ospfv3 spf-hold-time


configure ospfv3 {domain <domainName>} spf-hold-time <seconds>

Description
Configures the minimum number of seconds between Shortest Path First (SPF) recalculations.

Syntax Description
domainName seconds Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies a time in seconds. The range is 0 to 300 seconds.

Default
3 seconds.

Usage Guidelines
Setting the interval too high will force OSPFv3 to run SPF calculations less frequently. This will reduce the CPU load, but will cause delay in routes getting updated in the IP routing table. Setting the interval too low will decreases the interval between SPF calculations, but will increase the processing load on CPU.

Example
The following command configures the minimum number of seconds between Shortest Path First (SPF) recalculations:
configure ospfv3 spf-hold-time 6

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1383

OSPFv3 Commands

configure ospfv3 virtual-link timer


configure ospfv3 {domain <domainName>} virtual-link {routerid} <routeridentifier> {area} <area-identifier> timer {retransmit-interval} <retransmit-interval> {transit-delay} <transit-delay> {hello-interval} <hello-interval> {dead-interval} <dead-interval>

Description
Configures the timers for a virtual link.

Syntax Description
domainName router-identifier area-identifier retransmit-interval transit-delay hello-interval dead-interval Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies the router ID of the other end of the link. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies the length of time that the router waits before retransmitting an LSA that is not acknowledged. The range is 1 - 3,600 seconds. Specifies the length of time it takes to transmit an LSA packet over the interface. The range is 0 - 3,600 seconds. Specifies the interval at which routers send hello packets. The range is 1 65,535 seconds. Specifies the interval after which a neighboring router is declared down due to the fact that hello packets are no longer received from the neighbor. The range is 1 - 2,147,483,647 seconds.

Default

retransmit intervalDefault: 5 seconds transit delayDefault: 1 second hello intervalDefault: 10 seconds dead intervalDefault: 40 seconds

Usage Guidelines
In OSPFv3, all areas must be connected to a backbone area. If the connection to the backbone is lost, it can be repaired by establishing a virtual link. The smaller the hello interval, the faster topological changes will be detected, but more routing traffic will ensue. The setting of the retransmit interval should be conservative, or needless retransmissions will result. The value should be larger for serial lines and virtual links. The transmit delay value should take into account the transmission and propagation delays for the interface.

1384

ExtremeWare XOS 11.3 Command Reference

configure ospfv3 virtual-link timer

NOTE
The wait interval is not separately configurable. It is always equal to the dead interval.

Example
The following command sets the timers on the virtual link to router 6.6.6.6 transiting area 0.0.0.2:
configure ospfv3 virtual-link 6.6.6.6 0.0.0.2 timer 10 1 20 200

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1385

OSPFv3 Commands

create ospfv3 area


create ospfv3 {domain <domainName>} area <area-identifier>

Description
Creates an OSPFv3 area.

Syntax Description
domainName area-identifier Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number.

Default
Area 0.0.0.0

Usage Guidelines
Area 0.0.0.0 does not need to be created. It exists by default.

Example
The following command creates a non-backbone OSPFv3 area:
create ospfv3 area 1.2.3.4

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1386

ExtremeWare XOS 11.3 Command Reference

delete ospfv3 area

delete ospfv3 area


delete ospfv3 {domain <domainName>} area [<area-identifier> | all]

Description
Deletes an OSPFv3 area or all OSPFv3 areas.

Syntax Description
domainName area-identifier all Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies all areas.

Default
N/A.

Usage Guidelines
An OSPFv3 area cannot be deleted if it has an associated interface. Also, area 0.0.0.0 cannot be deleted.

Example
The following command deletes an OSPFv3 area:
delete ospfv3 area 1.2.3.4

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1387

OSPFv3 Commands

disable ospfv3
disable ospfv3 {domain <domainName>}

Description
Disables OSPFv3 for the router.

Syntax Description
domainName Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported.

Default
N/A.

Usage Guidelines
None.

Example
The following command disables OSPFv3 for the router:
disable ospfv3

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1388

ExtremeWare XOS 11.3 Command Reference

disable ospfv3 export

disable ospfv3 export


disable ospfv3 {domain <domainName>} export [direct | ripng | static]

Description
Disables redistribution of routes to OSPFv3.

Syntax Description
domainName direct ripng static Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies direct routes. Specifies RIP routes. Specifies static routes.

Default
The default setting is disabled.

Usage Guidelines
Use this command to stop OSPFv3 from exporting routes derived from other protocols.

Example
The following command disables OSPFv3 to export RIPng routes to other OSPFv3 routers:
disable ospfv3 export ripng

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1389

OSPFv3 Commands

enable ospfv3
enable ospfv3 {domain <domainName>}

Description
Enables OSPFv3 for the router.

Syntax Description
domainName Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported.

Default
N/A.

Usage Guidelines
When OSPFv3 is enabled, it will start exchanging Hellos on all of it's active interfaces. It will also start exporting routes into OSPFv3 routing domain from other protocols, if enabled. When OSPFv3 is disabled, it will release all the run-time allocated resources like adjacencies, link state advertisements, run-time memory, etc. OSPFv3 can be enabled successfully if and only if:

At least one of the VLANs in the current virtual router has one IPv4 address configured

OR

You explicitly configure the OSPFv3 router ID, a four-byte, dotted decimal number

Example
The following command enables OSPFv3 for the router:
enable ospfv3

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1390

ExtremeWare XOS 11.3 Command Reference

enable ospfv3 export

enable ospfv3 export


enable ospfv3 {domain <domainName>} export [direct | ripng | static] [cost <cost> type [ase-type-1 | ase-type-2] {tag <number>} | <policy-map>]

Description
Enables redistribution of routes to OSPFv3.

Syntax Description
domainName direct ripng static cost ase-type-1 ase-type-2 number policy-map Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies direct routes. Specifies RIPng routes. Specifies static routes. Specifies a cost metric. Specifies AS-external type 1 routes. Specifies AS-external type 2 routes. Specifies a tag value. Specifies a policy.

Default
The default tag number is 0. The default setting is disabled.

Usage Guidelines
The cost metric is inserted for all RIPng-learned, static, and direct routes injected into OSPFv3. If the cost metric is set to 0, the cost is inserted from the route. The tag value is used only by special routing applications. Use 0 if you do not have specific requirements for using a tag. The tag value in this instance has no relationship with 802.1Q VLAN tagging.

NOTE
Setting the tag value is not supported in this release.

The same cost, type, and tag values can be inserted for all the export routes, or a policy can be used for selective insertion. When a policy is associated with the export command, the policy is applied on every exported route. The exported routes can also be filtered using a policy. Policy files for this command will only recognize the following policy attributes:

Match attributes

nlri <IPv6-address>/<mask-len>

ExtremeWare XOS 11.3 Command Reference

1391

OSPFv3 Commands

Action (set) attributes


cost <cost> tag <number> cost-type [ase-type-1 | ase-type-2] permit deny

Any other policy attribute will not be recognized and will be ignored. The following is an example OSPFv3 export policy file:
entry first { if match any{ nlri 2001:db8:200:300:/64; nlri 2001:db8:2146:23d1::/64; nlri 2001:db8:af31:3d0::/64; nlri 2001:db8:f6:2341::/64; } then { deny; } } entry second { if match any{ nlri 2001:db8:304::/48; nlri 2001:db8:ca11::/48; nlri 2001:db8:da36::/48; nlri 2001:db8:f6a6::/48; } then { cost 220; cost-type ase-type-2; permit; } }

Example
The following command enables OSPFv3 to export RIPng-related routes and associates a policy redist:
enable ospfv3 export ripng redist

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1392

ExtremeWare XOS 11.3 Command Reference

show ospfv3

show ospfv3
show ospfv3 {domain <domainName>}

Description
Displays global OSPFv3 information.

Syntax Description
domainName Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays global OSPFv3 information:
show ospfv3

The following is sample output:


OSPF Domain Name : OSPF-Default OSPF : Enabled RouterId Selection : Automatic ABR : Yes ExtLSAChecksum : 0x19420 ReceivedNewLSAs : 12 Num of Areas : 5 100M Cost : 50 10000M Cost (10G) : 20 ASExternal LSALimit : Disabled Originate Default : Disabled Import Policy File : none Redistribute: Protocol Status Cost Type direct Disabled 20 2 ripng Disabled 20 2 static Enabled 20 2 RouterId ASBR ExtLSAs OriginateNewLSAs SpfHoldTime 10M Cost 1000M Cost (1G) Router Alert Timeout (Count) : : : : : : : : : 20.0.0.1 Yes 3 37 10s 100 40 Disabled Disabled (0)

Tag 0 0 0

Policy none none IPv6

ExtremeWare XOS 11.3 Command Reference

1393

OSPFv3 Commands

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1394

ExtremeWare XOS 11.3 Command Reference

show ospfv3 area

show ospfv3 area


show ospfv3 {domain <domainName>} area {<area-identifier> | detail}

Description
Displays information about OSPFv3 areas.

Syntax Description
domainName area-identifier detail Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies to display the information in detailed format.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays summary information about the OSPFv3 areas:
show ospfv3 area

The following is sample output:


AREA ID 0.0.0.0 1.0.0.0 2.0.0.0 3.0.0.0 5.0.0.0 Type Summ NORM NORM NORM NORM NORM ---------------Def Metric -------------------------Num ABR 0 1 0 1 1 Num ASBR 0 1 0 0 0 Num Intf 1 1 1 1 1 SPF Runs 7 6 5 3 4 Num LSAs 7 9 10 12 10 LSA Checksum 0x3155b 0x4793d 0x47174 0x420cf 0x3b5b1

The following command displays information about OSPFv3 area 1.0.0.0:


show ospfv3 area 1.0.0.0

The following is sample output:


Area Identifier Router ID Spf Runs Num ASBRs Num Indication LSAs Num LSAs Num of Nbrs : : : : : : : 1.0.0.0 20.0.0.1 6 1 1 9 1 Type : Num of Interfaces : Num ABRs : Num DC-Bit LSAs : Num of DoNotAge LSAs: LSA Chksum : Num of Virtual Nbrs : NORM 1 1 1 1 0x4793d 0

ExtremeWare XOS 11.3 Command Reference

1395

OSPFv3 Commands

Interfaces: Interface Name Ospf State to65 E BDR accounts E DR finance E BDR engineering E ODR Corporate E ODR Inter-Area route Filter: ospfSummPolicy External route Filter: ospfExtPolicy Configured Address Ranges: Addr: fffe:408:1449::/48 Type: 3 Advt: Yes Addr: ffe0:930:2781::/40 Type: 7 Advt: No

DR ID 0.0.0.65 80.0.0.5 90.0.0.7 192.168.0.1 201.0.16.6

BDR ID 20.0.0.1 0.0.0.0 66.0.0.4 165.0.0.3 204.0.0.1

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1396

ExtremeWare XOS 11.3 Command Reference

show ospfv3 interfaces

show ospfv3 interfaces


show ospfv3 {domain <domainName>} interfaces {vlan <vlan-name> | tunnel <tunnel-name> | area <area-identifier> | detail}

Description
Displays information about one or all OSPFv3 interfaces.

Syntax Description
domainName vlan-name tunnel-name area-identifier detail Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies to display the information in detailed format.

Default
If no argument is specified, all OSPFv3 interfaces are displayed.

Usage Guidelines
None.

Example
The following command shows a summary of the OSPFv3 interfaces:
show ospfv3 interfaces

The following is sample output from the command:


VLAN/Tunnel Neighbors ixia to-jmpr to-Zebra to5 to65 IPv6 Address 4:5:6:7::1/64 111:222:333::7/48 3ffe:506::4/48 234:567::7/48 10:203:134:7::7/48 AREA ID 2.0.0.0 5.0.0.0 0.0.0.0 3.0.0.0 1.0.0.0 Flags Cost -rif -rif -rif -rif -rif 5/A 5/A 5/A 5/A 5/A State DR BDR BDR BDR BDR 1 1 1 1 1

Flags : (f) Interface Forwarding Enabled, (i) Interface OSPF Enabled, (p) Passive Interface, (r) Router OSPF Enable.

ExtremeWare XOS 11.3 Command Reference

1397

OSPFv3 Commands The following command displays information about the OSPFv3 interfaces on the VLAN to5:
show ospfv3 interfaces vlan to5

The following is sample output:


Interface Router RouterID Passive Priority Hello Interval Retransmit Interval Interface ID State Hello due in Total Num of Nbrs Hellos Rxed DB Description Rxed LSA Request Rxed LSA Update Rxed LSA Ack Rxed In Discards DR RtId DR Interface addr BDR Interface addr : : : : : : : : : : : : : : : : : : : : to5 Enabled ENABLED AreaID 20.0.0.1 Link Type No Cost 1 Transit Delay 10s Rtr Dead Time 5s Wait Timer 63 Instance ID BDR Number of state chg 3s Number of events 1 Nbrs in FULL State 94 Hellos Txed 4 DB Description Txed 1 LSA Request Txed 8 LSA Update Txed 6 LSA Ack Txed 0 10.0.0.5 BDR RtId fe80::280:c8ff:feb9:1cf1 fe80::280:c8ff:feb9:2089 : : : : : : : : : : : : : : : : ENABLED 3.0.0.0 broadcast 40A 1s 40s 40s 0 2 3 1 94 3 1 7 5

: 20.0.0.1

Neighbors: RtrId: 10.0.0.5 IpAddr: fe80::280:c8ff:feb9:1cf1 Pri: 1 Type: Auto State: FULL DR: 10.0.0.5 BDR: 20.0.0.1 Dead Time: 00:00:36 Options: 0x13 (-|R|-|-|E|V6) Opaque LSA: No

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1398

ExtremeWare XOS 11.3 Command Reference

show ospfv3 lsdb

show ospfv3 lsdb


show ospfv3 {domain <domainName>} lsdb {detail} {area [<area-identifier> | all] {lstype [router | network | inter-prefix | inter-router | intraprefix]} | [vlan [<vlan-name> | all] | tunnel [<tunnel-name> | all]] {lstype link} | lstype [as-external | router | network | inter-prefix | inter-router | intra-prefix | link]} {lsid <lsid-address>} {adv-router <router-identifier>}

Description
Displays a table of the current Link-State Database (LSDB).

Syntax Description
domainName detail area-identifier all link router network inter-prefix inter-router intra-prefix as-external lsid-address routerid-identifier vlan-name tunnel-name Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies to display all fields of matching LSAs in a multi-line format. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies all OSPFv3 areas, IPv6 configured VLANs, or IPv6 tunnels. Link LSA Router LSA Network LSA Inter Area Prefix LSA Inter Area Router LSA Intra Area Prefix LSA AS External LSA Specifies the link state ID of the LSA. Specifies the router identifier of the advertising router. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel.

Default
Display in summary format.

Usage Guidelines
ExtremeWare XOS provides several filtering criteria for the show ospfv3 lsdb command. You can specify multiple search criteria and only the results matching all of the criteria are displayed. This allows you to control the displayed entries in large routing tables. A common use of this command is to omit all optional parameters, resulting in the following shortened form:
show ospfv3 lsdb

ExtremeWare XOS 11.3 Command Reference

1399

OSPFv3 Commands The shortened form displays all areas and all types in a summary format. You can filter the display using either the area ID, the remote router ID, or the link-state ID. The default setting is all with no detail. If detail is specified, each entry includes complete LSA information.

Example
The following command displays all areas and all types in a summary format:
show ospfv3 lsdb

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1400

ExtremeWare XOS 11.3 Command Reference

show ospfv3 lsdb stats

show ospfv3 lsdb stats


show ospfv3 {domain <domainName>} lsdb stats {area [<area-identifier> | all] {lstype [router | network | inter-prefix | inter-router | intraprefix]} | [vlan [<vlan-name> | all] | tunnel [<tunnel-name> | all]] {lstype link} | lstype [as-external | router | network | inter-prefix | inter-router | intra-prefix | link]} {lsid <lsid-address>} {adv-router <router-identifier>}

Description
Displays a table of the current Link-State Database (LSDB) statistics.

Syntax Description
domainName area-identifier all link router network inter-prefix inter-router intra-prefix as-external lsid-address routerid-identifier vlan-name tunnel-name Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies all OSPFv3 areas, IPv6 configured VLANs, or IPv6 tunnels. Link LSA Router LSA Network LSA Inter Area Prefix LSA Inter Area Router LSA Intra Area Prefix LSA AS External LSA Specifies the link state ID of the LSA. Specifies the router identifier of the advertising router. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel.

Default
Display in summary format.

Usage Guidelines
ExtremeWare XOS provides several filtering criteria for the show ospfv3 lsdb stats command. You can specify multiple search criteria and only the results matching all of the criteria are displayed. This allows you to control the displayed entries in large routing tables. A common use of this command is to omit all optional parameters, resulting in the following shortened form:
show ospfv3 lsdb stats

The shortened form displays all areas and all types in a summary format.

ExtremeWare XOS 11.3 Command Reference

1401

OSPFv3 Commands You can filter the display using either the area ID, the remote router ID, or the link-state ID. The default setting is all.

Example
The following command displays all areas and all types in a summary format:
show ospfv3 lsdb stats

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1402

ExtremeWare XOS 11.3 Command Reference

show ospfv3 memory

show ospfv3 memory


show ospfv3 memory {detail | <memoryType}

Description
Displays OSPFv3 specific memory usage.

Syntax Description
detail memoryType Displays detail information. Specifies the memory type usage to display.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays OSPFv3 specific memory for all types:
show ospfv3 memory detail

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1403

OSPFv3 Commands

show ospfv3 neighbor


show ospfv3 {domain <domainName>} neighbor {routerid <ip-address>} {vlan <vlan-name> | tunnel <tunnel-name>} {detail}

Description
Displays information about an OSPFv3 neighbor.

Syntax Description
domainName ip-address vlan-name tunnel-name detail Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies a neighbor router ID. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel. Specifies detail information.

Default
If no argument is specified, all OSPFv3 neighbors are displayed.

Usage Guidelines
None.

Example
The following command displays information about the OSPFv3 neighbors on the VLAN accounting:
show ospfv3 neighbor vlan accounting

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1404

ExtremeWare XOS 11.3 Command Reference

show ospfv3 virtual-link

show ospfv3 virtual-link


show ospfv3 {domain <domainName>} virtual-link {{routerid} <routeridentifier> {area} <area-identifier>}

Description
Displays virtual link(s) information.

Syntax Description
domainName router-identifier area-identifier Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies a router identifier, a four-byte, dotted decimal number. Specifies an OSPFv3 area, a four-byte, dotted decimal number.

Default
N/A.

Usage Guidelines
router-identifierRouter ID for the other end of the link. area-identifierTransit area used for connecting the two end-points. The transit area cannot have an area identifier of 0.0.0.0 and cannot be a stub or NSSA area.

Example
The following command displays information about the virtual link to a particular router:
show ospfv3 virtual-link 1.2.3.4 10.1.6.1

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1405

OSPFv3 Commands

unconfigure ospfv3
unconfigure ospfv3 {domain <domainName>} {area <area-identifier> | vlan <vlan-name> | tunnel <tunnel-name>}

Description
Resets one or all OSPFv3 interfaces to the default settings.

Syntax Description
domainName area-identifier vlan-name tunnel-name Specifies an OSPFv3 domain. OSPF-Default is the only one currently supported. Specifies an OSPFv3 area, a four-byte, dotted decimal number. Specifies an IPv6 configured VLAN. Specifies an IPv6 tunnel.

Default
N/A.

Usage Guidelines
ExtremeWare XOS OSPFv3 allows you to change certain configurable OSPFv3 parameters on the fly. This command selectively resets the configurable parameters to their default values. The following is the list of parameters whose values will be reset to their defaults:

Interface

Hello Interval Dead Interval Transmit Delay Retransmit Interval Priority Cost

Area

All the parameters of Interfaces associated with this area Inter-Area-Prefix-LSA Filter AS-External-LSA Filter

OSPF Global

All parameters of all areas in this OSPF domain SPF Delay interval

1406

ExtremeWare XOS 11.3 Command Reference

unconfigure ospfv3

Interface Cost metric Table Route Redistribution

Example
The following command resets the OSPFv3 interface to the default settings on the VLAN accounting:
unconfigure ospfv3 accounting

The following command unconfigures the parameters of the area 0.0.0.1 (and all its associated interfaces):
unconfigure ospfv3 domain ospf-default area 0.0.0.1

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1407

OSPFv3 Commands

1408

ExtremeWare XOS 11.3 Command Reference

28 BGP Commands
Border Gateway Protocol (BGP) is an exterior routing protocol that was developed for use in TCP/IP networks. The primary function of BGP is to allow different autonomous systems (ASs) to exchange network reachability information. An autonomous system is a set of routers that are under a single technical administration. This set of routers uses a different routing protocol (such as OSPF) for intra-AS routing. One or more routers in the AS are configured to be border routers, exchanging information with other border routers (in different autonomous systems) on behalf of all of the intra-AS routers. BGP can be used as an exterior gateway protocol (EBGP), or it can be used within an AS as an interior gateway protocol (IBGP).

Licensing
BGP requires a Core license, at a minimum. The BGP process will not spawn without the required license level. The MSM-1XL is shipped with an Advanced Core license and the MSM-1 is shipped with a Core license. Other platforms can be upgraded to a Core license. See the section Software Licensing in chapter 1, ExtremeWare XOS Overview, in the ExtremeWare XOS 11.2 Concepts Guide for more information about licensing.

BGP Attributes
The following BGP attributes are supported by the switch:

OriginDefines the origin of the route. Possible values are IGP, EGP, and incomplete. AS_PathThe list of ASs that are traversed for this route. Next_hopThe IP address of the next hop BGP router to reach the destination listed in the NLRI field. Multi_Exist_DiscriminatorUsed to select a particular border router in another AS when multiple border routers exist. Local_PreferenceUsed to advertise this routers degree of preference to other routers within the AS. Atomic_aggregateIndicates that the sending border router is used a route aggregate prefix in the route update. AggregatorIdentifies the BGP router AS number and IP address that performed route aggregation. CommunityIdentifies a group of destinations that share one or more common attributes. Cluster_IDSpecifies a 4 byte field used by a route reflector to recognize updates from other route reflectors in the same cluster. A route can contain a sequence of CLUSTER_ID values representing the reflection path that the route has passed. Originator_IDSpecifies the Router_ID of the originator of the route in the local AS.

ExtremeWare XOS 11.3 Command Reference

1409

BGP Commands

BGP Communities
A BGP community is a group of BGP destinations that require common handling. ExtremeWare XOS supports the following well-known BGP community attributes:

no-export no-advertise no-export-subconfed

BGP Features
This section lists BGP features supported by ExtremeWare XOS:

Route Reflectors Route Confederations Route Aggregation Using the Loopback Interface BGP Peer Groups BGP Route Flap Dampening Route Redistribution Policy Filtering Maximum Prefix Limit TCP MD5 Authentication EBGP Multihop Removal of private AS-Number from AS-path of outbound BGP routes Neighbor/Peer Group soft-reconfiguration NOTE

Although the CLI commands are available, this release of ExtremeWare XOS does not support the MBGP/Routerefresh features.

1410

ExtremeWare XOS 11.3 Command Reference

clear bgp neighbor counters

clear bgp neighbor counters


clear bgp neighbor [<remoteaddr> | all] counters

Description
Resets the BGP counters for one or all BGP neighbor sessions to zero.

Syntax Description
remoteaddr all Specifies the IP address of a specific BGP neighbor. Specifies that counters for all BGP neighbors should be reset.

Default
N/A.

Usage Guidelines
This command resets the following counters:

In-total-msgs Out-total-msgs In-updates Out-updates Last-error FsmTransitions

The command clear counters will also reset all counter for all BGP neighbors. For BGP, the clear counters command is equivalent to the following BGP command:
clear bgp neighbor all counters

Example
The following command resets the counters for the BGP neighbor at 10.20.30.55:
clear bgp neighbor 10.20.30.55 counters

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

1411

BGP Commands

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1412

ExtremeWare XOS 11.3 Command Reference

clear bgp flap-statistics

clear bgp flap-statistics


clear bgp {neighbor} <remoteaddr> {address-family [ipv4-unicast | ipv4multicast]} flap-statistics [all | as-path <path expression> | community [no-advertise | no-export | no-export-subconfed | number <community_num> | <AS_Num>:<Num>] | network [any / <netMaskLen> | <networkPrefixFilter>] {exact}]

Description
Clears flap statistics for routes to specified neighbors.

Syntax Description
all remoteaddr address-family no-advertise no-export no-export-subconfed community_num AS_Num Num any netMaskLen networkPrefixFilter exact Specifies flap statistics for all routes. Specifies an IP address that identifies a BGP neighbor. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies the no-advertise community attribute. Specifies the no-export community attribute. Specifies the no-export-subconfed community attribute. Specifies a community number. Specifies an autonomous system ID (0-65535). Specifies a community number. Specifies all routes with a given or larger mask length. Specifies a subnet mask length (number of bits). Specifies an IP address and netmask. Specifies an exact match with the IP address and subnet mask.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Use this command to clear flap statistics for a specified BGP neighbor. The option network any / <netMaskLen> will clear the statistics for all BGP routes whose mask length is equal to or greater than <maskLength>, irrespective of their network address. The option network any / <netMaskLen> exact will clear the statistics for all BGP routes whose mask length is exactly equal to <maskLength>, irrespective of their network address.

ExtremeWare XOS 11.3 Command Reference

1413

BGP Commands

Example
The following command clears the flap statistics for a specified neighbor:
clear bgp neighbor 10.10.10.10 flap-statistics all

History
This command was first available in ExtremeWare XOS 10.1. The any / <netMaskLen> options were added in ExtremeWare XOS 11.0 This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1414

ExtremeWare XOS 11.3 Command Reference

configure bgp add aggregate-address

configure bgp add aggregate-address


configure bgp add aggregate-address {address-family [ipv4-unicast | ipv4-multicast]} <ipaddress> {as-match | as-set} {summary-only} {advertise-policy <policy>} {attribute-policy <policy>}

Description
Configures a BGP aggregate route.

Syntax Description
address-family ipaddress as-match as-set summary-only advertise-policy attribute-policy The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies an IP network address and mask length. Generates autonomous system sequence path information (order of AS numbers in AS_PATH is preserved). Generates autonomous system set path information (order of AS numbers in AS_PATH is not preserved). Specifies to send only aggregated routes to the neighbors. Specifies the policy used to select routes for this aggregated route. Specifies the policy used to set the attributes of the aggregated route.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Route aggregation is the process of combining the characteristics of several routes so that they are advertised as a single route. Aggregation reduces the amount of information that a BGP speaker must store and exchange with other BGP speakers. Reducing the information that is stored and exchanged also reduces the size of the routing table. To use BGP route aggregation, follow these steps: 1 Enable aggregation using the following command:
enable bgp aggregation

2 Create an aggregate route using the following commands:


configure bgp add aggregate-address {address-family [ipv4-unicast | ipv4multicast]} <ipaddress> {as-match | as-set} {summary-only} {advertise-policy <policy>} {attribute-policy <policy>}

Example
The following command configures a BGP aggregate route:
configure bgp add aggregate-address 192.1.1.4/30

ExtremeWare XOS 11.3 Command Reference

1415

BGP Commands

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1416

ExtremeWare XOS 11.3 Command Reference

configure bgp add confederation-peer sub-AS-number

configure bgp add confederation-peer sub-AS-number


configure bgp add confederation-peer sub-AS-number <number>

Description
Adds a sub-AS to a confederation.

Syntax Description
number Specifies a sub-AS number of the confederation. The range is 1 to 65535.

Default
N/A.

Usage Guidelines
Invoke this command multiple times to add multiple sub-ASs. IBGP requires networks to use a fully-meshed router configuration. This requirement does not scale well, especially when BGP is used as an interior gateway protocol. One way to reduce the size of a fully-meshed AS is to divide the AS into multiple sub-autonomous systems and group them into a routing confederation. Within the confederation, all BGP speakers in each sub-AS must be fully-meshed. The confederation is advertised to other networks as a single AS.

Example
The following command adds one sub-AS to a confederation:
configure bgp add confederation-peer sub-AS-number 65002

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1417

BGP Commands

configure bgp add network


configure bgp add network {address-family [ipv4-unicast | ipv4-multicast]} <ipaddr>/<mask_len> {network-policy <policy>}

Description
Adds a network to be originated from this router.

Syntax Description
address-family ipaddr mask_len policy-name The address family to which the network routes will be exported. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies an IP network address. Specifies a netmask length. Name of policy to be associated with network export. Policy can filter and/or change the route parameters.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
The network must be present in the routing table. Using the export command to redistribute routes complements the redistribution of routes using the configure bgp add network command. The configure bgp add network command adds the route to BGP only if the route is present in the routing table. The enable bgp export command redistributes an individual route from the routing table to BGP. If you use both commands to redistribute routes, the routes redistributed using the network command take precedence over routes redistributed using the export command.

Example
The following command adds a network to be originated from this router:
configure bgp add network 192.1.1.16/32

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1418

ExtremeWare XOS 11.3 Command Reference

configure bgp AS-number

configure bgp AS-number


configure bgp AS-number <number>

Description
Changes the local AS number used by BGP.

Syntax Description
number Specifies a local AS number. The range is 1 to 65535.

Default
N/A.

Usage Guidelines
BGP must be disabled before the AS number can be changed.

Example
The following command changes the local AS number used by BGP:
configure bgp AS-number 65001

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1419

BGP Commands

configure bgp cluster-id


configure bgp cluster-id <cluster-id>

Description
Configures the local cluster ID.

Syntax Description
cluster-id Specifies a 4 byte field used by a route reflector to recognize updates from other route reflectors in the same cluster. The range is 0 - 4294967295.

Default
N/A.

Usage Guidelines
Used when multiple route reflectors are used within the same cluster of clients. Extreme Networks recommends disabling BGP before configuring the cluster ID.

Example
The following command appends a BGP route reflector cluster ID to the cluster list of a route:
configure bgp cluster-id 40000

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1420

ExtremeWare XOS 11.3 Command Reference

configure bgp confederation-id

configure bgp confederation-id


configure bgp confederation-id <number>

Description
Specifies a BGP routing confederation ID.

Syntax Description
confederation-id Specifies a routing confederation identifier. The range is 1 to 65535.

Default
N/A.

Usage Guidelines
IBGP requires that networks use a fully-meshed router configuration. This requirement does not scale well, especially when BGP is used as an interior gateway protocol. One way to reduce the size of a fully-meshed AS is to divide the AS into multiple sub-autonomous systems and group them into a routing confederation. Within the confederation, each sub-AS must be fully-meshed. The confederation is advertised to other networks as a single AS. Use a confederation ID of 0 to indicate no confederation.

Example
The following command specifies the BGP routing confederation ID as 200:
configure bgp confederation-id 200

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1421

BGP Commands

configure bgp delete aggregate-address


configure bgp delete aggregate-address {address-family [ipv4-unicast | ipv4-multicast]} [<ip address/masklength> | all]

Description
Deletes one or all BGP aggregated route.

Syntax Description
address-family ip address/mask length all The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies an IP network address and netmask length. Specifies all aggregated routes.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Route aggregation is the process of combining the characteristics of several routes so that they are advertised as a single route. Aggregation reduces the amount of information that a BGP speaker must store and exchange with other BGP speakers. Reducing the information that is stored and exchanged also reduces the size of the routing table.

Example
The following command deletes a BGP aggregate route:
configure bgp delete aggregate-address 192.1.1.4/30

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1422

ExtremeWare XOS 11.3 Command Reference

configure bgp delete confederation-peer sub-AS-number

configure bgp delete confederation-peer sub-AS-number


configure bgp delete confederation-peer sub-AS-number <number>

Description
Specifies a sub-AS that should be deleted from a confederation.

Syntax Description
sub-AS-number Specifies a sub-AS.

Default
N/A.

Usage Guidelines
BGP requires that networks use a fully-meshed router configuration. This requirement does not scale well, especially when BGP is used as an interior gateway protocol. One way to reduce the size of a fully-meshed AS is to divide the AS into multiple sub-autonomous systems and group them into a routing confederation. Within the confederation, each sub-AS must be fully-meshed. The confederation is advertised to other networks as a single AS.

Example
The following command deletes a sub-AS from a confederation:
configure bgp delete confederation-peer sub-AS-number 65002

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1423

BGP Commands

configure bgp delete network


configure bgp delete network {address-family [ipv4-unicast | ipv4multicast]} [all | <ipaddress/mask length>]

Description
Deletes a network to be originated from this router.

Syntax Description
address-family all ipaddress The address family to which the network routes will be exported. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies all networks. Specifies an IP network address and a netmask length.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
None.

Example
The following command deletes a network to be originated from this router:
configure bgp delete network 192.1.1.12/30

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1424

ExtremeWare XOS 11.3 Command Reference

configure bgp export shutdown-priority

configure bgp export shutdown-priority


configure bgp export [direct | ospf | ospf-extern1 | ospf-extern2 | ospfinter | ospf-intra | rip | static] {address-family [ipv4-unicast | ipv4multicast]} shutdown-priority <number>

Description
Configures the shutdown priority for IGP export.

Syntax Description
direct ospf ospf-extern1 ospf-extern2 ospf-inter ospf-intra rip static address-family number Specifies direct routing. Specifies OSPF routing. Specifies OSPF-extern1 routing. Specifies OSPF-extern2 routing. Specifies OSPF-inter routing. Specifies OSPF-intra routing. Specifies RIP routing. Specifies static routing. The address family to which the IGP routes will be exported. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies the shutdown priority. The range is 0 - 65,535.

Default
The default value is 2048. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
NOTE
This command is not currently supported, and is not recommended for use.

Higher priority values lower the chance of an IGP export to be automatically disabled in case BGP or the system goes to a low memory condition.

Example
The following command configures the shutdown priority of BGP exported OSPF routes to 1000:
configure bgp export ospf shutdown-priority 1000

ExtremeWare XOS 11.3 Command Reference

1425

BGP Commands

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1426

ExtremeWare XOS 11.3 Command Reference

configure bgp import-policy

configure bgp import-policy


configure bgp import-policy [<policy-name> | none]

Description
Configures the import policy for BGP.

Syntax Description
policy-name none Specifies the policy. Specifies no policy.

Default
N/A.

Usage Guidelines
Use the none keyword to remove a BGP import policy. An import policy is used to modify route attributes while adding BGP routes to the IP route table.

Example
The following command configures a policy imprt_plcy for BGP:
configure bgp import-policy imprt_plcy

The following command unconfigures the import policy for BGP:


configure bgp import-policy none

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1427

BGP Commands

configure bgp local-preference


configure bgp local-preference <number>

Description
Changes the default local preference attribute.

Syntax Description
number Specifies a value used to advertise this routers degree of preference to other routers within the AS. Range is 0 to 2147483647.

Default
100.

Usage Guidelines
The range is 0 to 2,147,483,647. BGP selects routes based on the following precedence (from highest to lowest):

higher weight higher local preference shortest length (shortest AS path) lowest origin code lowest MED route from external peer lowest cost to Next Hop lowest routerID

Example
The following command changes the default local preference attribute to 500:
configure bgp local-preference 500

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

1428

ExtremeWare XOS 11.3 Command Reference

configure bgp local-preference

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1429

BGP Commands

configure bgp med


configure bgp med [none | <bgp_med>]

Description
Configures the metric to be included in the Multi-Exit-Discriminator (MED) path attribute. The MED path attribute is included in route updates sent to external peers if a value is configured.

Syntax Description
none bgp_med Specifies not to use a multi-exist-discriminator number. Specifies a multi-exist-discriminator number. The range is 0-2147483647.

Default
N/A.

Usage Guidelines
BGP selects routes based on the following precedence (from highest to lowest):

higher weight higher local preference shortest length (shortest AS path) lowest origin code lowest MED route from external peer lowest cost to Next Hop lowest routerID

Example
The following command configures the metric to be included in the MED path attribute:
configure bgp med 3

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1430

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor dampening

configure bgp neighbor dampening


configure bgp neighbor [all | <remoteaddr>] {address-family [ipv4unicast | ipv4-multicast]} dampening {{half-life <half-life-minutes> {reuse-limit <reuse-limit-number> suppress-limit <suppress-limit-number> max-suppress <max-suppress-minutes>} | policy-filter [<policy-name> | none]}

Description
Configures route flap dampening over BGP peer sessions.

Syntax Description
remoteaddr all address-family half-life reuse suppress max-suppress policy-filter Specifies an IP address of a BGP neighbor. Specifies all neighbors. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies the dampening half life. Range is 1 to 45 minutes. Specifies the reuse limit. Range is 1 to 20000. Specifies the suppress limit. Range is 1 to 20000. Specifies the maximum hold down time. Range is 1 to 255 minutes. Specifies a policy.

Default
This feature is disabled by default. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
The half life is the period of time, in minutes, during which the accumulated penalty of a route is reduced by half. The range is 1 to 45 minutes, and the default is 15 minutes. The reuse limit is the penalty value below which a route will be used again. The range is 1-20,000, and the default is 750. The suppress limit is the penalty value above which a route will be suppressed. The range is 1-20,000, and the default is 2,000. The maximum hold down time is the maximum time a route can be suppressed, no matter how unstable it has been, as long as it no longer flaps. The range is 1-255 minutes, and the default is 4 * the half life. Instead of explicitly configuring the dampening parameters using the command line, you can associate a policy using the policy-filter option. Multiple sets of parameters can be supplied using a policy.

ExtremeWare XOS 11.3 Command Reference

1431

BGP Commands Use the following command to disable route flap dampening for BGP neighbors:
configure bgp neighbor [<remoteaddr> | all] {address-family [ipv4-unicast | ipv4multicast]} no-dampening

Example
The following command configures route flap dampening to the BGP neighbor at 192.168.1.22 to the default values:
configure bgp neighbor 192.168.1.22 dampening

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1432

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor description

configure bgp neighbor description


configure bgp neighbor [all | <remoteaddr>] description {<description>}

Description
Configures a description for a BGP neighbor.

Syntax Description
remoteaddr all description Specifies an IP address of a BGP neighbor. Specifies all neighbors. Specifies a string used to describe the neighbor.

Default
The description is a NULL string by default.

Usage Guidelines
Use this command to attach a description to a BGP neighbor. This description will be displayed in the output of the show bgp neighbor command when you specify the detail option, or when you specify a particular neighbor. Enclose the string in double quotes if there are any blank spaces in the string. The maximum length of the string is 56 characters. If you do not specify the <description> parameter, the description will be reset to the default.

Example
The following command configures the description for the BGP neighbor 192.168.1.22 to Toledo_5:
configure bgp neighbor 192.168.1.22 description Toledo_5

History
This command was first available in ExtremeWare XOS 11.0. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1433

BGP Commands

configure bgp neighbor maximum-prefix


configure bgp neighbor [<remoteaddr> | all] {address-family [ipv4-unicast | ipv4-multicast]} maximum-prefix <number> {{threshold <percent>} {teardown {holddown-interval <seconds>}} {send-traps}

Description
Configures the maximum number of IP prefixes accepted from a BGP neighbor.

Syntax Description
remoteaddr all address-family number percent Specifies an IP address of a BGP neighbor. Specifies all neighbors. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies the maximum number of prefixes that can be accepted. The range is 0 to 4294967294. A value of 0 disables prefix limit feature. Specifies the percentage of the maximum prefix (threshold) at which a warning message is printed in the log (and console), and/or a trap will be sent to the SNMP manager. Specifies that the peer session is torn down when the maximum is exceeded. Specifies the length of time before the session is re-established, if the session is torn down due to maximum prefix exceeded. If the hold-down interval is zero or not specified, it is kept down until the peer is enabled. The range is 30 to 86400 seconds. Specifies sending number of prefix reached threshold and number of prefix exceed the max-prefix limit SNMP traps.

teardown seconds

send-traps

Default
This feature is disabled by default. The default threshold is 75%. By default, teardown is not specified. By default, send-traps is not specified. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Configure the peer group before configuring the neighbors. To configure the peer group, use the following command:
configure bgp peer-group maximum-prefix

1434

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor maximum-prefix

Example
The following command configures the maximum number of IP prefixes accepted from all neighbors to 5000, sets the threshold for warning messages to 60%, and specifies SNMP traps:
configure bgp neighbor all maximum-prefix 5000 threshold 60 send-traps

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1435

BGP Commands

configure bgp neighbor next-hop-self


configure bgp neighbor [<remoteaddr> | all] {address-family [ipv4-unicast | ipv4-multicast]} [next-hop-self | no-next-hop-self]

Description
Configures the next hop address used in the outgoing updates to be the address of the BGP connection originating the update.

Syntax Description
remoteaddr all address-family next-hop-self no-next-hop-self Specifies an IP address. Specifies all neighbors. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies that the next hop address used in the updates be the address of the BGP connection originating it. Specifies that the next hop address used in the updates not be the address of the BGP connection originating it (lets BGP decide what would be the next hop).

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
These settings apply to the peer group and all neighbors of the peer group.

Example
The following command configures the next hop address used in the updates to be the address of the BGP connection originating it:
configure bgp neighbor 172.16.5.25 next-hop-self

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1436

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor no-dampening

configure bgp neighbor no-dampening


configure bgp neighbor [<remoteaddr> | all] {address-family [ipv4-unicast | ipv4-multicast]} no-dampening

Description
Configures no route flap dampening over BGP peer sessions (disables route flap dampening).

Syntax Description
remoteaddr all address-family Specifies an IP address of a BGP neighbor. Specifies all neighbors. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast.

Default
This feature is disabled by default. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Use the following command to enable route flap dampening for BGP neighbors:
configure bgp neighbor [all | <remoteaddr>] {address-family [ipv4-unicast | ipv4multicast]} dampening {{half-life <half-life-minutes> {reuse-limit <reuse-limitnumber> suppress-limit <suppress-limit-number> max-suppress <max-suppress-minutes>} | policy-filter [<policy-name> | none]}

Example
The following command disables route flap dampening to the BGP neighbor at 192.168.1.22:
configure bgp neighbor 192.168.1.22 no-dampening

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1437

BGP Commands

configure bgp neighbor password


configure bgp neighbor [all | <remoteaddr>] password [none | <tcpPassword>]

Description
Configures an MD5 secret password for a neighbor.

Syntax Description
all remoteaddr none tcpPassword Specifies all neighbors. Specifies an IP address of a BGP neighbor. Specifies not to use a password Specifies a password string.

Default
N/A.

Usage Guidelines
Disable the BGP neighbor or the BGP protocol before changing the password. When a password is configured, TCP MD5 authentication is enabled on the TCP connection that is established with the neighbor. Changes made to the parameters of a peer group are applied to all neighbors in the peer group. To change any one of the following parameters you must disable and re-enable the peer session:

timer source-interface soft-in-reset password

Changing a route reflector client will automatically disable and enable the peer session.

Example
The following command configures the password for a neighbor as Extreme:
configure bgp neighbor 192.168.1.5 password extreme

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

1438

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor password

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1439

BGP Commands

configure bgp neighbor peer-group


configure bgp neighbor [all | <remoteaddr>] peer-group [<peer-group-name> | none] {acquire-all}

Description
Configures an existing neighbor as the member of a peer group.

Syntax Description
all remoteaddr peer-group-name none acquire-all Specifies all neighbors. Specifies an IP address of a BGP neighbor. Specifies a peer group name. Removes the neighbor from the peer group. Specifies that all parameters should be inherited by the neighbor from the peer group.

Default
By default, remote AS (if configured for the peer group), source-interface, outbound route policy, sendcommunity and next-hop-self settings are inherited.

Usage Guidelines
If acquire-all is not specified, only the default parameters are inherited by the neighbor. When you remove a neighbor from a peer group, it retains the parameter settings of the group. The parameter values are not reset to those the neighbor had before it inherited the peer group values. To create a new neighbor and add it to a BGP peer group, use the following command:
create bgp neighbor <remoteaddr> peer-group <peer-group-name> {multi-hop}

The new neighbor is created as part of the peer group and inherits all of the existing parameters of the peer group. The peer group must have remote AS configured.

Example
The following command configures an existing neighbor as the member of the peer group outer:
configure bgp neighbor 192.1.1.22 peer-group outer

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

1440

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor peer-group

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1441

BGP Commands

configure bgp neighbor route-policy


configure bgp neighbor [<remoteaddr> | all] {address-family [ipv4-unicast | ipv4-multicast]} route-policy [in | out] [none | <policy>]

Description
Configures a route map filter for a neighbor.

Syntax Description
remoteaddr all address-family in out none policy Specifies an IP address. Specifies all neighbors. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast Specifies to install the filter on the input side. Specifies to install the filter on the output side. Specifies to remove the filter. Specifies a policy.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
The policy can be installed on the input or output side of the router. The policy is used to modify or filter the NLRI information and the path attributes associated with it when exchanging updates with the neighbor.

Example
The following command configures the route-policy filter for a neighbor based on the policy nosales:
configure bgp neighbor 192.168.1.22 route-policy in nosales

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1442

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor route-reflector-client

configure bgp neighbor route-reflector-client


configure bgp neighbor [<remoteaddr> | all] [route-reflector-client | noroute-reflector-client]

Description
Configures a BGP neighbor to be a route reflector client.

Syntax Description
remoteaddr all route-reflector-client no-route-reflector-client Specifies an IP address of a BGP neighbor. Specifies all neighbors. Specifies for the BGP neighbor to be a route reflector client. Specifies for the BGP neighbor not to be a route reflector client.

Default
N/A.

Usage Guidelines
Another way to overcome the difficulties of creating a fully-meshed AS is to use route reflectors. Route reflectors allow a single router to serve as a central routing point for the AS or sub-AS. Use this command to implicitly define the router to be a route reflector. The neighbor must be in the same AS as the router. When changing the route reflector status of a peer, the peer will automatically be disabled and reenabled and a warning message will appear on the console and in the log. A cluster is formed by the route reflector and its client routers. Peer routers that are not part of the cluster must be fully meshed according to the rules of BGP.

Example
The following command configures a BGP neighbor to be a route reflector client:
configure bgp neighbor 192.168.1.5 route-reflector-client

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

1443

BGP Commands

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1444

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor send-community

configure bgp neighbor send-community


configure bgp neighbor [<remoteaddr> | all] {address-family [ipv4-unicast | ipv4-multicast]} [send-community | dont-send-community]

Description
Configures whether the community path attribute associated with a BGP NLRI should be included in the route updates sent to the BGP neighbor.

Syntax Description
remoteaddr all address-family send-community dont-send-community Specifies an IP address of a BGP neighbor. Specifies all neighbors. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies to include the community path attribute. Specifies not to include the community path attribute.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
A BGP community is a group of BGP destinations that require common handling. ExtremeWare XOS supports the following well-known BGP community attributes:

no-export no-advertise no-export-subconfed

Example
The following command includes the community path attribute associated with a BGP NLRI in the route updates sent to all BGP neighbors:
configure bgp neighbor all send-community

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

1445

BGP Commands

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1446

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor shutdown-priority

configure bgp neighbor shutdown-priority


configure bgp neighbor [all | <remoteaddr>] shutdown-priority <number>

Description
Configures the shutdown priority for a BGP neighbor.

Syntax Description
remoteaddr number Specifies an IP address of a BGP neighbor. Specifies the shutdown priority. The range is 0 - 65,535.

Default
The default value is 1024.

Usage Guidelines
NOTE
This command is not currently supported, and is not recommended for use.

Higher priority values lower the chance of a BGP neighbor to be automatically disabled in case BGP or the system goes to a low memory condition.

Example
The following command configures the shutdown priority of the BGP neighbor 10.0.20.1 to 500:
configure bgp neighbor 10.0.20.1 shutdown-priority 1000

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1447

BGP Commands

configure bgp neighbor soft-reset


configure bgp neighbor [<remoteaddr> | all] {address-family [ipv4-unicast | ipv4-multicast]} soft-reset {in | out}

Description
Applies the current input or output routing policy to the routing information already exchanged with the neighbor.

Syntax Description
remoteaddr all address-family in out Specifies an IP address of a BGP neighbor. Specifies all neighbors. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast Specifies to apply the input routing policy. Specifies to apply the output routing policy.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
The input/output policy is determined by the route policy configured for the neighbor on the input and/or output side of the router. This command does not affect the switch configuration. If both the local BGP neighbor and the neighbor router support the route refresh capability (ExtremeWare does not support this feature), a dynamic soft input reset can be performed. The softreset input command will trigger the generation of a route refresh message to be sent to the neighbor. As a response to the Route-Refresh message, the neighbor will send the entire BGP routing table in updates. If the Route-Refresh capability is not supported by the neighbor (like ExtremeWare), then the user must preconfigure soft-input-reset. If soft-input-reset is configured, BGP will store all the incoming routes updates from the neighbor. When the user issues the soft-input-reset command, the locally stored incoming routes will be reprocessed against the new policy, and will be installed in the BGP route database.

Example
The following command applies the current input routing policy to the routing information already exchanged with the neighbor:
configure bgp neighbor 192.168.1.5 soft-reset in

1448

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor soft-reset

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1449

BGP Commands

configure bgp neighbor source-interface


configure bgp neighbor [<remoteaddr> | all] source-interface [any | ipaddress <ipAddr>]

Description
Changes the BGP source interface for TCP connections.

Syntax Description
remoteaddr all any ipAddr Specifies an IP address of the BGP neighbor. Specifies all neighbors. Specifies any source interface. Specifies the IP address of a source interface.

Default
Any.

Usage Guidelines
The source interface IP address must be a valid IP address of any VLAN configured on the switch.

Example
The following command changes the BGP source interface to 10.43.55.10:
configure bgp neighbor 192.168.1.5 source-interface ipaddress 10.43.55.10

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1450

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor timer

configure bgp neighbor timer


configure bgp neighbor [<remoteaddr> | all] timer keep-alive <keepalive> hold-time <holdtime>

Description
Configures the BGP neighbor timers.

Syntax Description
remoteaddr all keepalive holdtime Specifies an IP address. Specifies all neighbors. Specifies a BGP neighbor timer keepalive time in seconds. The range is 0 to 21,845 seconds. Specifies a BGP neighbor timer hold time in seconds. The range is 0 and 3 to 65,535 seconds.

Default
The default keepalive setting is 60 seconds. The default hold time is 180 seconds.

Usage Guidelines
The BGP neighbor or BGP protocol must be disabled before changing the timer values.

Example
The following command configures the BGP neighbor timers:
configure bgp neighbor 192.168.1.5 timer keep-alive 120 hold-time 360

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1451

BGP Commands

configure bgp neighbor weight


configure bgp neighbor [<remoteaddr> | all] weight <weight>

Description
Assigns a locally-used weight to a neighbor connection for the route selection algorithm.

Syntax Description
remoteaddr all weight Specifies an IP address of the BGP neighbor. Specifies all neighbors. Specifies a BGP neighbor weight.

Default
By default, the weight is 0.

Usage Guidelines
All routes learned from this peer are assigned the same weight. The route with the highest weight is more preferable when multiple routes are available to the same network. The range is 0 to 65,535. BGP selects routes based on the following precedence (from highest to lowest):

higher weight higher local preference shortest length (shortest AS path) lowest origin code lowest MED route from external peer lowest cost to Next Hop lowest routerID

Example
The following command assigns a locally used weight of 10 to a neighbor connection:
configure bgp neighbor 192.168.1.5 weight 10

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

1452

ExtremeWare XOS 11.3 Command Reference

configure bgp neighbor weight

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1453

BGP Commands

configure bgp peer-group dampening


configure bgp peer-group <peer-group-name> {address-family [ipv4-unicast | ipv4-multicast]} dampening {{half-life <half-life-minutes> {reuse-limit <reuse-limit-number> supress-limit <suppress-limit-number> max-suppress <max-suppress-minutes>}} | policy-filter [<policy-name> | none]}

Description
Configures route flap dampening for a BGP peer group.

Syntax Description
peer-group-name address-family half-life-minutes reuse-limit-number suppress-limit-number max-suppress-minutes policy-name none Specifies a peer group The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast Specifies the dampening half life. Specifies the reuse limit. Specifies the suppress limit. Specifies the maximum hold down time. Specifies a policy Removes any policy association.

Default
This feature is disabled by default. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
The half life is the period of time, in minutes, during which the accumulated penalty of a route is reduced by half. The range is 1 to 45 minutes, and the default is 15 minutes. The reuse limit is the penalty value below which a route will be used again. The range is 1-20,000, and the default is 750. The suppress limit is the penalty value above which a route will be suppressed. The range is 1-20,000, and the default is 2,000. The maximum hold down time is the maximum time a route can be suppressed, no matter how unstable it has been, as long as it no longer flaps. The range is 1-255 minutes, and the default is 4 * the half life. Instead of explicitly configuring the dampening parameters using the command line, you can associate a policy using the policy-filter option. Multiple sets of parameters can be supplied using a policy.

1454

ExtremeWare XOS 11.3 Command Reference

configure bgp peer-group dampening Use the following command to disable route flap dampening for a BGP peer-group:
configure bgp peer-group <peer-group-name> no-dampening

Example
The following command configures route flap dampening for the BGP peer group outer:
configure bgp peer-group outer dampening

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1455

BGP Commands

configure bgp peer-group maximum-prefix


configure bgp peer-group <peer-group-name> {address-family [ipv4-unicast | ipv4-multicast]} maximum-prefix <number> {{threshold <percent>} {teardown {holddown-interval <seconds>}} {send-traps}

Description
Configures the maximum number of IP prefixes accepted for all neighbors in the peer group.

Syntax Description
name address-family number percent Specifies a peer group. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies the maximum number of prefixes that can be accepted. The range is 0 to 4294967294. A value of 0 disables prefix limit feature. Specifies the percentage of the maximum prefix (threshold) at which a warning message is printed in the log (and on the console). An SNMP trap can also be sent. Specifies that the peer session is torn down when the maximum is exceeded. Specifies the length of time before the session is re-established, if the session has been torn down due to exceeding the max limit. If the hold down interval is 0 or not specified, it is kept down until the peer is enabled. The range is 30 to 86400 seconds. Specifies sending number of prefix reached threshold and number of prefix exceed the max-prefix limit SNMP traps.

teardown seconds

send-traps

Default
This feature is disabled by default. The default threshold is 75%. By default, teardown is not specified. By default, send-traps is not specified. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Configure the peer group before configuring the neighbors. To configure the neighbors, use the following command:
configure bgp neighbor 192.168.1.1 maximum-prefix

1456

ExtremeWare XOS 11.3 Command Reference

configure bgp peer-group maximum-prefix

Example
The following command configures the maximum number of IP prefixes accepted from the peer group outer to 5000, sets the threshold for warning messages to 60%, and specifies SNMP traps:
configure bgp peer-group outer maximum-prefix 5000 threshold 60 send-traps

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1457

BGP Commands

configure bgp peer-group next-hop-self


configure bgp peer-group <peer-group-name> {address-family [ipv4-unicast | ipv4-multicast]} [next-hop-self | no-next-hop-self]

Description
Configures the next hop address used in the updates to be the address of the BGP connection originating the update.

Syntax Description
peer-group-name address-family next-hop-self no-next-hop-self Specifies a peer group. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast Specifies that the next hop address used in the updates be the address of the BGP connection originating it. Specifies that the next hop address used in the updates not be the address of the BGP connection originating it (Let the BGP protocol decide the next hop).

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
These settings apply to the peer group and all neighbors of the peer group.

Example
The following command configures the next hop address used in the updates to be the address of the BGP connection originating it:
configure bgp peer-group outer next-hop-self

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1458

ExtremeWare XOS 11.3 Command Reference

configure bgp peer-group no-dampening

configure bgp peer-group no-dampening


configure bgp peer-group <peer-group-name> no-dampening

Description
Configures no route flap dampening for a BGP peer group (disables route flap dampening).

Syntax Description
peer-group-name Specifies a BGP peer group.

Default
This feature is disabled by default.

Usage Guidelines
Use the following command to enable route flap dampening for a BGP peer-group:
configure bgp peer-group <peer-group-name> {address-family [ipv4-unicast | ipv4multicast]} dampening {{half-life <half-life-minutes> {reuse-limit <reuse-limitnumber> supress-limit <suppress-limit-number> max-suppress <max-suppress-minutes>}} | policy-filter [<policy-name> | none]}

Example
The following command disables route flap dampening to the BGP peer group outer:
configure bgp peer-group outer no-dampening

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1459

BGP Commands

configure bgp peer-group route-reflector-client


configure bgp peer-group <peer-group-name> [route-reflector-client | noroute-reflector-client]

Description
Configures all the peers in a peer group to be a route reflector client.

Syntax Description
peer-group-name route-reflector-client no-route-reflector-client Specifies a peer group. Specifies that all the neighbors in the peer group be a route reflector client. Specifies that all the neighbors in the peer group not be a route reflector client.

Default
N/A.

Usage Guidelines
This command implicitly defines this router to be a route reflector. The peer group must be in the same AS of this router.

Example
The following command configures the peer group outer as a route reflector client:
configure bgp peer-group outer route-reflector-client

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1460

ExtremeWare XOS 11.3 Command Reference

configure bgp peer-group send-community

configure bgp peer-group send-community


configure bgp peer-group <peer-group-name> {address-family [ipv4-unicast | ipv4-multicast]} [send-community | dont-send-community]

Description
Configures whether communities should be sent to neighbors as part of route updates.

Syntax Description
peer-group-name address-family send-community dont-send-community Specifies a peer group. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast Specifies that communities are sent to neighbors as part of route updates. Specifies that communities are not sent to neighbors as part of route updates.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
These settings apply to the peer group and all neighbors of the peer group.

Example
The following command configures communities to be sent to neighbors as part of route updates:
configure bgp peer-group outer send-community

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1461

BGP Commands

configure bgp peer-group password


configure bgp peer-group <peer-group-name> password [none | <tcpPassword>]

Description
Configures the TCP MD5 secret password for a peer group and all neighbors of the peer group.

Syntax Description
peer-group-name none tcpPassword Specifies a peer group. Specifies no password. Specifies a password.

Default
N/A.

Usage Guidelines
Changes made to the parameters of a peer group are applied to all neighbors in the peer group. Modifying the following parameters automatically disables and enables the neighbors before changes take effect:

remote-as timer source-interface soft-in-reset password

Example
The following command configures the password as Extreme for the peer group outer and its neighbors:
configure bgp peer-group outer password extreme

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1462

ExtremeWare XOS 11.3 Command Reference

configure bgp peer-group remote-AS-number

configure bgp peer-group remote-AS-number


configure bgp peer-group <peer-group-name> remote-AS-number <number>

Description
Configures the remote AS number for a peer group and all the neighbors of the peer group.

Syntax Description
peer-group-name number Specifies a peer group. Specifies a remote AS number.

Default
N/A.

Usage Guidelines
Changes made to the parameters of a peer group are applied to all neighbors in the peer group. Modifying the following parameters automatically disables and enables the neighbors before changes take effect:

remote-as timer source-interface soft-in-reset password

Example
The following command configures the remote AS number for the peer group outer and its neighbors:
configure bgp peer-group outer remote-AS-number 65001

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1463

BGP Commands

configure bgp peer-group route-policy


configure bgp peer-group <peer-group-name> route-policy [in | out] [none | <policy>]

Description
Configures the policy for a peer group and all the neighbors of the peer group.

Syntax Description
peer-group-name in out none policy Specifies a peer group. Specifies to install the policy on the input side. Specifies to install the policy on the output side. Specifies to remove the filter. Specifies a policy.

Default
N/A.

Usage Guidelines
None.

Example
The following command configures the route policy for the peer group outer and its neighbors using the policy nosales:
configure bgp peer-group outer route-policy in nosales

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1464

ExtremeWare XOS 11.3 Command Reference

configure bgp peer-group soft-reset

configure bgp peer-group soft-reset


configure bgp peer-group <peer-group-name> soft-reset {in | out}

Description
Applies the current input/output routing policy to the neighbors in the peer group.

Syntax Description
peer-group-name in out Specifies a peer group. Specifies to apply the input routing policy. Specifies to apply the output routing policy.

Default
N/A.

Usage Guidelines
The input/output routing policy is determined by the route policy configured for the neighbors in the peer group on the input/output side of the router. This command does not affect configuration of the switch. Changes made to the parameters of a peer group are applied to all neighbors in the peer group. Modifying the following parameters automatically disables and enables the neighbors before changes take effect:

remote-as timer source-interface soft-in-reset password

Example
The following command applies the current input routing policy to the neighbors in the peer group outer:
configure bgp peer-group outer soft-reset in

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

1465

BGP Commands

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1466

ExtremeWare XOS 11.3 Command Reference

configure bgp peer-group source-interface

configure bgp peer-group source-interface


configure bgp peer-group <peer-group-name> source-interface [any | ipaddress <ipAddr>]

Description
Configures the source interface for a peer group and all the neighbors of the peer group.

Syntax Description
peer-group-name any ipAddr Specifies a peer group. Specifies any source interface. Specifies an interface.

Default
N/A.

Usage Guidelines
The source interface IP address must be a valid IP address of a VLAN configured on the switch. Changes made to the parameters of a peer group are applied to all neighbors in the peer group. Modifying the following parameters automatically disables and enables the neighbors before changes take effect:

remote-as timer source-interface soft-in-reset password

Example
The following command configures the source interface for the peer group outer and its neighbors on 10.34.25.10:
configure bgp peer-group outer source-interface ipaddress 10.34.25.10

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

1467

BGP Commands

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1468

ExtremeWare XOS 11.3 Command Reference

configure bgp peer-group timer

configure bgp peer-group timer


configure bgp peer-group <peer-group-name> timer keep-alive <seconds> holdtime <seconds>

Description
Configures the keepalive timer and hold timer values for a peer group and all the neighbors of the peer group.

Syntax Description
peer-group-name keep-alive <seconds> hold-time <seconds> Specifies a peer group. Specifies a keepalive time in seconds. Range is 0 to 21845. Specifies a hold-time in seconds. Range is 0 and 3 to 65535.

Default
N/A.

Usage Guidelines
Changes made to the parameters of a peer group are applied to all neighbors in the peer group. Modifying the following parameters automatically disables and enables the neighbors before changes take effect:

remote-as timer source-interface soft-in-reset password

Example
The following command configures the keepalive timer and hold timer values for the peer group outer and its neighbors:
configure bgp peer-group outer timer keep-alive 30 hold-time 90

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

1469

BGP Commands

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1470

ExtremeWare XOS 11.3 Command Reference

configure bgp peer-group weight

configure bgp peer-group weight


configure bgp peer-group <peer-group-name> weight <number>

Description
Configures the weight for the peer group and all the neighbors of the peer group.

Syntax Description
peer-group-name number Specifies a peer group. Specifies a BGP peer group weight. Range is 0 to 65535.

Default
N/A.

Usage Guidelines
BGP selects routes based on the following precedence (from highest to lowest):

higher weight higher local preference shortest length (shortest AS path) lowest origin code lowest MED route from external peer lowest cost to Next Hop lowest routerID

Example
The following command configures the weight for the peer group outer and its neighbors:
configure bgp peer-group outer weight 5

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1471

BGP Commands

configure bgp routerid


configure bgp routerid <router identifier>

Description
Changes the router identifier.

Syntax Description
router identifier Specifies a router identifier in the IPv4 address format.

Default
N/A.

Usage Guidelines
BGP must be disabled before changing the router ID. BGP selects routes based on the following precedence (from highest to lowest):

higher weight higher local preference shortest length (shortest AS path) lowest origin code lowest MED route from external peer lowest cost to Next Hop lowest router ID

Example
The following command changes the router ID:
configure bgp routerid 192.1.1.13

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1472

ExtremeWare XOS 11.3 Command Reference

configure bgp soft-reconfiguration

configure bgp soft-reconfiguration


configure bgp soft-reconfiguration

Description
Immediately applies the route policy associated with the network command, aggregation, import, and redistribution.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command does not affect the switch configuration.

Example
The following command applies the route policy associated with the network command, aggregation, import, and redistribution:
configure bgp soft-reconfiguration

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1473

BGP Commands

create bgp neighbor peer-group


create bgp neighbor <remoteaddr> peer-group <peer-group-name> {multi-hop}

Description
Creates a new neighbor and makes it part of the peer group.

Syntax Description
remoteaddr peer-group-name multi-hop Specifies an IP address of the BGP neighbor. Specifies a peer group. Specifies to allow connections to EBGP peers that are not directly connected.

Default
N/A.

Usage Guidelines
All the parameters of the neighbor are inherited from the peer group. The peer group should have the remote AS configured. To add an existing neighbor to a peer group, use the following command:
configure bgp neighbor [all | <remoteaddr>] peer-group [<peer-group-name> | none] {acquire-all}

If you do not specify acquire-all, only the mandatory parameters are inherited from the peer group. If you specify acquire-all, all of the parameters of the peer group are inherited. This command disables the neighbor before adding it to the peer group.

Example
The following command creates a new neighbor and makes it part of the peer group outer:
create bgp neighbor 192.1.1.22 peer-group outer

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1474

ExtremeWare XOS 11.3 Command Reference

create bgp neighbor remote-AS-number

create bgp neighbor remote-AS-number


create bgp neighbor <remoteaddr> remote-AS-number <number> {multi-hop}

Description
Creates a new BGP peer.

Syntax Description
remoteaddr number multi-hop Specifies an IP address of the BGP neighbor. Specifies a remote AS number. The range is 1 to 65535. Specifies to allow connections to EBGP peers that are not directly connected.

Default
N/A.

Usage Guidelines
If the AS number is the same as the AS number provided in the configure bgp as command, then the peer is consider an IBGP peer, otherwise the neighbor is an EBGP peer. The BGP session to a newly created peer is not started until the enable bgp neighbor command is issued.

Example
The following command creates a new BGP peer:
create bgp neighbor 192.168.1.17 remote-AS-number 65001

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1475

BGP Commands

create bgp peer-group


create bgp peer-group <peer-group-name>

Description
Creates a new peer group.

Syntax Description
peer-group-name Specifies a peer group.

Default
N/A.

Usage Guidelines
You can use BGP peer groups to group together up to 512 BGP neighbors. All neighbors within the peer group inherit the parameters of the BGP peer group. The following mandatory parameters are shared by all neighbors in a peer group:

remote AS source-interface out-route-policy send-community next-hop-self

Each BGP peer group is assigned a unique name when the peer group is created.

Example
The following command creates a new peer group named external:
create bgp peer-group outer

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1476

ExtremeWare XOS 11.3 Command Reference

delete bgp neighbor

delete bgp neighbor


delete bgp neighbor [<remoteaddr> | all]

Description
Deletes one or all BGP neighbors.

Syntax Description
remoteaddr all Specifies the IP address of the BGP neighbor to be deleted. Specifies all neighbors.

Default
N/A.

Usage Guidelines
Use this command to delete one or all BGP neighbors.

Example
The following command deletes the specified BGP neighbor:
delete bgp neighbor 192.168.1.17

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1477

BGP Commands

delete bgp peer-group


delete bgp peer-group <peer-group-name>

Description
Deletes a peer group.

Syntax Description
peer-group-name Specifies a peer group.

Default
N/A.

Usage Guidelines
Use this command to delete a specific BGP peer group.

Example
The following command deletes the peer group named external:
delete bgp peer-group outer

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1478

ExtremeWare XOS 11.3 Command Reference

disable bgp

disable bgp
disable bgp

Description
Disables BGP.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Use this command to disable BGP on the router.

Example
The following command disables BGP:
disable bgp

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1479

BGP Commands

disable bgp aggregation


disable bgp aggregation

Description
Disables BGP route aggregation.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Route aggregation is the process of combining the characteristics of several routes so that they are advertised as a single route. Aggregation reduces the amount of information that a BGP speaker must store and exchange with other BGP speakers. Reducing the information that is stored and exchanged also reduces the size of the routing table. Use this command to disable BGP route aggregation.

Example
The following command disables BGP route aggregation:
disable bgp aggregation

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1480

ExtremeWare XOS 11.3 Command Reference

disable bgp always-compare-med

disable bgp always-compare-med


disable bgp always-compare-med

Description
Disables BGP from comparing Multi Exit Discriminators (MEDs) for paths from neighbors in different Autonomous Systems (AS).

Syntax Description
This command has no arguments or variables.

Default
ExtremeWare XOS does not compare MEDs for paths from neighbors in different AS.

Usage Guidelines
The MED is one of the parameters that is considered when selecting the best path among many alternative paths. The path with a lower MED is preferred over a path with a higher MED. By default, during the best path selection process, MED comparison is done only among paths from the same AS.

Example
The following command disables MED from being used in comparison among paths from different AS:
disable bgp always-compare-med

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1481

BGP Commands

disable bgp community format


disable bgp community format AS-number : number

Description
Disables the AS-number:number format of display for communities in the output of show and upload commands.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Using this command, communities are displayed as a single decimal value.

Example
The following command disables the AS-number:number format of display for communities:
disable bgp community format AS-number : number

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1482

ExtremeWare XOS 11.3 Command Reference

disable bgp export

disable bgp export


disable bgp export [direct | ospf | ospf-extern1 | ospf-extern2 | ospfinter | ospf-intra | rip | static] {address-family [ipv4-unicast | ipv4multicast]}

Description
Disables BGP from exporting routes from other protocols to BGP peers.

Syntax Description
direct ospf ospf-extern1 ospf-extern2 ospf-inter ospf-intra rip static address-family Specifies direct routing. Specifies OSPF routing. Specifies OSPF-extern1 routing. Specifies OSPF-extern2 routing. Specifies OSPF-inter routing. Specifies OSPF-intra routing. Specifies RIP routing. Specifies static routing. The address family to which the IGP routes will be exported. BGP supports two address families: IPv4 Unicast and IPv4 Multicast.

Default
Disabled. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
The exporting of routes between any two routing protocols is a discreet configuration function. For example, you must configure the switch to export routes from OSPF to BGP and, if desired, you must configure the switch to export routes from BGP to OSPF. You must first configure both protocols and then verify the independent operation of each. Then you can configure the routes to export from OSPF to BGP, and the routes to export from BGP to OSPF. Similarly for BGP and ISIS, or BGP and RIP. You can use policies to associate BGP attributes including Community, NextHop, MED, Origin, and Local Preference with the routes. Policies can also be used to filter out exported routes. Using the export command to redistribute routes complements the redistribution of routes using the configure bgp add network command. The configure bgp add network command adds the route to BGP only if the route is present in the routing table. The enable bgp export command redistributes an individual route from the routing table to BGP. If you use both commands to redistribute routes, the routes redistributed using the network command take precedence over routes redistributed using the export command.

ExtremeWare XOS 11.3 Command Reference

1483

BGP Commands

Example
The following command disables BGP from exporting routes from the OSPF protocol to BGP peers:
disable bgp export ospf

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1484

ExtremeWare XOS 11.3 Command Reference

disable bgp neighbor

disable bgp neighbor


disable bgp neighbor [<remoteaddr> | all]

Description
Disables the BGP session.

Syntax Description
remoteaddr all Specifies an IP address of the BGP neighbor. Specifies all neighbors.

Default
Disabled.

Usage Guidelines
After the session has been disabled, all the information in the route information base (RIB) for the neighbor is flushed.

Example
The following command disables the BGP session:
disable bgp neighbor 192.1.1.17

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1485

BGP Commands

disable bgp neighbor capability


disable bgp neighbor [all | <remoteaddr>] capability [ipv4-unicast | ipv4multicast | route-refresh]

Description
This command disables BGP Multiprotocol (MP) and route-refresh capabilities for neighbor.

Syntax Description
all remoteaddr ipv4-unicast ipv4-multicast route-refresh Specifies all neighbors. Specifies an IP address of the BGP neighbor. Specifies BGP MP unicast capabilities. Specifies BGP MP multicast capabilities. Specifies ROUTE-REFRESH message capabilities.

Default
All capabilities are disabled by default. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
NOTE
This command is not currently supported, and is not recommended for use.

This command disables BGP Multiprotocol and route-refresh capabilities for one or all neighbors. After the capabilities have been enabled, the BGP neighbor will announce its capabilities to neighbors in an OPEN message.

Example
The following command disables the route-refresh feature for all neighbors:
disable bgp neighbor all route-refresh

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

1486

ExtremeWare XOS 11.3 Command Reference

disable bgp neighbor capability

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1487

BGP Commands

disable bgp neighbor remove-private-AS-numbers


disable bgp neighbor [<remoteaddr> | all] remove-private-AS-numbers

Description
Disables the removal of private AS numbers from the AS path in route updates sent to EBGP peers.

Syntax Description
remoteaddr all Specifies an IP address. Specifies all neighbors.

Default
Disabled.

Usage Guidelines
Private AS numbers are AS numbers in the range 64512 through 65534. You can remove private AS numbers from the AS path attribute in updates that are sent to external BGP (EBGP) neighbors. Possible reasons for using private AS numbers include:

The remote AS does not have officially allocated AS numbers. You want to conserve AS numbers if you are multi-homed to the local AS.

Private AS numbers should not be advertised on the Internet. Private AS numbers can only be used locally within an administrative domain. Therefore, when routes are advertised out to the Internet, the private AS number can be stripped out from the AS paths of the advertised routes using this feature.

Example
The following command disables the removal of private AS numbers from the AS path in route updates sent to the EBGP peers:
disable bgp neighbor 192.168.1.17 remove-private-AS-numbers

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1488

ExtremeWare XOS 11.3 Command Reference

disable bgp neighbor soft-in-reset

disable bgp neighbor soft-in-reset


disable bgp neighbor [all | <remoteaddr>] {address-family [ipv4-unicast | ipv4-multicast]} soft-in-reset

Description
Disables the soft input reset feature.

Syntax Description
all remoteaddr address-family Specifies all neighbors. Specifies an IP address. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast.

Default
Disabled. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Disabling the soft input reset feature can potentially limit the amount of system memory consumed by the RIB-in. This command can be issued only when both BGP and the BGP neighbor is disabled.

Example
The following command disables the soft input reset for the neighbor at 192.168.1.17:
disable bgp neighbor 192.168.1.17 soft-in-reset

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1489

BGP Commands

disable bgp neighbor use-ip-router-alert


disable bgp neighbor [all | <remoteaddr>] use-ip-router-alert

Description
Disables the router alert IP option in outgoing BGP messages to the specified neighbor.

Syntax Description
all remoteaddr Specifies all neighbors. Specifies an IP address of the BGP neighbor.

Default
Disabled.

Usage Guidelines
The IP router alert option in a BGP message forces intermediate routers to examine the packet very closely and therefore, indirectly, gives greater reliability that a packet will be delivered to its destination.

Example
The following command disables the feature:
disable bgp neighbor 192.168.1.17 use-ip-router-alert

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1490

ExtremeWare XOS 11.3 Command Reference

disable bgp peer-group

disable bgp peer-group


disable bgp peer-group <peer-group-name>

Description
Disables a BGP peer group and all its BGP neighbors.

Syntax Description
peer-group-name Specifies a peer group.

Default
Disabled.

Usage Guidelines
None.

Example
The following command disables the BGP peer group outer:
disable bgp peer-group outer

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1491

BGP Commands

disable bgp peer-group capability


disable bgp peer-group <peer-group-name> capability [ipv4-unicast | ipv4multicast | route-refresh]

Description
Disables BGP Multiprotocol (MP) and route-refresh capabilities for a peer-group.

Syntax Description
peer-group-name ipv4-unicast ipv4-multicast route-refresh Specifies a peer group. Specifies BGP MP unicast capabilities. Specifies BGP MP multicast capabilities. Specifies ROUTE-REFRESH message capabilities.

Default
All capabilities are disabled by default.

Usage Guidelines
NOTE
This command is not currently supported, and is not recommended for use.

This command disables BGP Multiprotocol and route-refresh capabilities for a peer group. Once the capabilities are enabled, the BGP peer will announce its capabilities to neighbors in an OPEN message

Example
The following command disables the route-refresh feature for the peer group outer:
disable bgp peer-group outer route-refresh

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1492

ExtremeWare XOS 11.3 Command Reference

disable bgp peer-group remove-private-AS-numbers

disable bgp peer-group remove-private-AS-numbers


disable bgp peer-group <peer-group-name> remove-private-AS-numbers

Description
Disables the removal of private autonomous system (AS) numbers from the AS_Path attribute of outbound updates.

Syntax Description
peer-group-name Specifies a peer group.

Default
Disabled.

Usage Guidelines
None.

Example
The following command disables the BGP peer group outer from removing private AS numbers:
disable bgp peer-group outer remove-private-AS-numbers

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1493

BGP Commands

disable bgp peer-group soft-in-reset


disable bgp peer-group <peer-group-name> {address-family [ipv4-unicast | ipv4-multicast]} soft-in-reset

Description
Disables the soft input reset feature.

Syntax Description
peer-group-name address-family Specifies a peer group. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast.

Default
Disabled. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Disabling the soft input reset feature can potentially limit the amount of system memory consumed by the RIB-in.

Example
The following command disables the soft input reset feature:
disable bgp peer-group outer soft-in-reset

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1494

ExtremeWare XOS 11.3 Command Reference

disable bgp peer-group use-ip-router-alert

disable bgp peer-group use-ip-router-alert


disable bgp peer-group <peer-group-name> use-ip-router-alert

Description
Disables the router alert IP option in outgoing BGP messages to the specified peer group.

Syntax Description
peer-group-name Specifies a peer group.

Default
Disabled.

Usage Guidelines
None.

Example
The following command disables the feature for the peer group outer:
disable bgp peer-group outer use-ip-router-alert

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1495

BGP Commands

enable bgp
enable bgp

Description
Enables BGP.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
This command enables the Border Gateway Protocol (BGP) on the router. Before invoking this command, the local AS number and BGP router ID must be configured.

Example
The following command enables BGP:
enable bgp

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1496

ExtremeWare XOS 11.3 Command Reference

enable bgp aggregation

enable bgp aggregation


enable bgp aggregation

Description
Enables BGP route aggregation.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
Route aggregation is the process of combining the characteristics of several routes so that they are advertised as a single route. Aggregation reduces the amount of information that a BGP speaker must store and exchange with other BGP speakers. Reducing the information that is stored and exchanged also reduces the size of the routing table. To use BGP route aggregation, follow these steps: 1 Enable aggregation using the following command:
enable bgp aggregation

2 Create an aggregate route using the following command:


configure bgp add aggregate-address {address-family [ipv4-unicast | ipv4multicast]} <ipaddress> {as-match | as-set} {summary-only} {advertise-policy <policy>} {attribute-policy <policy>}

Example
The following command enables BGP route aggregation:
enable bgp aggregation

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1497

BGP Commands

enable bgp always-compare-med


enable bgp always-compare-med

Description
Enables BGP to use the Multi Exit Discriminator (MED) from neighbors in different autonomous systems (ASs) in the route selection algorithm.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
MED is only used when comparing paths from the same AS, unless always-compare-med is enabled. When this command is issued, MEDs from different AS are used in comparing paths. A MED value of zero is treated as the lowest MED and therefore the most preferred route.

Example
The following command enables BGP to use the Multi Exit Discriminator (MED) from neighbors in different autonomous systems in the route selection algorithm:
enable bgp always-compare-med

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1498

ExtremeWare XOS 11.3 Command Reference

enable bgp community format

enable bgp community format


enable bgp community format AS-number : number

Description
Enables the as-number:number format of display for the communities in the output of show and upload commands.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
If not enabled, the communities are displayed as a single decimal value.

Example
The following command enables the AS-number:number format of display for communities:
enable bgp community format AS-number : number

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1499

BGP Commands

enable bgp export


enable bgp export [direct | ospf | ospf-extern1 | ospf-extern2 | ospf-inter | ospf-intra | rip | static] {address-family [ipv4-unicast | ipv4multicast]} {export-policy <policy-name>}

Description
Enables BGP to export routes from other protocols to BGP peers.

Syntax Description
direct ospf ospf-extern1 ospf-extern2 ospf-inter ospf-intra rip static address-family policy-name Specifies direct routing. Specifies OSPF routing. Specifies OSPF-extern1 routing. Specifies OSPF-extern2 routing. Specifies OSPF-inter routing. Specifies OSPF-intra routing. Specifies RIP routing. Specifies static routing. The address family to which the IGP routes will be exported. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Name of policy to be associated with network export. Policy can filter and/or change the route parameters.

Default
Disabled. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
The exporting of routes between any two routing protocols is a discreet configuration function. For example, you must configure the switch to export routes from OSPF to BGP and, if desired, you must configure the switch to export routes from BGP to OSPF. You must first configure both protocols and then verify the independent operation of each. Then, you can configure the routes to export from OSPF to BGP, and the routes to export from BGP to OSPF. Similarly for BGP and ISIS, or BGP and RIP. You can use a policy to associate BGP attributes including Community, NextHop, MED, Origin, and Local Preference with the routes. A policy can also be used to filter out exported routes. Using the export command to redistribute routes complements the redistribution of routes using the configure bgp add network command. The configure bgp add network command adds the route to BGP only if the route is present in the routing table. The enable bgp export command redistributes an individual route from the routing table to BGP. If you use both commands to redistribute routes, the routes redistributed using the network command take precedence over routes redistributed using the export command.

1500

ExtremeWare XOS 11.3 Command Reference

enable bgp export

Example
The following command enables BGP to export routes from the OSPF protocol to BGP peers:
enable bgp export ospf

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1501

BGP Commands

enable bgp neighbor


enable bgp neighbor [<remoteaddr> | all]

Description
Enables the BGP session. The neighbor must be created before the BGP neighbor session can be enabled.

Syntax Description
remoteaddr all Specifies an IP address of a BGP neighbor. Specifies all neighbors.

Default
Disabled.

Usage Guidelines
To create a new neighbor and add it to a BGP peer group, use the following command:
create bgp neighbor <remoteaddr> peer-group <peer-group-name> {multi-hop}

Example
The following command enables the BGP neighbor session:
enable bgp neighbor 192.168.1.17

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1502

ExtremeWare XOS 11.3 Command Reference

enable bgp neighbor capability

enable bgp neighbor capability


enable bgp neighbor [all | <remoteaddr>] capability [ipv4-unicast | ipv4multicast | route-refresh]

Description
This command enables BGP Multiprotocol (MP) and route-refresh capabilities for neighbor.

Syntax Description
all remoteaddr ipv4-unicast ipv4-multicast route-refresh Specifies all neighbors. Specifies an IP address of a BGP neighbor. Specifies BGP MP unicast capabilities. Specifies BGP MP multicast capabilities. Specifies ROUTE-REFRESH message capabilities.

Default
All capabilities are disabled by default. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
NOTE
This command is not currently supported, and is not recommended for use.

This command enables BGP Multiprotocol and route-refresh capabilities for one or all neighbors. After the capabilities have been enabled, the BGP neighbor will announce its capabilities to neighbors in an OPEN message.

Example
The following command disables the route-refresh feature for all neighbors:
enable bgp neighbor all capability route-refresh

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

1503

BGP Commands

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1504

ExtremeWare XOS 11.3 Command Reference

enable bgp neighbor remove-private-AS-numbers

enable bgp neighbor remove-private-AS-numbers


enable bgp neighbor [<remoteaddr> | all] remove-private-AS-numbers

Description
Enables the removal of private AS numbers from the AS path in route updates sent to EBGP peers.

Syntax Description
remoteaddr all Specifies an IP address of a BGP neighbor. Specifies all neighbors.

Default
Disabled.

Usage Guidelines
Private AS numbers are AS numbers in the range 64512 through 65534. You can remove private AS numbers from the AS path attribute in updates that are sent to external BGP (EBGP) neighbors. Possible reasons for using private AS numbers include:

The remote AS does not have officially allocated AS numbers. You want to conserve AS numbers if you are multi-homed to the local AS.

Private AS numbers should not be advertised on the Internet. Private AS numbers can only be used locally within an administrative domain. Therefore, when routes are advertised out to the Internet, the routes can be stripped out from the AS paths of the advertised routes using this feature.

Example
The following command enables the removal of private AS numbers from the AS path in route updates sent to the EBGP peers:
enable bgp neighbor 192.168.1.17 remove-private-AS-numbers

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1505

BGP Commands

enable bgp neighbor soft-in-reset


enable bgp neighbor [all | <remoteaddr>] {address-family [ipv4-unicast | ipv4-multicast]} soft-in-reset

Description
Enables the soft input reset feature.

Syntax Description
all remoteaddr address-family Specifies all neighbors. Specifies an IP address of a BGP neighbor. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast.

Default
Disabled. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Disabling the soft input reset feature can potentially limit the amount of system memory consumed by the RIB-in. This command can be issued only when both BGP and the BGP neighbor is disabled.

Example
The following command enables the soft recognition feature:
enable bgp neighbor 192.168.1.17 soft-in-reset

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1506

ExtremeWare XOS 11.3 Command Reference

enable bgp neighbor use-ip-router-alert

enable bgp neighbor use-ip-router-alert


enable bgp neighbor [all | <remoteaddr>] use-ip-router-alert

Description
Enables the router alert IP option in outgoing BGP messages to the specified neighbor.

Syntax Description
all remoteaddr Specifies all neighbors. Specifies an IP address of a BGP neighbor.

Default
Disabled.

Usage Guidelines
This command will force the IP layer of ExtremeWare XOS to insert the IP Router Alert Option field in all the outbound BGP messages. IP packets with IP Router Alert option in them examined closely by all the intermediate routers in the transit path, thereby causing transmit delays.

Example
The following command enables the feature:
enable bgp neighbor 192.168.1.17 use-ip-router-alert

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1507

BGP Commands

enable bgp peer-group


enable bgp peer-group <peer-group-name>

Description
Enables a peer group and all the neighbors of a peer group.

Syntax Description
peer-group-name Specifies a peer group.

Default
Disabled.

Usage Guidelines
You can use BGP peer groups to group together up to 200 BGP neighbors. All neighbors within the peer group inherit the parameters of the BGP peer group. The following mandatory parameters are shared by all neighbors in a peer group:

remote AS source-interface out-nlri-filter out-aspath-filter out-route-map send-community next-hop-self

Example
The following command enables the BGP peer group outer and all its neighbors:
enable bgp peer-group outer

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1508

ExtremeWare XOS 11.3 Command Reference

enable bgp peer-group capability

enable bgp peer-group capability


enable bgp peer-group <peer-group-name> capability [ipv4-unicast | ipv4multicast | route-refresh]

Description
This command enables BGP Multiprotocol (MP) and route-refresh capabilities for a peer-group.

Syntax Description
peer-group-name ipv4-unicast ipv4-multicast route-refresh Specifies a peer group. Specifies BGP MP unicast capabilities. Specifies BGP MP multicast capabilities. Specifies ROUTE-REFRESH message capabilities.

Default
All capabilities are disabled by default.

Usage Guidelines
NOTE
This command is not currently supported, and is not recommended for use.

This command enables BGP Multiprotocol and route-refresh capabilities for a peer group. After the capabilities have been enabled, the BGP peer will announce its capabilities to neighbors in an OPEN message.

Example
The following command enables the route-refresh feature for the peer group outer:
enable bgp peer-group outer capability route-refresh

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1509

BGP Commands

enable bgp peer-group remove-private-AS-numbers


enable bgp peer-group <peer-group-name> remove-private-AS-numbers

Description
Enables the removal of private autonomous system (AS) numbers from the AS_Path attribute of outbound updates.

Syntax Description
peer-group-name Specifies a peer group.

Default
Disabled.

Usage Guidelines
None.

Example
The following command enables the BGP peer group outer from removing private AS numbers:
enable bgp peer-group outer remove-private-AS-numbers

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1510

ExtremeWare XOS 11.3 Command Reference

enable bgp peer-group soft-in-reset

enable bgp peer-group soft-in-reset


enable bgp peer-group <peer-group-name> {address-family [ipv4-unicast | ipv4-multicast]} soft-in-reset

Description
Enables the soft input reset feature.

Syntax Description
peer-group-name address-family Specifies a peer group. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast.

Default
Disabled. If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Disabling the soft input reset feature can potentially limit the amount of system memory consumed by the RIB-in.

Example
The following command enables the soft input reset feature:
enable bgp peer-group outer soft-in-reset

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1511

BGP Commands

enable bgp peer-group use-ip-router-alert


enable bgp peer-group <peer-group-name> use-ip-router-alert

Description
Enables the router alert IP option in outgoing BGP messages to the specified peer group.

Syntax Description
peer-group-name Specifies a peer group.

Default
Disabled.

Usage Guidelines
None.

Example
The following command enables the feature for the peer group outer:
enable bgp peer-group outer use-ip-router-alert

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1512

ExtremeWare XOS 11.3 Command Reference

show bgp

show bgp
show bgp

Description
Displays BGP configuration information.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Displays information such as AS number, router ID, local preference, sync flag, route reflection, cluster ID, confederation ID, and AS redistributed networks.

Example
The following command displays BGP configuration information:
show bgp

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1513

BGP Commands

show bgp neighbor


show bgp [neighbor {detail} | {neighbor} <remoteaddr>]

Description
Displays information about a specified neighbor.

Syntax Description
remoteaddr detail Specifies an IP address that identifies a BGP neighbor. Specifies to display the information in detailed format.

Default
N/A.

Usage Guidelines
Use this command to display information about a specific BGP neighbor. If you do not specify a neighbor, information about all neighbors is displayed.

Example
The following command displays information about a specified neighbor:
show bgp neighbor 10.10.10.10

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1514

ExtremeWare XOS 11.3 Command Reference

show bgp neighbor flap-statistics

show bgp neighbor flap-statistics


show bgp neighbor <remoteaddr> {address-family [ipv4-unicast | ipv4multicast]} flap-statistics {detail} [all | as-path <path-expression> | community [no-advertise | no-export | no-export-subconfed | number <community_num> | <AS_Num>:<Num> ] | network [any / <netMaskLen> | <networkPrefixFilter>] {exact} ]

Description
Displays information about neighbor route flap dampening statistics.

Syntax Description
remoteaddr address-family flap-statistics detail all no-advertise no-export no-export-subconfed community_num AS_Num Num any netMaskLen networkPrefixFilter exact Specifies an IP address that identifies a BGP neighbor. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast Specifies that only flap-statistics should be displayed (for route flap dampening enabled routes). Specifies to display the information in detailed format. Specifies all routes. Specifies the no-advertise community attribute. Specifies the no-export community attribute. Specifies the no-export-subconfed community attribute. Specifies a community number. Specifies an autonomous system ID (0-65535). Specifies the BGP community number. Specifies all routes with a given or larger mask length. Specifies a subnet mask length (number of bits). Specifies an IP address and netmask. Specifies an exact match with the IP address and subnet mask.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
Use this command to display information about BGP neighbor route flap dampening. The option network any / <netMaskLen> will display all BGP routes whose mask length is equal to or greater than <maskLength>, irrespective of their network address.

ExtremeWare XOS 11.3 Command Reference

1515

BGP Commands The option network any / <netMaskLen> exact will display all BGP routes whose mask length is exactly equal to <maskLength>, irrespective of their network address.

Example
The following command displays information about a specified neighbors dampened routes:
show bgp neighbor 10.10.10.10 flap-statistics all

History
This command was first available in ExtremeWare XOS 10.1. The any / <netMaskLen> options were added in ExtremeWare XOS 11.0 This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1516

ExtremeWare XOS 11.3 Command Reference

show bgp neighbor routes

show bgp neighbor routes


show bgp neighbor <remoteaddr> {address-family [ipv4-unicast | ipv4multicast]} [accepted-routes | received-routes | rejected-routes | suppressed-routes | transmitted-routes] {detail} [all | as-path <path-expression> | community [no-advertise | no-export | no-export-subconfed | number <community_num> | <AS_Num>:<Num> ] | network [any / <netMaskLen> | <networkPrefixFilter>] {exact} ]

Description
Displays information about specified neighbor routes.

Syntax Description
remoteaddr address-family accepted-routes received-routes rejected-routes suppressed-routes transmitted-routes detail all no-advertise no-export no-export-subconfed community_num AS_Num Num any netMaskLen networkPrefixFilter exact Specifies an IP address that identifies a BGP neighbor. The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast Specifies that only accepted routes should be displayed. Specifies that only received routes should be displayed. Specifies that only rejected routes should be displayed. Specifies that only suppressed routes should be displayed (for route flap dampening enabled routes). Specifies that only transmitted routes should be displayed. Specifies to display the information in detailed format. Specifies all routes. Specifies the no-advertise community attribute. Specifies the no-export community attribute. Specifies the no-export-subconfed community attribute. Specifies a community number. Specifies an autonomous system ID (0-65535). Specifies the BGP community number. Specifies all routes with a given or larger mask length. Specifies a subnet mask length (number of bits). Specifies an IP address and netmask. Specifies an exact match with the IP address and subnet mask.

Default
If no address family is specified, IPv4 unicast is the default.

ExtremeWare XOS 11.3 Command Reference

1517

BGP Commands

Usage Guidelines
Use this command to display information about a specific BGP neighbor routes. The option network any / <netMaskLen> will display all BGP routes whose mask length is equal to or greater than <maskLength>, irrespective of their network address. The option network any / <netMaskLen> exact will display all BGP routes whose mask length is exactly equal to <maskLength>, irrespective of their network address.

Example
The following command displays information about a specified neighbors received routes:
show bgp neighbor 10.10.10.10 received-routes all

History
This command was first available in ExtremeWare XOS 10.1. The any / <netMaskLen> options were added in ExtremeWare XOS 11.0. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1518

ExtremeWare XOS 11.3 Command Reference

show bgp peer-group

show bgp peer-group


show bgp peer-group {detail | <peer-group-name> {detail}}

Description
Displays the peer groups configured in the system.

Syntax Description
detail peer-group-name Specifies to display the information in detailed format. Specifies a peer group.

Default
N/A.

Usage Guidelines
If the detail keyword is specified then the parameters of the neighbors in the peer group, which are different from the ones that are configured in the peer group, will be displayed. If no peer group name is specified, all the peer group information will be displayed.

Example
The following command displays the peer groups configured in the system:
show bgp peer-group detail

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1519

BGP Commands

show bgp routes


show bgp routes {address-family [ipv4-unicast | ipv4-multicast]} {detail} [all | as-path <path-expression> | community [no-advertise | no-export | no-export-subconfed | number <community_num> | <AS_Num>:<Num> ] | network [any / <netMaskLen> | <networkPrefixFilter>] {exact} ]

Description
Displays the BGP route information base (RIB).

Syntax Description
address-family all no-advertise no-export no-export-subconfed community_num AS_Num Num any netMaskLen networkPrefixFilter exact The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast. Specifies all routes. Specifies the no-advertise community attribute. Specifies the no-export community attribute. Specifies the no-export-subconfed community attribute. Specifies a community number. Specifies an autonomous system ID (0-65535). Specifies the BGP community number. Specifies all routes with a given or larger mask length. Specifies a subnet mask length (number of bits). Specifies an IP address and netmask. Specifies an exact match with the IP address and subnet mask.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
The option network any / <netMaskLen> will display all BGP routes whose mask length is equal to or greater than <maskLength>, irrespective of their network address. The option network any / <netMaskLen> exact will display all BGP routes whose mask length is exactly equal to <maskLength>, irrespective of their network address.

1520

ExtremeWare XOS 11.3 Command Reference

show bgp routes

Example
The following command displays the BGP route information base (RIB):
show bgp routes all

History
This command was first available in ExtremeWare XOS 10.1. The any / <netMaskLen> options were added in ExtremeWare XOS 11.0. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1521

BGP Commands

show bgp routes summary


show bgp routes summary {address-family [ipv4-unicast | ipv4-multicast]}

Description
Displays a summary the BGP route information base (RIB).

Syntax Description
address-family The address family. BGP supports two address families: IPv4 Unicast and IPv4 Multicast.

Default
If no address family is specified, IPv4 unicast is the default.

Usage Guidelines
None.

Example
The following command displays a summary of the BGP route information base (RIB) for IPv4 multicast:
show bgp routes summary address-family ipv4-multicast

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

1522

ExtremeWare XOS 11.3 Command Reference

show bgp memory

show bgp memory


show bgp memory {detail | <memoryType>}

Description
Displays BGP specific memory usage.

Syntax Description
detail memoryType Displays detail information. Specifies the memory type usage to display.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays BGP specific memory for all types:
show bgp memory detail

History
This command was first available in ExtremeWare XOS 10.1. This command required an Advanced Core license in ExtremeWare XOS 11.1.

Platform Availability
This command is available on platforms with a Core or an Advanced Core license.

ExtremeWare XOS 11.3 Command Reference

1523

BGP Commands

1524

ExtremeWare XOS 11.3 Command Reference

29 IP Multicast Commands
IP multicast routing is a function that allows a single IP host to send a packet to a group of IP hosts. This group of hosts can include devices that reside on or outside the local network, or within or across a routing domain. IP multicast routing consists of the following functions:

A router that can forward IP multicast packets A router-to-router multicast protocol [for example, Distance Vector Multicast Routing Protocol (DVMRP) or Protocol Independent Multicast (PIM)] A method for the IP host to communicate its multicast group membership to a router [for example, Internet Group Management Protocol (IGMP)] NOTE

You must configure IP unicast routing before you configure IP multicast routing.

IGMP is a protocol used by an IP host to register its IP multicast group membership with a router. Periodically, the router queries the multicast group to see if the group is still in use. If the group is still active, a single IP host responds to the query, and group registration is maintained. IGMPv2 is enabled by default on the switch, and beginning in 11.2, ExtremeWare XOS also supports IGMPv3. However, the switch can be configured to disable the generation of period IGMP query packets. IGMP should be enabled when the switch is configured to perform IP unicast or IP multicast routing. Protocol Independent Multicast (PIM) is a multicast routing protocol with no inherent route exchange mechanism. The switch supports dense mode and sparse mode operation. You can configure dense mode or sparse mode on a per-interface basis. After they are enabled, some interfaces can run dense mode, while others run sparse mode.

PIM Dense Mode


Protocol Independent Multicast-Dense Mode (PIM-DM) is a multicast routing protocol that is similar to DVMRP. PIM-DM routers perform reverse path forwarding (RPF). However, instead of exchanging its own unicast route tables for the RPF lookup, PIM-DM uses the existing unicast route table for the RPF check. As a result, PIM-DM requires less system memory. PIM-DM is a broadcast and prune protocol. Using PIM-DM, multicast routes are pruned and grafted in a similar way as DVMRP.

ExtremeWare XOS 11.3 Command Reference

1525

IP Multicast Commands

PIM Sparse Mode (PIM-SM)


Unlike PIM-DM, PIM-SM is an explicit join and prune protocol, and it supports shared trees as well as shortest path trees (SPTs). The routers must explicitly join the group(s) in which they are interested in becoming a member, which is beneficial for large networks that have group members who are sparsely distributed. Using PIM-SM, the router sends a join message to the rendezvous point (RP). The RP is a central multicast router that is responsible for receiving and distributing multicast packets. By default, the RP is selected dynamically (but not automatically). You can also define a static RP in your network, using the following command:
configure pim crp static <ip_address>

When a router has a multicast packet to distribute, it encapsulates the packet in a unicast message and sends it to the RP. The RP decapsulates the multicast packet and distributes it among all member routers. When a router determines that the multicast rate from a particular group has exceeded a configured threshold, that router can send an explicit join to the originating router. When this occurs, the receiving router gets the multicast directly from the sending router, and bypasses the RP.

NOTE
You can run either PIM-DM or PIM-SM per VLAN.

PIM Mode Interoperation


An Extreme Networks switch can function as a PIM multicast border router (PMBR). A PMBR integrates PIM-SM and PIM-DM traffic. When forwarding PIM-DM traffic into a PIM-SM network, the PMBR notifies the RP that the PIM-DM network exists. The PMBR forwards PIM-DM multicast packets to the RP, which in turn forwards the packets to those routers that have joined the multicast group in the PIM-SM domain. The PMBR also forwards PIM-SM traffic to a PIM-DM network. The PMBR sends a join message to the RP and the PMBR floods traffic from the RP into the PIM-DM network. No commands are needed to enable PMBR mode interoperation. PMBR mode translation is automatically enabled when a dense mode interface and a sparse mode interface are enabled on the same switch.

1526

ExtremeWare XOS 11.3 Command Reference

clear igmp group

clear igmp group


clear igmp group {<grpipaddress>} {{vlan} <name>}

Description
Removes one or all IGMP groups.

Syntax Description
name grpipaddress Specifies a VLAN name. Specifies the group IP address.

Default
N/A.

Usage Guidelines
This command can be used by network operations to manually remove learned IGMP group entries instantly.

Example
The following command clears all IGMP groups from VLAN accounting:
clear igmp group accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1527

IP Multicast Commands

clear igmp snooping


clear igmp snooping {{vlan} <name>}

Description
Removes one or all IGMP snooping entries.

Syntax Description
name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
This command can be used by network operations to manually remove IGMP snooping entries instantly. However, removing an IGMP snooping entry can disrupt the normal forwarding of multicast traffic, until the snooping entries are learned again. The static and dynamic IGMP snooping entries will be removed, then recreated upon the next general query. The static router entry is removed and recreated immediately. This command clears both the IGMPv2 and IGMPv3 snooping entries.

Example
The following command clears IGMP snooping from VLAN accounting:
clear igmp snooping accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1528

ExtremeWare XOS 11.3 Command Reference

clear pim cache

clear pim cache


clear pim cache {<group_addr> {<source_addr>}}

Description
Resets the IP multicast cache table.

Syntax Description
group_addr source_addr Specifies a group address. Specifies a source IP address.

Default
If no options are specified, all IP multicast cache entries are flushed.

Usage Guidelines
This command can be used by network operators to manually remove IPMC software and hardware forwarding cache entries instantly. If the stream is available, caches will be re-created, otherwise caches are removed permanently. This command can disrupt the normal forwarding of multicast traffic.

Example
The following command resets the IP multicast table for group 224.1.2.3:
clear pim cache 224.1.2.3

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1529

IP Multicast Commands

configure igmp
configure igmp <query_interval> <query_response_interval> <last_member_query_interval> {<robustness>}

Description
Configures the Internet Group Management Protocol (IGMP) timers.

Syntax Description
query_interval query_response_interval last_member_query_interval robustness Specifies the interval (in seconds) between general queries. Specifies the maximum query response time (in seconds). Specifies the maximum group-specific query response time (in seconds). Specifies the degree of robustness for the network.

Default

query interval125 seconds query response interval10 seconds last member query interval1 second robustness2

Usage Guidelines
Timers are based on RFC2236. Specify the following:

query intervalThe amount of time, in seconds, the system waits between sending out general queries. The range is 1 to 429,496,729 seconds. query response intervalThe maximum response time inserted into the periodic general queries. The range is 1 to 25 seconds. last member query intervalThe maximum response time inserted into a group-specific query sent in response to a leave group message. The range is 1 to 25 seconds. robustnessThe degree of robustness of the network. The range is 2 to 7.

Example
The following command configures the IGMP timers:
configure igmp 100 5 1 3

History
This command was first available in ExtremeWare XOS 10.1.

1530

ExtremeWare XOS 11.3 Command Reference

configure igmp

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1531

IP Multicast Commands

configure igmp snooping flood-list


configure igmp snooping flood-list [<policy> | none]

Description
Configures certain multicast addresses to be slow path flooded within the VLAN.

Syntax Description
policy none Specifies a policy file with a list of multicast addresses to be handled. Specifies no policy file is to be used.

Default
None.

Usage Guidelines
With this command, a user can configure certain multicast addresses to be slow path flooded within the VLAN, which otherwise will be fast path forwarded according to IGMP and/or layer 3 multicast protocol. A policy file is a text file with the extension, .pol. It can be created or edited with any text editor. The specified policy file <policy file> should contain a list of addresses which will determine if certain multicast streams are to be treated specially. Typically, if the switch receives a stream with a destination address which is in the <policy file> in 'permit' mode, that stream will be software flooded and no hardware entry would be installed. When adding an IP address into the policy file, a 32-bit host address is recommended. This feature is meant to solve the multicast connectivity problem for unknown destination addresses within system reserved ranges. Specifically this feature was introduced to solve the problem of recognizing certain stream as control packets. To create a policy file for the snooping flood-list, use the following template:
# # This is a template for IGMP Snooping Flood-list Policy File # Add your group addresses between "Start" and "End" # Do not touch rest of file!!!! entry igmpFlood { if match any { #------------------ Start of group addresses -----------------nlri 234.1.1.1/32; nlri 239.1.1.1/32; #------------------- end of group addresses ------------------} then { permit; }

1532

ExtremeWare XOS 11.3 Command Reference

configure igmp snooping flood-list


} entry catch_all { if { } then { deny; } }

NOTE
The switch will not validate any IP address in the policy file used in this command. Therefore, slow-path flooding should be used only for streams which are very infrequent, such as control packets. It should not be used for multicast data packets. This option overrides any default mechanism of hardware forwarding (with respect to IGMP, PIM, or DVMRP) so it should be used with caution.

Slow path flooding will be done within the L2 VLAN only. Use the none option to effectively disable slow path flooding. You can use the show igmp command to see the configuration of slow path flooding.

Example
The following command configures the multicast data stream specified in access1 for slow path flooding:
configure igmp snooping flood-list access1

The following command specifies that no policy file is to be used, this effectively disabling slow path flooding:
configure igmp snooping flood-list none

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1533

IP Multicast Commands

configure igmp snooping leave-timeout


configure igmp snooping leave-timeout <leave_timeout_ms>

Description
Configures the IGMP snooping leave timeout.

Syntax Description
leave_timeout_ms Specifies an IGMP leave timeout value in milliseconds.

Default
1000 ms.

Usage Guidelines
The range is 0 - 10000 ms (10 seconds). For timeout values of one second or less, you must set the leavetimeout to a multiple of 100 ms. For values of more than one second, you must set the leave-timeout to a multiple of 1000 ms (one second). The specified time is the maximum leave timeout value. The switch could leave sooner if an IGMP leave message is received before the timeout occurs.

Example
The following command configures the IGMP snooping leave timeout:
configure igmp snooping leave-timeout 10000

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1534

ExtremeWare XOS 11.3 Command Reference

configure igmp snooping timer

configure igmp snooping timer


configure igmp snooping timer <router_timeout> <host_timeout>

Description
Configures the IGMP snooping timers.

Syntax Description
router_timeout host_timeout Specifies the time in seconds before removing a router snooping entry. Specifies the time in seconds before removing a hosts group snooping entry.

Default
The router timeout default setting is 260 seconds. The host timeout setting is 260 seconds.

Usage Guidelines
Timers should be set to approximately 2.5 times the router query interval in use on the network. Specify the following:

router timeoutThe maximum time, in seconds, that a router snooping entry can remain in the IGMP snooping table without receiving a router report. If a report is not received, the entry is deleted. The range is 10 to 214,748,364 seconds (6.8 years). The default setting is 260 seconds. host timeoutThe maximum time, in seconds, that a group snooping entry can remain in the IGMP snooping table without receiving a group report. If a report is not received, the entry is deleted. The range is 10 to 214,748,364 seconds (6.8 years). The default setting is 260 seconds.

IGMP snooping expects at least one device on every VLAN to periodically generate IGMP query messages. Without an IGMP querier, the switch eventually stops forwarding IP multicast packets to any port, because the IGMP snooping entries will time out, based on the value specified in host_timeout or router_timeout.

Example
The following command configures the IGMP snooping timers:
configure igmp snooping timer 600 600

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1535

IP Multicast Commands

configure igmp snooping vlan ports add static group


configure igmp snooping {vlan} <vlanname> ports <portlist> add static group <ip address>

Description
Configures VLAN ports to receive the traffic from a multicast group, even if no IGMP joins have been received on the port.

Syntax Description
vlanname portlist Specifies a VLAN name. Specifies one or more ports or slots and ports. On a modular switch, it can be a list of slots and ports. On a stand-alone switch, it can be one or more port numbers. In the form 1, 2, 3-5, 2:5, 2:6-2:8. Specifies the multicast group IP address.

ip address

Default
None.

Usage Guidelines
Use this command to forward a particular multicast group to VLAN ports. In effect, this command emulates a host on the port that has joined the multicast group. As long as the port is configured with the static entry, multicast traffic for that multicast group will be forwarded to that port. This command is for IGMPv2 only. The switch sends proxy IGMP messages in place of those generated by a real host. The proxy messages use the VLAN IP address for source address of the messages. If the VLAN has no IP address assigned, the proxy IGMP message will use 0.0.0.0 as the source IP address. The multicast group should be in the class-D multicast address space, but should not be in the multicast control subnet range (224.0.0.x/24). If the ports also have an IGMP filter configured, the filter entries take precedence. IGMP filters are configured using the command:
configure igmp snooping vlan <vlan name> ports <portlist> filter <policy file>

Example
The following command configures a static IGMP entry so the multicast group 224.34.15.37 will be forwarded to VLAN marketing on ports 2:1-2:4:
configure igmp snooping marketing ports 2:1-2:4 add static group 224.34.15.37

1536

ExtremeWare XOS 11.3 Command Reference

configure igmp snooping vlan ports add static group

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1537

IP Multicast Commands

configure igmp snooping vlan ports delete static group


configure igmp snooping {vlan} <vlanname> ports <portlist> delete static group [<ip_address> | all]

Description
Removes the port configuration that causes multicast group traffic to be forwarded, even if no IGMP leaves have been received on the port.

Syntax Description
vlanname portlist Specifies a VLAN name. Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports. On a stand-alone switch, can be one or more port numbers. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8. Specifies the multicast group IP address. Delete all the static groups.

ip address all

Default
None.

Usage Guidelines
Use this command to remove an entry created by the following command:
configure igmp snooping vlan <vlan name> ports <portlist> add static group <ip address>

Example
The following command removes a static IGMP entry that forwards the multicast group 224.34.15.37 to the VLAN marketing on ports 2:1-2:4:
configure igmp snooping marketing ports 2:1-2:4 delete static group 224.34.15.37

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1538

ExtremeWare XOS 11.3 Command Reference

configure igmp snooping vlan ports add static router

configure igmp snooping vlan ports add static router


configure igmp snooping {vlan} <vlanname> ports <portlist> add static router

Description
Configures VLAN ports to forward the traffic from all multicast groups, even if no IGMP joins have been received on the port.

Syntax Description
vlanname portlist Specifies a VLAN name. Specifies one or more ports or slots and ports. On a modular switch, it can be a list of slots and ports. On a stand-alone switch, it can be one or more port numbers. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

Default
None.

Usage Guidelines
Use this command to forward all multicast groups to the specified VLAN ports. In effect, this command emulates a multicast router attached to those ports. As long as the ports are configured with the static entry, all available multicast traffic will be forwarded to those ports.

Example
The following command configures a static IGMP entry so all multicast groups will be forwarded to VLAN marketing on ports 2:1-2:4:
configure igmp snooping marketing ports 2:1-2:4 add static router

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1539

IP Multicast Commands

configure igmp snooping vlan ports delete static router


configure igmp snooping vlan <vlanname> ports <portlist> delete static router

Description
Removes the configuration that causes VLAN ports to forward the traffic from all multicast groups, even if no IGMP joins have been received on the port.

Syntax Description
vlanname portlist Specifies a VLAN name. Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports. On a stand-alone switch, can be one or more port numbers. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

Default
None.

Usage Guidelines
Use this command to remove an entry created by the following command:
configure igmp snooping vlan <vlanname> ports <portlist> add static router

Example
The following command removes the static IGMP entry that caused all multicast groups to be forwarded to VLAN marketing on ports 2:1-2:4:
configure igmp snooping marketing ports 2:1-2:4 delete static router

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1540

ExtremeWare XOS 11.3 Command Reference

configure igmp snooping vlan ports filter

configure igmp snooping vlan ports filter


configure igmp snooping vlan <vlanname> ports <portlist> filter [<policy> | none]

Description
Configures an IGMP snooping policy file filter on VLAN ports.

Syntax Description
vlanname portlist Specifies a VLAN name. Specifies one or more ports or slots and ports. On a modular switch, can be a list of slots and ports. On a stand-alone switch, can be one or more port numbers. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8. Specifies the policy file for the filter.

policy

Default
None.

Usage Guidelines
Use this command to filter multicast groups to the specified VLAN ports. The policy file used by this command is a text file that contains the class-D addresses of the multicast groups that you wish to block. To remove IGMP snooping filtering from a port, use the none keyword version of the command. Use the following template to create a snooping filter policy file:
# # Add your group addresses between "Start" and "End" # Do not touch the rest of the file!!!! entry igmpFilter { if match any { #------------------ Start of group addresses -----------------nlri 239.11.0.0/16; nlri 239.10.10.4/32; #------------------- end of group addresses ------------------} then { deny; } } entry catch_all { if { } then {

ExtremeWare XOS 11.3 Command Reference

1541

IP Multicast Commands
permit; } }

Example
The following command configures the policy file ap_multicast to filter multicast packets forwarded to VLAN marketing on ports 2:1-2:4:
configure igmp snooping marketing ports 2:1-2:4 filter ap_multicast

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1542

ExtremeWare XOS 11.3 Command Reference

configure pim add vlan

configure pim add vlan


configure pim add vlan [<vlan_name> | all] {dense | sparse} {passive}

Description
Enables PIM on an IP interface.

Syntax Description
vlan_name all dense sparse passive Specifies a VLAN name. Specifies all VLANs. Specifies PIM dense mode (PIM-DM). Specifies PIM sparse mode (PIM-SM). Specifies a passive interface

Default
Dense.

Usage Guidelines
When an IP interface is created, per-interface PIM configuration is disabled by default. The switch supports both dense mode and sparse mode operation. You can configure dense mode or sparse mode on a per-interface basis. After they are enabled, some interfaces can run dense mode, while others run sparse mode. Passive interfaces do not peer with other PIM routers on the VLAN.

Example
The following command enables PIM-DM multicast routing on VLAN accounting:
configure pim add vlan accounting dense

History
This command was first available in ExtremeWare XOS 10.1. The passive parameter was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1543

IP Multicast Commands

configure pim cbsr


configure pim cbsr [{vlan} <vlan_name> {<priority [0-254]} | none]

Description
Configures a candidate bootstrap router for PIM sparse-mode operation.

Syntax Description
vlan_name priority none Specifies a VLAN name. Specifies a priority setting. The range is 0 - 254. Specifies to delete a CBSR.

Default
The default setting for priority is 0, and indicates the lowest priority.

Usage Guidelines
The VLAN specified for CBSR must have PIM enabled for it to take effect. After PIM is enabled, CBSRs advertise themselves in the PIM domain. A BSR is elected among all the candidates based on CBSR priority. The break the tie among routers with the same priority setting, the router with the numerically higher IP address is chosen.

Example
The following command configures a candidate bootstrap router on the VLAN accounting:
configure pim cbsr vlan accounting 30

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1544

ExtremeWare XOS 11.3 Command Reference

configure pim crp static

configure pim crp static


configure pim crp static <ip_address> [none | <policy>] {<priority> [0254]}

Description
Configures a rendezvous point and its associated groups statically, for PIM sparse mode operation.

Syntax Description
ip_address none policy priority Specifies a static CRP address. Deletes the static rendezvous point. Specifies a policy file name. Specifies a priority setting. The range is 0 - 254.

Default
The default setting for priority is 0, which indicates highest priority.

Usage Guidelines
In PIM-SM, the router sends a join message to the rendezvous point (RP). The RP is a central multicast router that is responsible for receiving and distributing multicast packets. If you use a static RP, all switches in your network must be configured with the same RP address for the same group (range). The policy file contains a list of multicast group addresses served by this RP. This policy file is not used for filtering purposes. As used with this command, the policy file is just a container for a list of addresses. So a typical policy file used for RP configuration will look a little different from a policy used for other purposes. If routers have different group to RP mappings, due to misconfiguration of the static RP (or any other reason), traffic will be disrupted.

Example
The following command statically configures an RP and its associated groups defined in policy file rplist:
configure pim crp static 10.0.3.1 rp-list

The following is a sample policy file:


entry extreme1 { if match any then { nlri nlri nlri nlri { } 224.0.0.0/4 ; 239.255.0.0/24 ; 232.0.0.0/8 ; 238.1.0.0/16 ;

ExtremeWare XOS 11.3 Command Reference

1545

IP Multicast Commands
nlri } } 232.232.0.0/20 ;

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1546

ExtremeWare XOS 11.3 Command Reference

configure pim crp timer

configure pim crp timer


configure pim crp timer <crp_adv_interval>

Description
Configures the candidate rendezvous point advertising interval in PIM sparse mode operation.

Syntax Description
crp_adv_interval Specifies a candidate rendezvous point advertising interval in seconds. The range is 1 to 1,717,986,918.

Default
The default is 60 seconds.

Usage Guidelines
Increasing this time will result in increased convergence time for CRP information to the PIM routers.

Example
The following command configures the candidate rendezvous point advertising interval to 120 seconds:
configure pim crp timer 120

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1547

IP Multicast Commands

configure pim crp vlan


configure pim crp vlan <vlan_name> [none | <policy>] {<priority>}

Description
Configures the dynamic candidate rendezvous (CRP) point for PIM sparse-mode operation.

Syntax Description
vlan_name none policy priority Specifies a VLAN name. Specifies no policy file. Specifies a policy file name. Specifies a priority setting. The range is 0 - 254.

Default
The default setting for priority is 0 and indicates the highest priority.

Usage Guidelines
The policy file contains the list of multicast group addresses serviced by this RP. This set of group addresses are advertised as candidate RPs. Each router then elects the common RP for a group address based on a common algorithm. This group to RP mapping should be consistent on all routers. This policy file is not used for filtering purposes. As used with this command, the policy file is just a container for a list of addresses. So a typical policy file used for RP configuration will look a little different from a policy used for other purposes. The following is a sample policy file which will configure the CRP for the address ranges 239.0.0.0/24 and 232.144.27.0/24:
entry extreme1 { if match any { } then { nlri 239.0.0.0/24 ; nlri 232.144.27.0 ; } }

The VLAN specified for a CRP must have PIM configured. To delete a CRP, use the keyword none as the access policy.

Example
The following command configures the candidate rendezvous point for PIM sparse-mode operation on the VLAN HQ_10_0_3 with the policy rp-list and priority set to 30:
configure pim crp HQ_10_0_3 rp-list 30

1548

ExtremeWare XOS 11.3 Command Reference

configure pim crp vlan

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1549

IP Multicast Commands

configure pim delete vlan


configure pim delete vlan [<vlanname> | all]

Description
Disables PIM on an interface.

Syntax Description
vlan name all Specifies a VLAN name. Specifies all VLANs.

Default
N/A.

Usage Guidelines
None.

Example
The following command disables PIM on VLAN accounting:
configure pim delete vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1550

ExtremeWare XOS 11.3 Command Reference

configure pim register-rate-limit-interval

configure pim register-rate-limit-interval


configure pim register-rate-limit-interval <interval>

Description
Configures the initial PIM-SM periodic register rate.

Syntax Description
interval Specifies an interval time in seconds. Range is 0 - 60. Default is 0.

Default
Default is 0.

Usage Guidelines
Configuring a non-zero interval time can reduce the CPU load on the first hop switch, in case register stop messages are not received normally. When a non-zero value is configured, the first hop switch sends a few register messages and then waits for a corresponding register stop from RP for <time> seconds. The process is repeated until the register stop is received. This command should be used when the (S,G) tree between the first hop router and the RP is not converging quickly. The default value is zero in default mode, the switch sends continuous register messages until the register stop is received.

Example
The following command configures the initial PIM register rate limit interval:
configure pim register-rate-limit-interval 2

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1551

IP Multicast Commands

configure pim register-suppress-interval register-probeinterval


configure pim register-suppress-interval <reg-interval> register-probeinterval <probe_interval>

Description
Configures an interval for periodically sending null-registers.

Syntax Description
reg-interval probe-interval Specifies an interval time in seconds. Range is 30 - 200 seconds. Default is 60. Specifies an interval time in seconds. Default is 5.

Default
The following defaults apply:

register-suppress-interval60 register-probe-interval5

Usage Guidelines
The register-probe-interval time should be set less than the register-suppress-interval time. By default, a null register is sent every 55 seconds (register-suppress-interval - register-probe-interval). A response to the null register is expected within register probe interval. By specifying a larger interval, a CPU peak load can be avoided because the null-registers are generated less frequently. The register probe time should be less than half of the register suppress time, for best results.

Example
The following command configures the register suppress interval and register probe time:
configure pim register-suppress-interval 90 register-probe time 10

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1552

ExtremeWare XOS 11.3 Command Reference

configure pim register-checksum-to

configure pim register-checksum-to


configure pim register-checksum-to [include-data | exclude-data]

Description
Configures the checksum computation to either include data (for compatibility with Cisco Systems products) or to exclude data (for RFC-compliant operation), in the register message.

Syntax Description
include-data exclude-data Specifies to include data. Specifies to exclude data.

Default
Include data.

Usage Guidelines
None.

Example
The following command configures the checksum mode to include data for compatibility with Cisco Systems products:
configure pim register-checksum-to include-data

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1553

IP Multicast Commands

configure pim spt-threshold


configure pim spt-threshold <leaf-threshold> {<rp_threshold>}

Description
Configures the threshold, in kbps, for switching to SPT. On leaf routers, this setting is based on data packets. On the RP, this setting is based on register packets.

Syntax Description
leaf-threshold rp_threshold Specifies the rate of traffic per (s,g,v) group in kbps for the last hop. Range is 0 - 419403. Specifies an RP threshold. Range is 0 - 419403.

Default
The default setting is 0 for both parameters.

Usage Guidelines
For the best performance, use default value of 0.

Example
The following command sets the threshold for switching to SPT:
configure pim spt-threshold 4 16

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1554

ExtremeWare XOS 11.3 Command Reference

configure pim timer vlan

configure pim timer vlan


configure pim timer <hello_interval> <jp_interval> [{vlan} <vlan_name> | vlan all]

Description
Configures the global PIM timers on specified VLAN(s).

Syntax Description
hello_interval jp_interval vlan_name all Specifies the amount of time before a hello message is sent out by the PIM router. The range is 1 to 65,535 seconds. Specifies the join/prune interval. The range is 1 to 65,535 seconds. Specifies a VLAN name. Specifies all VLANs.

Default

hello_interval30 seconds. jp_interval60 seconds.

Usage Guidelines
These default timers should only be adjusted when excess PIM control packets are observed on the interface.

Example
The following command configures the PIM timers on the VLAN accounting:
configure pim timer 150 300 vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1555

IP Multicast Commands

configure pim vlan trusted-gateway


configure pim [{vlan} <vlan_name> | vlan all] trusted-gateway [<policy> | none]

Description
Configures a trusted neighbor policy.

Syntax Description
vlan_name all policy none Specifies a VLAN name. Specifies all VLANs. Specifies an policy file name. Specifies no policy file, so all gateways are trusted.

Default
No policy file, so all gateways are trusted.

Usage Guidelines
Because PIM leverages the unicast routing capability that is already present in the switch, the access policy capabilities are, by nature, different. When the PIM protocol is used for routing IP multicast traffic, the switch can be configured to use an policy file to determine trusted PIM router neighbors for the VLAN on the switch running PIM. This is a security feature for the PIM interface.

Example
The following command configures a trusted neighbor policy on the VLAN backbone:
configure pim vlan backbone trusted-gateway nointernet

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1556

ExtremeWare XOS 11.3 Command Reference

disable igmp

disable igmp
disable igmp {vlan <name>}

Description
Disables IGMP on a router interface. If no VLAN is specified, IGMP is disabled on all router interfaces.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
IGMP is a protocol used by an IP host to register its IP multicast group membership with a router. Periodically, the router queries the multicast group to see if the group is still in use. If the group is still active, hosts respond to the query, and group registration is maintained. IGMP is enabled by default on the switch. However, the switch can be configured to disable the generation and processing of IGMP packets. IGMP should be enabled when the switch is configured to perform IP unicast or IP multicast routing. This command disables IGMPv2 and IGMPv3.

Example
The following command disables IGMP on VLAN accounting:
disable igmp vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1557

IP Multicast Commands

disable igmp snooping


disable igmp snooping {forward-mcrouter-only | with-proxy | vlan <name>}

Description
Disables IGMP snooping.

Syntax Description
forward-mcrouter-only with-proxy name Specifies that the switch forwards all multicast traffic to the multicast router only.

Disables the IGMP snooping proxy.


Specifies a VLAN.

Default
IGMP snooping and the with-proxy option are enabled by default, but forward-mcrouter-only option is disabled by default.

Usage Guidelines
If a VLAN is specified, IGMP snooping is disabled only on that VLAN, otherwise IGMP snooping is disabled on all VLANs. This command applies to both IGMPv2 and IGMPv3. If the switch is in the forward-mcrouter-only mode, then the command disable igmp snooping forward-mcrouter-only changes the mode so that all multicast traffic is forwarded to any IP router. If not in the forward-mcrouter-mode, the command disable igmp snooping forward-mcrouter-only has no effect. To change the snooping mode you must disable IP multicast forwarding. Use the command:
disable ipmcforwarding

The with-proxy option can be used for troubleshooting purpose. It should be enabled for normal network operation. Enabling the proxy allows the switch to suppress the duplicate join requests on a group to forward to the connected Layer 3 switch. The proxy also suppresses unnecessary IGMP leave messages so that they are forwarded only when the last member leaves the group.

Example
The following command disables IGMP snooping on the VLAN accounting:
disable igmp snooping accounting

1558

ExtremeWare XOS 11.3 Command Reference

disable igmp snooping

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1559

IP Multicast Commands

disable ipmcforwarding
disable ipmcforwarding {vlan <name>}

Description
Disables IP multicast forwarding on an IP interface.

Syntax Description
name Specifies a VLAN name.

Default
Disabled.

Usage Guidelines
If no options are specified, all configured IP interfaces are affected. When new IP interfaces are added, IP multicast forwarding is disabled by default. IP forwarding must be enabled before enabling IP multicast forwarding. Disabling IP multicast forwarding disables any Layer 3 multicast routing for the streams coming to the interface.

Example
The following command disables IP multicast forwarding on the VLAN accounting:
disable ipmcforwarding vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1560

ExtremeWare XOS 11.3 Command Reference

disable pim

disable pim
disable pim

Description
Disables PIM on the system.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
The following command disables PIM on the system:
disable pim

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1561

IP Multicast Commands

enable igmp
enable igmp {vlan <vlan name>} {IGMPv1 | IGMPv2 | IGMPv3}

Description
Enables IGMP on a router interface. If no VLAN is specified, IGMP is enabled on all router interfaces.

Syntax Description
vlan name IGMPv1 IGMPv2 IGMPv3 Specifies a VLAN name. Specifies the compatibility mode to IGMPv1. Specifies the compatibility mode to IGMPv2. Specifies the compatibility mode to IGMPv3.

Default
Enabled, set to IGMPv2 compatibility mode.

Usage Guidelines
IGMP is a protocol used by an IP host to register its IP multicast group membership with a router. Periodically, the router queries the multicast group to see if the group is still in use. If the group is still active, IP hosts respond to the query, and group registration is maintained. IGMPv2 is enabled by default on the switch. However, the switch can be configured to disable the generation and processing of IGMP packets. IGMP should be enabled when the switch is configured to perform IP unicast or IP multicast routing.

Example
The following command enables IGMPv2 on the VLAN accounting:
enable igmp vlan accounting

The following command enables IGMPv3 on the VLAN finance:


enable igmp vlan finance igmpv3

History
This command was first available in ExtremeWare XOS 10.1. The IGMPv1, IGMPv2, and IGMPv3 options were added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1562

ExtremeWare XOS 11.3 Command Reference

enable igmp snooping

enable igmp snooping


enable igmp snooping {forward-mcrouter-only | vlan <name>}

Description
Enables IGMP snooping on the switch.

Syntax Description
forward-mcrouter-only name Specifies that the switch forwards all multicast traffic to the multicast router only. Specifies a VLAN.

Default
Enabled.

Usage Guidelines
IGMP snooping is a layer 2 function of the switch. It does not require multicast routing to be enabled. The feature reduces the flooding of IP multicast traffic. On the VLAN, IGMP snooping optimizes the usage of network bandwidth and prevents multicast traffic from being flooded to parts of the network that do not need it. The switch does not reduce any IP multicast traffic in the local multicast domain (224.0.0.x). IGMP snooping is enabled by default on the switch. If you are using multicast routing, IGMP snooping can be enabled or disabled. If IGMP snooping is disabled, all IGMP and IP multicast traffic floods within a given VLAN. If a VLAN is specified, IGMP snooping is enabled only on that VLAN, otherwise IGMP snooping is enabled on all VLANs. This command applies to both IGMPv2 and IGMPv3. An optional optimization for IGMP snooping is the strict recognition of routers only if the remote devices are running a multicast protocol. Two IGMP snooping modes are supported:

The forward-mcrouter-only mode forwards all multicast traffic to the multicast router (that is, the router running PIM or DVMRP). When not in the forward-mcrouter-only mode, the switch forwards all multicast traffic to any IP router (multicast or not), and any active member port to the local network that has one or more subscribers. NOTE

The forward-mcrouter-only mode for IGMP snooping is enabled/disabled on a switch-wide basis, not on a per-VLAN basis. In other words, all the interfaces enabled for IGMP snooping are either in the forward-mcrouter-only mode or in the non-forward-mcrouter-only mode, and not a mixture of the two modes.

ExtremeWare XOS 11.3 Command Reference

1563

IP Multicast Commands To change the snooping mode you must disable IP multicast forwarding. To disable IP multicast forwarding, use the command:
disable ipmcforwarding {vlan <name>}

To change the IGMP snooping mode from the non-forward-mcrouter-only mode to the forwardmcrouter-only mode, use the commands:
disable ipmcforwarding enable igmp snooping forward-mcrouter-only enable ipmcforwarding (vlan <name>}

To change the IGMP snooping mode from the forward-mcrouter-only mode to the non-forwardmcrouter-only mode, use the commands:
disable ipmcforwarding disable igmp snooping forward-mcrouter-only enable ipmcforwarding (vlan <name>}

Example
The following command enables IGMP snooping on the switch:
enable igmp snooping

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1564

ExtremeWare XOS 11.3 Command Reference

enable igmp snooping with-proxy

enable igmp snooping with-proxy


enable igmp snooping with-proxy

Description
Enables the IGMP snooping proxy. The default setting is enabled.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Enabling the proxy allows the switch to suppress the duplicate join requests on a group to forward to the connected Layer 3 switch. The proxy also suppresses unnecessary IGMP leave messages so that they are forwarded only when the last member leaves the group. This command can be used for troubleshooting purpose. It should be enabled for normal network operation. The command does not alter the snooping setting. This feature can be enabled when IGMPv3 is enabled, however it is not effective for IGMPv3.

Example
The following command enables the IGMP snooping proxy:
enable igmp snooping with-proxy

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1565

IP Multicast Commands

enable ipmcforwarding
enable ipmcforwarding {vlan <name>}

Description
Enables IP multicast forwarding on an IP interface.

Syntax Description
name Specifies a VLAN name.

Default
Disabled.

Usage Guidelines
If no options are specified, all configured IP interfaces are affected. When new IP interfaces are added, IPMC forwarding is disabled by default. IP forwarding must be enabled before enabling IPMC forwarding.

Example
The following command enables IPMC forwarding on the VLAN accounting:
enable ipmcforwarding vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1566

ExtremeWare XOS 11.3 Command Reference

enable pim

enable pim
enable pim

Description
Enables PIM on the system.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
None.

Example
The following command enables PIM on the system:
enable pim

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1567

IP Multicast Commands

show igmp
show igmp {vlan} {<vlan name>}

Description
This command can be used to display an IGMP-related configuration and group information, per VLAN.

Syntax Description
vlan name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays the IGMP configuration:
show igmp

The following is sample output from this command:


IGMP: Query Interval: 125 sec Max Response Time: 10 sec Last Member Query: 1 sec Robustness: 2 IGMP Snooping: Router Timeout: 260 sec Host Timeout: 260 sec Igmp Snooping Fast Leave Time: 1000 ms Igmp Snooping Flag: forward-all-router Igmp Snooping Flood-list: none Igmp Snooping Proxy: Enable

VLAN default gho hguo_fo sqa_east vcs1 vcs2

IP Address 0.0.0.0 0.0.0.0 0.0.0.0 1.1.1.1 12.1.1.115 12.1.2.115

/ 0 / 0 / 0 /24 /24 /24

Flags ----z ----z ----z -fmiz Ufmiz Ufmiz

nLRMA 0 0 0 3 6 6

nLeMA IGMPver 0 2 0 2 0 2 0 2 0 2 0 2

1568

ExtremeWare XOS 11.3 Command Reference

show igmp
vcs3 vcs4 vcs5 vcs6 vcs7 vcs8 vhs1 vhs2 vhs3 vhs4 vms1 12.2.3.115 12.2.4.115 12.2.5.115 12.2.6.115 12.2.7.115 12.2.8.115 0.0.0.0 117.2.2.115 117.2.3.115 117.2.4.115 111.1.1.115 /24 /24 /24 /24 /24 /24 / 0 /24 /24 /24 /24 -fmiz Ufmiz -fmiz -fmiz -fmiz -fmiz U---z -fmiz -fmiz -fmiz Ufmiz 3 6 3 3 3 3 0 3 3 3 6 0 1 0 0 0 0 4 0 0 0 7 2 2 2 2 2 2 2 2 2 2 2

Flags: (E) Interface Enabled, (i) IGMP Enabled (m) Multicast Forwarding Enabled (nLeMA) Number of Learned Multicast Addressess (nLRMA) Number of Locally registered Multicast Addresses (U) Interface Up, (z) IGMP Snooping Enabled

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1569

IP Multicast Commands

show igmp group


show igmp group {{vlan} {<name>} | {<grpipaddress>}} {IGMPv3}

Description
Lists the IGMP group membership for the specified VLAN.

Syntax Description
grpipaddress name IGMPv3 Specifies a group IP address. Specifies a VLAN name. Display the IGMP group in IGMPv3 format (if group record is IGMPv3 compatible, otherwise display in earlier format).

Default
IGMPv2.

Usage Guidelines
If no VLAN is specified all VLANs are displayed. You can also filter the display by group address and by multicast stream sender address.

Example
The following command lists the IGMP group membership for the VLAN accounting:
show igmp group accounting

History
This command was first available in ExtremeWare XOS 10.1. The IGMPv3 option was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1570

ExtremeWare XOS 11.3 Command Reference

show igmp snooping

show igmp snooping


show igmp snooping {vlan <name> {port <port>}| detail | cache} {IGMPv3}

Description
Displays IGMP snooping registration information and a summary of all IGMP timers and states.

Syntax Description
name detail cache IGMPv3 Specifies a VLAN name. Displays the information in detailed format. Displays the cache setting for IGMP snooping senders. Display the IGMP group in IGMPv3 format (if group record is IGMPv3 compatible, otherwise display in earlier format).

Default
IGMPv2.

Usage Guidelines
The two types of IGMP snooping entry are sender entry and subscribed entry. The following information is displayed in a per-interface format:

Group membership information Router entry Timeout information Sender entry

Example
The following command displays IGMP snooping registration information for the switch:
show igmp snooping vlan accounting

Output from this command looks similar to the following:


Vlan Vid Port #Senders #Receivers Router Enable -------------------------------------------------------------default 1 0 Yes vhs3 4090 0 Yes vhs4 4089 0 Yes vcs5 15 0 Yes vcs6 16 0 Yes vcs3 4086 0 Yes vcs4 1014 0 Yes 5:7 5 No 5:9 5 No

ExtremeWare XOS 11.3 Command Reference

1571

IP Multicast Commands
5:10 5:11 5:12 5:37 5:39 5:41 5:42 vcs7 vcs8 vhs2 hguo_fo vcs1 vcs2 vhs1 vms1 gho sqa_east 4084 4083 4082 200 12 4:16 22 4:16 1717 4:32 111 4:10 4061 4059 0 0 2 5 Yes Yes Yes 14 0 Yes Yes 8 0 Yes Yes 0 0 0 0 8 0 Yes Yes 5 1 5 5 5 5 5 No No No No No No No Yes Yes Yes Yes Yes

The following command displays IGMP snooping registration information on the VLAN accounting:
show igmp snooping vlan accounting

Output from this command looks similar to the following:


VLAN accounting (4093) Snooping=Enabled Port Host Subscribed Age 5:10 192.206.38.103 235.1.1.1(s) 0 5:12 192.206.38.103 235.1.1.1(s) 0 5:13 192.206.38.103 235.1.1.1(s) 0 5:14 192.206.38.103 235.1.1.1(s) 0 s = static igmp member

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1572

ExtremeWare XOS 11.3 Command Reference

show igmp snooping vlan filter

show igmp snooping vlan filter


show igmp snooping {vlan} <name> filter

Description
Displays IGMP snooping filters.

Syntax Description
name Specifies a VLAN name.

Default
None.

Usage Guidelines
Use this command to display IGMP snooping filters configured on the specified VLAN. When no VLAN is specified, all the filters will be displayed.

Example
The following command displays the IGMP snooping filter configured on VLAN vlan101:
show igmp snooping vlan101 filter

The output of the command will be similar to the following:


Filter igmppermit0 Flags: (a) Active Port Flags 5:10 a

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1573

IP Multicast Commands

show igmp snooping vlan static


show igmp snooping vlan <name> static [group | router]

Description
Displays static IGMP snooping entries.

Syntax Description
name Specifies a VLAN name.

Default
None.

Usage Guidelines
Use this command to display the IGMP snooping static groups or router ports configured on the specified VLAN. When no VLAN is specified, all the static groups or router ports will be displayed.

Example
The following command displays the IGMP snooping static groups configured on VLAN vlan101:
show igmp snooping vlan101 static group

The output of the command will be similar to the following:


VLAN vlan101 (4094) Group 239.1.1.2 239.1.1.2 239.1.1.2 239.1.1.2 239.1.1.2 Port 29 30 31 32 34 Flags sssa ss-

Total number of configured static IGMP groups = 5 Flags: (s) Static, (a) Active

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1574

ExtremeWare XOS 11.3 Command Reference

show l2stats

show l2stats
show l2stats {vlan <vlan_name>}

Description
Displays the counters for the number of packets bridged, switched, and snooped.

Syntax Description
vlan_name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
None.

Example
The following command displays the counters for the number of packets bridged, switched, and snooped for the VLAN accounting:
show l2stats accounting

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1575

IP Multicast Commands

show pim
show pim {detail | rp-set {<group_addr>} | vlan <vlan_name>}

Description
Displays the PIM configuration and statistics.

Syntax Description
detail group_addr vlan_name Specifies to display the detailed format. Specifies an IP multicast group, for which the RP is to be displayed. Specifies a VLAN name.

Default
If no VLAN is specified, the configuration is displayed for all PIM interfaces. If no multicast group is specified for the rp-set option (Rendezvous Point set), all RPs are displayed.

Usage Guidelines
The detail version of this command displays the global statistics for PIM, as well as the details of each PIM enabled VLAN.

Examples
The following command displays the PIM configuration and statistics for the VLAN accounting:
show pim accounting

The following is sample output from the command:


PIM SPARSE Interface[6] on VLAN accounting is enabled and up IP adr: 10.10.10.2 mask: 255.255.255.0 DR of the net: 10.10.10.2 Passive : No Hello Interval : 30 sec Neighbor Time out : 105 sec Join/Prune Interval : 60 sec Join/Prune holdtime : 210 sec Trusted Gateway : none CRP group List : pim-rp2 with priority 0 Shutdown priority : 1024 Packet Statistics (In/Out) Hellos 0 3 Bootstraps 0 1 Join/Prunes 0 0 Asserts 0 0 Grafts 0 0 GraftAcks 0 0

1576

ExtremeWare XOS 11.3 Command Reference

show pim The following command displays the elected, active RP for the group 239.255.255.1:
show pim rp-set 239.255.255.1

The following is sample output from the command:


Group Mask C-RP 224.0.0.0 240.0.0.0 10.10.10.2 224.0.0.0 240.0.0.0 124.124.124.124 224.0.0.0 240.0.0.0 124.124.124.124 239.255.255.0 255.255.255.0 124.124.124.124 Elected RP is 124.124.124.124 Origin Bootstrap Bootstrap static Bootstrap Priority 0 0 0 0

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1577

IP Multicast Commands

show pim cache


show pim cache {detail} {<group_addr> {<source_addr>}}

Description
Displays the IP multicast forwarding cache.

Syntax Description
detail group_addr source_addr Specifies to display the information in detailed format. Specifies an IP group address. Specifies an IP source address.

Default
N/A.

Usage Guidelines
Displays the following information:

IP group address IP source address / source mask Upstream neighbor (RPF neighbor) Interface (VLAN) to upstream neighbor Cache expire time Egress and prune interface list

When the detail option is specified, the switch displays the egress VLAN list and the pruned VLAN list.

Example
The following command displays the PIM cache entry for group 239.255.255.1:
show pim cache 239.255.255.1

The following is sample output from this command:


Index Dest Group Source InVlan Origin [0000] 239.255.255.1 124.124.124.124 (WR) v4 Sparse Entry timer is not run; UpstNbr: 200.124.124.24 EgressIfList = vbs15(0)(FW)(SM)(I) [0001] 239.255.255.1 118.5.1.1 (S) vbs5 Sparse Expires after 186 secs UpstNbr: 0.0.0.0 RP: 124.124.124.124 via 200.124.124.24 in v4 EgressIfList = vbs15(0)(FW)(SM)(I) , vpim5(170)(FW)(SM)(S) PrunedIfList = v4(0)(SM)

1578

ExtremeWare XOS 11.3 Command Reference

show pim cache

Number of multicast cache = 20 Entry flags :R: shared tree Egress/Pruned interface flags :SM: Sparse Mode Fw: Forwarding AL: Assert Loser I: IGMP member present Z: (*,g) join received

S: source tree DM: PP: N: S: Y: Dense Mode Prune pending Neighbor present (s,g) join received (*,*,rp) join received

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1579

IP Multicast Commands

unconfigure igmp
unconfigure igmp

Description
Resets all IGMP settings to their default values and clears the IGMP group table.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command resets all IGMP settings to their default values and clears the IGMP group table:
unconfigure igmp

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1580

ExtremeWare XOS 11.3 Command Reference

unconfigure pim

unconfigure pim
unconfigure pim {vlan <vlan_name>}

Description
Resets all PIM settings on one or all VLANs to their default values.

Syntax Description
vlan_name Specifies the VLAN from which PIM is to be unconfigured.

Default
If no VLAN is specified, the configuration is reset for all PIM interfaces.

Usage Guidelines
None.

Example
The following command resets all PIM settings on the VLAN accounting:
unconfigure pim vlan accounting

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1581

IP Multicast Commands

1582

ExtremeWare XOS 11.3 Command Reference

30 IPv6 Multicast Commands


IPv6 multicast routing is a function that allows a single IPv6 host to send a packet to a group of IPv6 hosts. This group of hosts can include devices that reside on or outside the local network, or within or across a routing domain. IPv6 multicast routing consists of the following functions:

A router that can forward IPv6 multicast packets A router-to-router multicast protocol [for example, Protocol Independent Multicast (PIM)] A method for the IPv6 host to communicate its multicast group membership to a router [for example, Multicast Listener Discovery (MLD)] NOTE

You must configure IPv6 unicast routing before you configure IPv6 multicast routing.

MLD is a protocol used by an IPv6 host to register its IP multicast group membership with a router. Periodically, the router queries the multicast group to see if the group is still in use. If the group is still active, a single IP host responds to the query, and group registration is maintained. MLDv1 is currently supported on the switch.

NOTE
In the current release of ExtremeWare XOS (11.3), IPv6 multicast packets are flooded to VLANs that receive the traffic.

ExtremeWare XOS 11.3 Command Reference

1583

IPv6 Multicast Commands

clear mld group


clear mld group {<v6grpipaddress>} {{vlan} <name>}

Description
Removes one or all MLD groups.

Syntax Description
name v6grpipaddress Specifies a VLAN name. Specifies the group IP address.

Default
N/A.

Usage Guidelines
This command is used to manually remove learned MLD group entries instantly.

Example
The following command clears all MLD groups from VLAN accounting:
clear mld group accounting

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1584

ExtremeWare XOS 11.3 Command Reference

clear mld snooping

clear mld snooping


clear mld snooping {{vlan} <name>}

Description
Removes one or all MLD snooping entries.

Syntax Description
name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
This command can be used by network operations to manually remove MLD snooping entries instantly. However, removing an MLD snooping entry can disrupt the normal forwarding of multicast traffic, until the snooping entries are learned again. The static and dynamic MLD snooping entries will be removed, then recreated upon the next general query. The static router entry is removed and recreated immediately.

Example
The following command clears MLD snooping from VLAN accounting:
clear mld snooping accounting

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1585

IPv6 Multicast Commands

configure mld
configure mld <query_interval> <query_response_interval> <last_member_query_interval> {<robustness>}

Description
Configures the Multicast Listener Discovery (MLD) timers.

Syntax Description
query_interval query_response_interval last_member_query_interval robustness Specifies the interval (in seconds) between general queries. Specifies the maximum query response time (in seconds). Specifies the maximum group-specific query response time (in seconds). Specifies the degree of robustness for the network.

Default

query interval125 seconds query response interval10 seconds last member query interval1 second robustness2

Usage Guidelines
Timers are based on RFC2710. Specify the following:

query intervalThe amount of time, in seconds, the system waits between sending out general queries. The range is 1 to 429,496,729 seconds. query response intervalThe maximum response time inserted into the periodic general queries. The range is 1 to 25 seconds. last member query intervalThe maximum response time inserted into a group-specific query sent in response to a leave group message. The range is 1 to 25 seconds. robustnessThe degree of robustness of the network. The range is 2 to 7.

Example
The following command configures the MLD timers:
configure mld 100 5 1 3

History
This command was first available in ExtremeWare XOS 11.2.

1586

ExtremeWare XOS 11.3 Command Reference

configure mld

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1587

IPv6 Multicast Commands

configure mld snooping vlan ports add static group


configure mld snooping {vlan} <vlanname> ports <portlist> add static group <v6grpipaddress>

Description
Configures VLAN ports to receive the traffic from a multicast group, even if no MLD joins have been received on the port.

Syntax Description
vlanname portlist Specifies a VLAN name. Specifies one or more ports or slots and ports. On a modular switch, it can be a list of slots and ports. On a stand-alone switch, it can be one or more port numbers. In the form 1, 2, 3-5, 2:5, 2:6-2:8. Specifies the multicast group IPv6 address.

v6grpipaddress

Default
None.

Usage Guidelines
Use this command to forward a particular multicast group to VLAN ports. In effect, this command emulates a host on the port that has joined the multicast group. As long as the port is configured with the static entry, multicast traffic for that multicast group will be forwarded to that port. The switch sends proxy MLD messages in place of those generated by a real host. The proxy messages use the VLAN IPv6 address for source address of the messages. If the VLAN has no IPv6 address assigned, the proxy MLD message will use 0::0 as the source IP address.

NOTE
In the current implementation, multicast traffic is flooded to the VLAN.

Example
The following command configures a static MLD entry so the multicast group ff02::1:1 will be forwarded to VLAN marketing on ports 2:1-2:4:
configure mld snooping marketing ports 2:1-2:4 add static group ff02::1:1

History
This command was first available in ExtremeWare XOS 11.2.

1588

ExtremeWare XOS 11.3 Command Reference

configure mld snooping vlan ports add static group

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1589

IPv6 Multicast Commands

configure mld snooping vlan ports delete static group


configure mld snooping {vlan} <vlanname> ports <portlist> delete static group [all | <v6grpipaddress>]

Description
Removes the configuration that causes VLAN ports to receive the traffic from a multicast group, even if no MLD joins have been received on the port.

Syntax Description
vlanname portlist Specifies a VLAN name. Specifies one or more ports or slots and ports. On a modular switch, it can be a list of slots and ports. On a stand-alone switch, it can be one or more port numbers. In the form 1, 2, 3-5, 2:5, 2:6-2:8. Specifies all multicast groups. Specifies the multicast group IPv6 address.

all v6grpipaddress

Default
None.

Usage Guidelines
Use this command to delete a static group from a particular VLAN port. To add a static group, use the following command:
configure mld snooping {vlan} <vlanname> ports <portlist> add static group <v6grpipaddress>

Example
The following command removes a static MLD entry so the multicast group ff02::a:b will not be forwarded to VLAN marketing on ports 2:1-2:4, unless an MLD join message is received on the port:
configure mld snooping marketing ports 2:1-2:4 delete static group ff02::a:b

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1590

ExtremeWare XOS 11.3 Command Reference

configure mld snooping vlan ports add static router

configure mld snooping vlan ports add static router


configure mld snooping {vlan} <vlanname> ports <portlist> add static router

Description
Configures VLAN ports to forward the traffic from all multicast groups, even if no MLD joins have been received on the port.

Syntax Description
vlanname portlist Specifies a VLAN name. Specifies one or more ports or slots and ports. On a modular switch, it can be a list of slots and ports. On a stand-alone switch, it can be one or more port numbers. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

Default
None.

Usage Guidelines
Use this command to forward all multicast groups to the specified VLAN ports. In effect, this command emulates a multicast router attached to those ports. As long as the ports are configured with the static entry, all available multicast traffic will be forwarded to those ports.

Example
The following command configures a static MLD entry so all multicast groups will be forwarded to VLAN marketing on ports 2:1-2:4:
configure mld snooping marketing ports 2:1-2:4 add static router

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1591

IPv6 Multicast Commands

configure mld snooping vlan ports delete static router


configure mld snooping {vlan} <vlanname> ports <portlist> delete static router

Description
Configures VLAN ports to stop forwarding the traffic from all multicast groups, unless MLD joins have been received on the port.

Syntax Description
vlanname portlist Specifies a VLAN name. Specifies one or more ports or slots and ports. On a modular switch, it can be a list of slots and ports. On a stand-alone switch, it can be one or more port numbers. May be in the form 1, 2, 3-5, 2:5, 2:6-2:8.

Default
None.

Usage Guidelines
Use this command to remove the configuration that forwards all multicast groups to the specified VLAN ports.

Example
The following command removes a static MLD entry so all multicast groups will not be forwarded to VLAN marketing on ports 2:1-2:4, unless an MLD join is received on the port:
configure mld snooping marketing ports 2:1-2:4 delete static router

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1592

ExtremeWare XOS 11.3 Command Reference

configure mld snooping flood-list

configure mld snooping flood-list


configure mld snooping flood-list [<policy> | none]

Description
Configures certain multicast addresses to be slow path flooded within the VLAN.

Syntax Description
policy none Specifies a policy file with a list of multicast addresses to be handled. Specifies no policy file is to be used.

Default
None.

Usage Guidelines
With this command, a user can configure certain multicast addresses to be slow path flooded within the VLAN, which otherwise will be fast path forwarded according to MLD and/or layer 3 multicast protocol. A policy file is a text file with the extension, .pol. It can be created or edited with any text editor. The specified policy file <policy file> should contain a list of addresses which will determine if certain multicast streams are to be treated specially. Typically, if the switch receives a stream with a destination address which is in the <policy file> in 'permit' mode, that stream will be software flooded and no hardware entry would be installed. When adding an IPv6 address into the policy file, a 128-bit host address is recommended. This feature is meant to solve the multicast connectivity problem for unknown destination addresses within system reserved ranges. Specifically this feature was introduced to solve the problem of recognizing certain stream as control packets. To create a policy file for the snooping flood-list, use the following template:
# # This is a template for MLD Snooping Flood-list Policy File # Add your group addresses between "Start" and "End" # Do not touch rest of file!!!! entry mldFlood { if match any { #------------------ Start of group addresses -----------------nlri ff05::100:1/128; nlri ff05::100:15/128; #------------------- end of group addresses ------------------} then { permit; }

ExtremeWare XOS 11.3 Command Reference

1593

IPv6 Multicast Commands


} entry catch_all { if { } then { deny; } }

NOTE
The switch will not validate any IP address in the policy file used in this command. Therefore, slow-path flooding should be used only for streams which are very infrequent, such as control packets. It should not be used for multicast data packets. This option overrides any default mechanism of hardware forwarding (with respect to MLD or PIM) so it should be used with caution.

Slow path flooding will be done within the L2 VLAN only. Use the none option to effectively disable slow path flooding. You can use the show mld command to see the configuration of slow path flooding.

NOTE
This command has no effect in the current release (11.3), since IPv6 multicast traffic floods on all platforms.

Example
The following command configures the multicast data stream specified in access1 for slow path flooding:
configure mld snooping flood-list access1

The following command specifies that no policy file is to be used, this effectively disabling slow path flooding:
configure mld snooping flood-list none

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1594

ExtremeWare XOS 11.3 Command Reference

configure mld snooping leave-timeout

configure mld snooping leave-timeout


configure mld snooping leave-timeout <leave_timeout_ms>

Description
Configures the MLD snooping leave timeout.

Syntax Description
leave_timeout_ms Specifies an MLD leave timeout value in milliseconds, upon receiving an MLD done message.

Default
1000 ms.

Usage Guidelines
The range is 0 - 10000 ms (10 seconds). For timeout values of one second or less, you must set the leavetimeout to a multiple of 100 ms. For values of more than one second, you must set the leave-timeout to a multiple of 1000 ms (one second). The specified time is the maximum leave timeout value. The switch could leave sooner if an MLD done message is received before the timeout occurs.

Example
The following command configures the MLD snooping leave timeout:
configure mld snooping leave-timeout 10000

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1595

IPv6 Multicast Commands

configure mld snooping timer


configure mld snooping timer <router_timeout> <host_timeout>

Description
Configures the MLD snooping timers.

Syntax Description
router_timeout host_timeout Specifies the time in seconds before removing a router snooping entry. Specifies the time in seconds before removing a hosts group snooping entry.

Default
The router timeout default setting is 260 seconds. The host timeout setting is 260 seconds.

Usage Guidelines
Timers should be set to approximately 2.5 times the router query interval in use on the network. Specify the following:

router timeoutThe maximum time, in seconds, that a router snooping entry can stay without receiving a router report.. The range is 10 to 214,748,364 seconds (6.8 years). The default setting is 260 seconds. host timeoutThe maximum time, in seconds, that a group snooping entry can stay without receiving a group report. The range is 10 to 214,748,364 seconds (6.8 years). The default setting is 260 seconds.

MLD snooping is a layer 2 function of the switch. It does not require multicast routing to be enabled. The feature reduces the flooding of IPv6 multicast traffic. On the VLAN, MLD snooping optimizes the usage of network bandwidth and prevents multicast traffic from being flooded to parts of the network that do not need it. The switch does not reduce any IP multicast traffic in the local multicast domain (FF02::x). MLD snooping is enabled by default on the switch. MLD snooping expects at least one device on every VLAN to periodically generate MLD query messages. Without an MLD querier, the switch eventually stops forwarding IPv6 multicast packets to any port, because the MLD snooping entries will time out, based on the value specified in host timeout. Example The following command configures the MLD snooping timers:
configure mld snooping timer 600 600

History
This command was first available in ExtremeWare XOS 11.2.

1596

ExtremeWare XOS 11.3 Command Reference

configure mld snooping timer

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1597

IPv6 Multicast Commands

disable mld
disable mld {vlan <name>}

Description
Disables MLD on a router interface. If no VLAN is specified, MLD is disabled on all router interfaces.

Syntax Description
name Specifies a VLAN name.

Default
Enabled.

Usage Guidelines
MLD is a protocol used by an IPv6 host to register its IPv6 multicast group membership with a router. Periodically, the router queries the multicast group to see if the group is still in use. If the group is still active, hosts respond to the query, and group registration is maintained. MLD is enabled by default on the switch. However, the switch can be configured to disable the generation and processing of MLD packets. MLD should be enabled when the switch is configured to perform IPv6 unicast or IPv6 multicast routing. This command disables all MLD versions.

Example
The following command disables MLD on VLAN accounting:
disable mld vlan accounting

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1598

ExtremeWare XOS 11.3 Command Reference

disable mld snooping

disable mld snooping


disable mld snooping {forward-mcrouter-only | with-proxy | vlan <name>}

Description
Disables MLD snooping.

Syntax Description
forward-mcrouter-only with-proxy name Specifies that the switch forwards all multicast traffic to the multicast router only.

Disables the MLD snooping proxy.


Specifies a VLAN.

Default
MLD snooping and the with-proxy option are enabled by default, but forward-mcrouter-only option is disabled by default.

Usage Guidelines
If a VLAN is specified, MLD snooping is disabled only on that VLAN, otherwise MLD snooping is disabled on all VLANs. If the switch is in the forward-mcrouter-only mode, then the command disable mld snooping forward-mcrouter-only changes the mode so that all multicast traffic is forwarded to any IP router. If not in the forward-mcrouter-mode, the command disable mld snooping forward-mcrouter-only has no effect. The with-proxy option can be used for troubleshooting purpose. It should be enabled for normal network operation. Enabling the proxy allows the switch to suppress the duplicate join requests on a group to forward to the connected Layer 3 switch. The proxy also suppresses unnecessary MLD done messages so that they are forwarded only when the last member leaves the group.

Example
The following command disables MLD snooping on the VLAN accounting:
disable mld snooping accounting

History
This command was first available in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

1599

IPv6 Multicast Commands

Platform Availability
This command is available on all platforms.

1600

ExtremeWare XOS 11.3 Command Reference

enable mld

enable mld
enable mld {vlan <vlan name>} {MLDv1 | MLDv2}

Description
Enables MLD on a router interface. If no VLAN is specified, MLD is enabled on all router interfaces.

Syntax Description
vlan name MLDv1 MLDv2 Specifies a VLAN name. Specifies the compatibility mode to MLDv1. Specifies the compatibility mode to MLDv2.

Default
Enabled, set to MLDv1 compatibility mode.

Usage Guidelines
MLD is a protocol used by an IPv6 host to register its IPv6 multicast group membership with a router. Periodically, the router queries the multicast group to see if the group is still in use. If the group is still active, IPv6 hosts respond to the query, and group registration is maintained. MLDv1 is enabled by default on the switch. However, the switch can be configured to disable the generation and processing of MLD packets. A VLAN must have an IPv6 address to support MLD.

NOTE
MLDv2 is not supported in ExtremeWare XOS 11.3.

Example
The following command enables MLDv1 on the VLAN accounting:
enable mld vlan accounting

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1601

IPv6 Multicast Commands

enable mld snooping


enable mld snooping {forward-mcrouter-only | vlan <name>}

Description
Enables MLD snooping on the switch.

Syntax Description
forward-mcrouter-only name Specifies that the switch forwards all multicast traffic to the multicast router only. Specifies a VLAN.

Default
Enabled.

Usage Guidelines
If a VLAN is specified, MLD snooping is enabled only on that VLAN, otherwise MLD snooping is enabled on all VLANs. A VLAN must have an IPv6 address to support MLD. Two MLD snooping modes are supported:

The forward-mcrouter-only mode forwards all multicast traffic to the multicast router (that is, the router running PIM). When not in the forward-mcrouter-only mode, the switch forwards all multicast traffic to any IP router (multicast or not), and any active member port to the local network that has one or more subscribers. NOTE

The forward-mcrouter-only mode for MLD snooping is enabled/disabled on a switch-wide basis, not on a per-VLAN basis. In other words, all the interfaces enabled for MLD snooping are either in the forward-mcrouter-only mode or in the non-forward-mcrouter-only mode, and not a mixture of the two modes.

To change the MLD snooping mode from the non-forward-mcrouter-only mode to the forwardmcrouter-only mode, use the commands: enable mld snooping forward-mcrouter-only

To change the MLD snooping mode from the forward-mcrouter-only mode to the non-forwardmcrouter-only mode, use the commands: disable mld snooping forward-mcrouter-only

1602

ExtremeWare XOS 11.3 Command Reference

enable mld snooping

Example
The following command enables MLD snooping on the switch:
enable mld snooping

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1603

IPv6 Multicast Commands

enable mld snooping with-proxy


enable mld snooping with-proxy

Description
Enables the MLD snooping proxy. The default setting is enabled.

Syntax Description
This command has no arguments or variables.

Default
Enabled.

Usage Guidelines
Enabling the proxy allows the switch to suppress the duplicate join requests on a group to forward to the connected Layer 3 switch. The proxy also suppresses unnecessary MLD leave messages so that they are forwarded only when the last member leaves the group. This command can be used for troubleshooting purpose. It should be enabled for normal network operation. The command does not alter the snooping setting.

Example
The following command enables the MLD snooping proxy:
enable mld snooping with-proxy

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1604

ExtremeWare XOS 11.3 Command Reference

show mld

show mld
show mld {vlan} {<vlan name>}

Description
This command can be used to display an MLD-related configuration and group information, per VLAN or for the switch as a whole.

Syntax Description
vlan name Specifies a VLAN name.

Default
N/A.

Usage Guidelines
If you do not specify a VLAN, the command displays the switch configuration.

Example
The following command displays the MLD configuration:
show mld

The following is sample output from this command:


MLD: Query Interval: 125 sec Max Response Time: 10 sec Last Member Query: 1 sec Robustness: 2 MLD Snooping: Router Timeout: 260 sec Host Timeout: 260 sec MLD Snooping Fast Leave Time: 1000 ms MLD Snooping Flag: forward-all-router MLD Snooping Flood-list: none MLD Snooping Proxy: Enable

VLAN Default loopb red yellow

IP Address ::/0 ::/0 fe80::2e0:81ff:fe22:5724/64 ::/0

Flags nLRMA U--iz 0 U--iz 0 U--iz 0 U--iz 0

nLeMA MLDver 0 1 0 1 0 2 0 1

Flags: (E) Interface Enabled, (i) MLD Enabled

ExtremeWare XOS 11.3 Command Reference

1605

IPv6 Multicast Commands


(f) Forwarding Enabled, (m) Multicast Forwarding Enabled (nLeMA) Number of Learned Multicast Addressess (nLRMA) Number of Locally registered Multicast Addresses (U) Interface Up, (z) MLD Snooping Enabled

The following command displays the MLD configuration for the VLAN red:
show mld red

The following is sample output from this command:


Interface on VLAN red is enabled and up. inet6 fe80::2e0:81ff:fe22:5724/64 Locally registered multicast addresses: Learned multicast addresses(Last Querier=fe80::2e0:81ff:fe22:5724):

s = static igmp member Flags: IP Fwding MLD Ver

NO v1

IPmc Fwding NO Snooping YES

MLD YES

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1606

ExtremeWare XOS 11.3 Command Reference

show mld group

show mld group


show mdl group {{vlan} {<name>} | {<v6grpipaddress>}} {MLDv2}

Description
Lists the MLD group membership for the specified VLAN.

Syntax Description
v6

grpipaddress name MLDv2

Specifies a group IPv6 address. Specifies a VLAN name. Display the MLD group in MLDv2 format (if group record is MLDv2 compatible, otherwise display in earlier format).

Default
MLDv1.

Usage Guidelines
If no VLAN is specified all VLANs are displayed. You can also filter the display by group address and by multicast stream sender address.

Example
The following command lists the MLD group membership for the VLAN accounting:
show mld group vtest3

Output from this command looks similar to the following:


Group Address ff03::1:1 ff03::1:2 ff02::1:ff22:124 ff05::a:abcd ff05::a:abce ff02::1:ff22:112 ff02::1:ff1f:a418 Ver 1 1 1 1 1 1 1 Vlan vtest3 vtest3 vtest3 vtest3 vtest3 vtest3 vtest3 Port 4:5 4:5 4:45 4:15 4:15 4:45 4:45 Age 25 25 26 23 23 26 26

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1607

IPv6 Multicast Commands

show mld snooping


show mld snooping {vlan <name> | detail} {MLDv2}

Description
Displays MLD snooping registration information and a summary of all MLD timers and states.

Syntax Description
name detail cache MLDv2 Specifies a VLAN name. Displays the information in detailed format. Displays the cache setting for MLD snooping senders. Display the MLD group in MLDv2 format (if group record is MLDv2 compatible, otherwise display in earlier format).

Default
MLDv1.

Usage Guidelines
The two types of MLD snooping entries are sender entry and subscribed entry. The following information is displayed in a per-interface format:

Group membership information Router entry Timeout information Sender entry

Example
The following command displays MLD snooping registration information for the VLAN red:
show mld snooping vlan test3

Output from this command looks similar to the following:


VLAN vtest3 (133) Snooping=Enabled Port Host Subscribed 4:5 fe80::200:ff:fe00:1 ff03::1:1 4:5 fe80::200:ff:fe00:1 ff03::1:2 4:15 fe80::200:ff:fe00:201 ff05::a:abcd 4:15 fe80::200:ff:fe00:201 ff05::a:abce 4:45 fe80::204:96ff:fe1f:a418 Age 10 10 8 8

1608

ExtremeWare XOS 11.3 Command Reference

show mld snooping


ff02::1:ff1f:a418 4:45 4:45 4:45 fe80::204:96ff:fe1f:a418 ff02::1:ff22:112 fe80::201:30ff:fef9:9b90 ff02::1:ff22:124 fe80::201:30ff:fef9:9b90 All Groups 11 11 11 11

s = static igmp member

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1609

IPv6 Multicast Commands

show mld snooping vlan static


show mld snooping vlan <name> static [group | router]

Description
Displays static MLD snooping entries.

Syntax Description
name Specifies a VLAN name.

Default
None.

Usage Guidelines
Use this command to display the MLD snooping static groups or router ports configured on the specified VLAN. When no VLAN is specified, all the static groups or router ports will be displayed.

Example
The following command displays the MLD snooping static groups configured on VLAN vlan101:
show mld snooping vlan101 static group

The following is sample output for this command:


Group ff03::1:1:1 ff03::1:1:1 Flags: (s) Static, (a) Active Port 7 15 Flags sa sa

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1610

ExtremeWare XOS 11.3 Command Reference

unconfigure mld

unconfigure mld
unconfigure mld

Description
Resets all MLD settings to their default values and clears the MLD group table.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
None.

Example
The following command resets all MLD settings to their default values and clears the MLD group table:
unconfigure mld

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1611

IPv6 Multicast Commands

1612

ExtremeWare XOS 11.3 Command Reference

Configuration and Image Commands

This appendix describes commands for:


Downloading and using a new switch software image Saving, uploading, and downloading switch configuration information Downloading and installing a new BootROM image and switch rebooting

The switch software image contains the executable code that runs on the switch. An image comes preinstalled from the factory. The image can be upgraded by downloading a new version from a Trivial File Transfer Protocol (TFTP) server on the network. If you have a modular switch, you can also download a new version from the external compact flash memory card installed in the external compact flash slot of the Management Switch Fabric Module (MSM). A switch can store up to two images; a primary and a secondary image. You can download a new image into either one of these, and you can select which image will load on the next switch reboot. The configuration is the customized set of parameters that you have selected to run on the switch. As you make configuration changes, the new settings are stored in run-time memory. To retain the settings, and have them load when you reboot the switch, you must save the configuration to nonvolatile storage. The switch can store multiple user-defined configuration files, each with its own file name. By default, the switch has two pre-named configurations: a primary and a secondary configuration. You can select to which configuration you want the changes saved, or you can save the changes to a new configuration file. You can also select which configuration will be used on the next switch reboot. The BootROM initializes certain important switch variables during the switch boot process. In specific situations, you can upgrade the BootROM on the Summit X450 switch and the BlackDiamond 10K switch by download from a TFTP server on the network. On the BlackDiamond 8800 family of switches (formerly known as Aspen), you can upgrade the firmware, including the BootROM, when you upgrade the software image.

ExtremeWare XOS 11.3 Command Reference

1613

Configuration and Image Commands

configure firmware
configure firmware [auto-install | install-on-demand]

Description
Configures how the BlackDiamond 8800 family of switches perform a system firmware upgrade.

Syntax Description
auto-install Specifies ExtremeWare XOS to automatically upgrade the firmware if the software detects a newer firmware image is available. The switch does not prompt you to confirm the firmware upgrade. Specifies the switch to prompt you to upgrade the firmware when ExtremeWare XOS determines that a newer firmware image is available. This is the default behavior.

install-on-demand

Default
The default is install-on-demand.

Usage Guidelines
Use the configure firmware [auto-install | install-on-demand] and install firmware {force} commands to upgrade the BootROM images on the MSM and I/O modules and the firmware on the PSU controllers installed in the BlackDiamond 8800 family of switches. If you use the install firmware {force} command, specify the force parameter only under guidance from Extreme Networks Technical Support personnel. Forcing a firmware upgrade may cause incompatibility issues between the firmware and the software installed on the MSM. Firmware images are bundled with ExtremeWare XOS software images. ExtremeWare XOS automatically compares the existing firmware image flashed into the hardware with the firmware image bundled with the ExtremeWare XOS image when you:

Download a new version of ExtremeWare XOS to the active partition. Install a new module into an active chassis.

After a firmware image upgrade, messages are sent to the log. If you select the auto-install parameter, you are not prompted to confirm the firmware upgrade. Whenever ExtremeWare XOS determines a newer firmware image is available, the firmware is automatically upgraded. If you use the default configuration install-on-demand, you have the opportunity to cancel the firmware upgrade. If you install a new software image, and a new firmware image is available, the switch prompts you to upgrade the firmware. Enter y to upgrade the firmware image. Enter n to cancel the firmware upgrade for the specified hardware and continue scanning for other hardware that needs to be upgraded.

1614

ExtremeWare XOS 11.3 Command Reference

configure firmware If you download a new image and new firmware images are available, you see messages similar to the following:
download image bd8800-11.3.0.10.xos Do you want to install image after downloading? (y - yes, n - no, <cr> - cancel) Yes Downloading to MSMA..................................................................................... ............. Image will be installed to the active partition, a reboot required. Do you want to continue? (y/n) Yes Do you want to save configuration changes to primary.cfg? (y or n) Yes Saving configuration on primary MSM ............. done! Installing to primary partition! Installing to MSMA..................................................................................... ...................................................................................... ...................................................................................... ...................................................................................... ...................................................................................... ....................................................................... Image installed successfully Installing version 1.0.0.16 of the MSM bootrom(s). Do you want to continue? (y/n) Yes Installing version 1.0.0.24 of the IO module bootrom(s). Do you want to continue? (y/n) Yes Installing version 2.4 of the PSU control module firmware. Do you want to continue? (y/n) Yes Installing bootrom...

MSM bootrom(s) installed successfully Installing bootrom...

IO module bootrom(s) installed successfully Installing firmware...

PSU controller firmware installed successfully ...

Displaying BootROM and Firmware Versions. To display the BootROM (firmware) version for all modules and PSU controllers installed in the switch, use the show version command. Recovering From a Corrupted BootROM. If your default BootROM image becomes corrupted, you can force the MSM to boot from an alternate BootROM image by inserting a pen into the Alternate (A) and Reset

ExtremeWare XOS 11.3 Command Reference

1615

Configuration and Image Commands (R) holes on the BlackDiamond 8800 MSM and applying pressure. For more information, please refer to the Extreme Networks Consolidated XOS Hardware Installation Guide.

Example
The following command automatically upgrades the firmware when a newer firmware image is present without prompting you to confirm the upgrade:
configure firmware installation auto-install

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches.

1616

ExtremeWare XOS 11.3 Command Reference

download bootrom

download bootrom
download bootrom [[<ipaddress> | <hostname>] <filename> {{vr} <vrname>} | memorycard <filename>] {msm <slotid>}

Description
Downloads a BootROM image after the Summit X450 switch or the BlackDiamond 10K switch has booted. The downloaded image replaces the BootROM in the onboard FLASH memory.

Syntax Description
ipaddress hostname memorycard Specifies the IP address of the TFTP server. Specifies the hostname of the TFTP server. Specifies that the BootROM image should be obtained from the external compact flash memory card. NOTE: This parameter is available only on the BlackDiamond 10K switch. vrname Specifies the name of the virtual router. NOTE: The Summit X450 switch does not support user-created virtual routers (VRs). filename slotid Specifies the name of the file that contains the BootROM image. Specifies the MSM where the BootROM image should be downloaded. A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on the BlackDiamond 10K switch.

Default
N/A.

Usage Guidelines
NOTE
The Summit X450 switch does not support user-created VRs.

Upgrade the BootROM image only when asked to do so by an Extreme Networks technical representative. Prior to downloading the BootROM image on the switch, you must download the image you received from Extreme Networks to a TFTP server on your network. On the BlackDiamond 10K switch, you can also download the image to the external compact flash memory card. Specify the ipaddress or hostname parameters to download a BootROM image from a TFTP server on the network.

ExtremeWare XOS 11.3 Command Reference

1617

Configuration and Image Commands The BootROM image file is a .xbr file, and this file contains the executable code. If this command does not complete successfully it could prevent the switch from booting. In the event the switch does not boot properly, some boot option functions can be accessed through a special Bootloader menu (see the ExtremeWare XOS Concepts Guide). Use of the hostname parameter requires that DNS be enabled. Host Name and Remote IP Address Character Restrictions. This section provides information about the characters supported by the switch for host names and remote IP addresses. When specifying a host name or remote IP address, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Permitted only for host names Underscore ( _ ) Permitted only for host names Colon ( : )

When naming or configuring an IP address for your network server, remember the requirements listed above. Local and Remote Filename Character Restrictions. This section provides information about the characters supported by the switch for local and remote filenames. When specifying a local or remote filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ ) Slash ( / ) Permitted only for remote files

When naming a local or remote file, remember the requirements listed above. BlackDiamond 10K Switch Only. Specify memorycard to download a BootROM image from the external compact flash memory card installed in the external compact flash slot of the MSM. Use a PC with appropriate hardware such as a compact flash reader/writer and follow the manufacturers instructions to access the compact flash card and place the image onto the card. For more information about installing the external compact flash memory card into the MSM, see the Extreme Networks Consolidated XOS Hardware Installation Guide.

Example
The following command downloads a bootROM image from the tftp server tftphost from the file bootimage:
download bootrom tftphost bootimage

1618

ExtremeWare XOS 11.3 Command Reference

download bootrom

History
This command was first available in ExtremeWare XOS 11.0. The msm parameter was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the Summit X450 switch and the BlackDiamond 10K switch.

ExtremeWare XOS 11.3 Command Reference

1619

Configuration and Image Commands

download image
download image [[<hostname> | <ipaddress>] <filename> {{vr} <vrname>} | memorycard <filename>] {<partition>} {msm <slotid>}

Description
Downloads a new version of the ExtremeWare XOS software image.

Syntax Description
hostname ipaddress memorycard Specifies the hostname of the TFTP server from which the image should be obtained. Specifies the IP address of TFTP server from which the image should be obtained. Specifies that the image should be obtained from the external compact flash memory card. NOTE: This parameter is available only on modular switches. filename vrname Specifies the filename of the new image. Specifies the name of the virtual router. NOTE: The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs. partition Specifies which partition the image should be saved to: primary or secondary. Select primary to save the image to the primary partition and secondary to save the image to the secondary partition. Specifies the MSM where the software image should be downloaded. A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

slotid

Default
Stores the downloaded image in the partition selected by the use image command.

Usage Guidelines
NOTE
The BlackDiamond 8800 family of switches and the Summit X450 switch do not support user-created VRs.

Prior to downloading an image on the switch, you must download the image you received from Extreme Networks to a TFTP server on your network. On a modular switch, you can also download the image to the external compact flash memory card.

1620

ExtremeWare XOS 11.3 Command Reference

download image

NOTE
Unlike ExtremeWare, the download image command in ExtremeWare XOS causes the switch to use the newly downloaded software image during the next switch reboot. To modify or reset the software image used during a switch reboot, issue the use image command.

Specify the ipaddress or hostname parameters to download a an image from a TFTP server on the network. Use of the hostname parameter requires that DNS be enabled. Core Software Images. The switch can store up to two core images: a primary and a secondary. When downloading a new image, you select which partition (primary or secondary) to install the new image. If you do not specify a partition, the software image is downloaded and installed into the current (active) partition. If you want to install the software image to the alternate partition, you must specify that partition before downloading the image. Image Filenames. The software image file can be a .xos file, which contains an ExtremeWare XOS core image, or a .xmod file, which contains an ExtremeWare XOS modular software package. Modular software packages have additional functionality that supplement a core image. You can identify the appropriate image or module for your platform based on the filename of the image. Table 29 lists the filename prefixes for each platform:

Table 29: Filename prefixes


Platform BlackDiamond 10K BlackDiamond 8810 BlackDiamond 8806 Summit X450 Filename Prefixes bd10Kbd8800bd8800summitX450-

For example, if you have a BlackDiamond 8806 switch, download image filenames with the prefix bd8800-. Host Name and Remote IP Address Character Restrictions. This section provides information about the characters supported by the switch for host names and remote IP addresses. When specifying a host name or remote IP address, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Permitted only for host names Underscore ( _ ) Permitted only for host names Colon ( : )

When naming or configuring an IP address for your network server, remember the requirements listed above. Local and Remote Filename Character Restrictions. This section provides information about the characters supported by the switch for local and remote filenames.

ExtremeWare XOS 11.3 Command Reference

1621

Configuration and Image Commands When specifying a local or remote filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ ) Slash ( / ) Permitted only for remote files

When naming a local or remote file, remember the requirements listed above. Messages Displayed by the Switch. When you download a new image, you see the following message:
Do you want to install image after downloading? (y - yes, n - no, <cr> - cancel)

Do one of the following:


Enter y if you want to install the image after download. Enter n if you want to install the image at a later time. Press [Enter] if you want to cancel the download.

Modular Switches Only. Specify memorycard to download a an image from the external compact flash memory card installed in the external compact flash slot of the MSM. Use a PC with appropriate hardware such as a compact flash reader/writer and follow the manufacturers instructions to access the compact flash card and place the image onto the card. For more information about installing the external compact flash memory card into the MSM, see the Extreme Networks Consolidated XOS Hardware Installation Guide.

Downloading a New Image


The following provides detailed information for downloading a new image to your switch. Step 1Viewing the Partition. To view your selected and booted partition, use the following command:
show switch

Output from this command includes the selected and booted images and if they are in the primary or the secondary partition. Step 2Selecting the Partition. There are two ways to specify the partition. To specify the partition when downloading and installing the image, use the following command:
download image [[<hostname> | <ipaddress>] <filename> {{vr} <vrname>} | memorycard <filename>] {<partition>} {msm <slotid>}

Or to specify the partition before downloading the image, use the following command:
use image {partition} <partition> {msm <slotid>}

Step 3Downloading and Installing the Image. To download the image, use the following command:
download image [[<hostname> | <ipaddress>] <filename> {{vr} <vrname>} | memorycard <filename>] {<partition>} {msm <slotid>}

1622

ExtremeWare XOS 11.3 Command Reference

download image Downloading an ExtremeWare XOS core image. An ExtremeWare XOS core image uses the file extension .xos. Before the download begins, the system asks if you want to install the image immediately after the download is finished. If you install the image to the active partition, you must reboot the switch. If you install the image to the inactive partition, you do not need to reboot the switch. Enter y to install the image after download. Enter n to install the image at a later time. If you download and install the software image on the active partition, the switch automatically reboots after the download and installation is completed. The following message appears when downloading and installing on the active partition:
Image will be installed to the active partition, a reboot required. Do you want to continue? (y or n)

Enter y to continue the installation and reboot the switch. Enter n to cancel. If you install the image at a later time, the image is still downloaded and saved to the switch, but you must use the following command to install the software:
install image <fname> {<partition>} {msm <slotid>} {reboot}

Where fname specifies the filename of the new, downloaded image. Downloading an ExtremeWare XOS module image. An ExtremeWare XOS module image has functionality that supplements a core image. You download and install a module onto an already installed core image. The version number of the core image and the module must match. For example, the module bd10K-11.0.0.25-ssh.xmod can only be installed onto the core image bd10K-11.0.0.25.xos. To install a module to the inactive partition, use the download image command to download the module to the inactive partition, and use the install image command to install it, if you did not choose to install when the image was downloaded. Remember, the core image on the inactive partition must be of the same version as the module. When you make the inactive partition active, by issuing the use image command and rebooting the switch, the module is also activated at boot time. To install a module to the active partition, use the download image command to download the module to the active partition, and use the install image command to install it, if you did not choose to install when the image was downloaded. Remember, the core image on the active partition must be of the same version as the module. If you reboot the switch, the module will also be activated, but you can activate the module without rebooting the switch by issuing the run update command. After issuing that command, all the functionality, and command line interface (CLI) commands, of the module will be available. Performing a Hitless UpgradeBlackDiamond 10K Switch Only. Hitless upgrade is a mechanism that allows you to upgrade the ExtremeWare XOS software running on the switch without taking the switch out of service. Some additional benefits of using hitless upgrade include:

Minimizing network downtime Reducing the amount of traffic lost

Although any method of upgrading software can have an impact on network operation, including interrupting Layer 2 network operation, performing a hitless upgrade can decrease that impact. You must have two MSMs installed in your switch to perform a hitless upgrade. With two MSMs installed in the switch, one assumes the role of primary and the other assumes the role of backup. The primary MSM provides all of the switch management functions including bringing up and programming the I/O modules, running the bridging and routing protocols, and configuring the switch.

ExtremeWare XOS 11.3 Command Reference

1623

Configuration and Image Commands The primary MSM also synchronizes its configurations with the backup MSM which allows the backup to take over the management functions of the primary.

NOTE
If you download an image to the backup MSM, the image passes through the primary MSM before the image is downloaded to the backup MSM.

1 View your selected and booted partition using the following command:
show switch

Output from this command includes the selected and booted images and if they are in the primary or the secondary partition. The selected image partition indicates which image is used at the next reboot. The booted image partition indicates the image used at the last reboot. 2 Select the partition to download the image to and download and install the new ExtremeWare XOS software on the backup MSM using the following command:
download image [[<hostname> | <ipaddress>] <filename> {{vr} <vrname>} | memorycard <filename>] {<partition>} {msm <slotid>}

NOTE
If the backup MSM is installed in slot B, specify msm B. If the backup MSM is installed in slot A, specify msm A.

Before the download begins, the switch prompts you to install the image immediately after the download is finished. If you install the image immediately after download, the switch reboots.

If you download and install the software image on the active partition, you need to reboot the switch. The following message appears when downloading and installing on the active partition:
Image will be installed to the active partition, a reboot required. Do you want to continue? (y or n)

Enter y to continue the installation and reboot the switch. Enter n to cancel.

If you download and install the software image on the non-active partition, you do not need to reboot the switch. If you install the image at a later time, use the following command to install the software:

install image <fname> {<partition>} {msm <slotid>} {reboot}

3 Initiate failover from the primary MSM to the backup MSM using the following command:
run msm-failover

When you failover from the primary MSM to the backup MSM, the backup becomes the new primary, runs the newly downloaded software, and provides all of the switch management functions. 4 Select the partition to download the image to and download and install the new ExtremeWare XOS software on the new backup MSM (this was the original primary MSM) using the following command:
download image [<hostname> | <ipaddress>] <filename> {vr <vrname>} msm <slotid>

NOTE
If the new backup MSM is installed in slot A, specify msm A. If the new backup MSM is installed in slot B, specify msm B.

1624

ExtremeWare XOS 11.3 Command Reference

download image Before the download begins, the switch prompts you to install the image immediately after the download is finished. If you install the image immediately after download, the switch reboots.

If you download and install the software image on the active partition, you need to reboot the switch. The following message appears when downloading and installing on the active partition:
Image will be installed to the active partition, a reboot required. Do you want to continue? (y or n)

Enter y to continue the installation and reboot the switch. Enter n to cancel.

If you download and install the software image on the non-active partition, you do not need to reboot the switch. If you install the image at a later time, use the following command to install the software:
install image <fname> {<partition>} {msm <slotid>} {reboot}

You can also perform a hitless upgrade on ExtremeWare XOS modular software packages (.xmod files). To perform a hitless upgrade of a software package, you must install the core software image first, and the version number of the modular software package must match the version number of the core image that it will be running with. For more information about hitless upgrade, please see the ExtremeWare XOS Concepts Guide.

Example
The following command downloads the switch software image from the TFTP server at 10.10.15.04, from the file named bd10K-11.0.0.25.xos:
download image 10.10.15.04 bd10K-11.0.0.25.xos

Although the example command specifies a BlackDiamond 10K image, the output is similar on all modular switches. On a modular switch, if you download an image into the active partition, you see output similar to the following:
Do you want to install image after downloading? (y - yes, n - no, <cr> - cancel) Yes Downloading to MSM-A.............................................................. Downloading to MSM-B.................................. Image will be installed to the active partition, a reboot required. Do you want to continue? (y/n) Yes Installing to primary partition! Installing to MSMB.............................................................................. ............................................................................... ............................................................................... ............................................................................... ..................................... Installing to MSMA.............................................................................. ............................................................................... ............................................................................... ............................

ExtremeWare XOS 11.3 Command Reference

1625

Configuration and Image Commands If you answer yes to installing the image, the switch reboots upon completion of the installation. The following command downloads the switch software image from the TFTP server at 10.10.15.04, from the file named summitX450-11.2.0.15.xos:
download image 10.10.15.04 summitX450-11.2.0.15.xos

If you download an image into the active partition, you see output similar to the following:
Do you want to install image after downloading? (y - yes, n - no, <cr> - cancel) Yes Downloading to Switch.............................................................. Image will be installed to the active partition, a reboot required. Do you want to continue? (y/n) Yes Installing to primary partition! .............................................................................. ............................................................................... ............................................................................... ............................................................................... .....................................

If you answer yes to installing the image, the switch reboots upon completion of the installation.

History
This command was first available in ExtremeWare XOS 10.1. The memorycard option was added in ExtremeWare XOS 11.0. The msm parameter was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1626

ExtremeWare XOS 11.3 Command Reference

install bootrom

install bootrom
install bootrom <fname> {reboot} {msm <slotid>}

Description
Installs a new version of the ExtremeWare XOS BootROM image on the Summit X450 switch or the BlackDiamond 10K switch.

Syntax Description
fname reboot msm Specifies the BootROM image file. Reboots the switch after the image is installed. Specifies the MSM where the BootROM image should be installed. A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on the BlackDiamond 10K switch.

Default
N/A.

Usage Guidelines
When you download a BootROM image, the system asks if you want to install the image immediately after the download is finished. If you choose to install the image at a later time, use this command to install the software on the switch. The BootROM image file is a .xbr file, and this file contains the executable code. Local Filename Character Restrictions. This section provides information about the characters supported by the switch for local and remote filenames. When specifying a local or remote filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ )

When naming a local file, remember the requirements listed above.

Example
The following command installs the bootrom image file bd10K-1.0.1.5-bootrom.xbr:
install bootrom bd10K-1.0.1.5-bootrom.xbr

ExtremeWare XOS 11.3 Command Reference

1627

Configuration and Image Commands On the BlackDiamond 10K switch, you see output similar to the following:
Installing bootrom... Writing MSM B bootrom ........................................................................ ........................................................................ ......................... Verifying Flash contents... ........................................................................ ........................................................................ ........................................................................ ........................................................................ .................................................... bootrom written. Writing MSM A bootrom ........................................................................ ........................................................................ ......................... Verifying Flash contents... ........................................................................ ........................................................................ ........................................................................ ........................................................................ .................................................... bootrom written. Bootrom installed successfully

On the Summit X450 switch, you see output similar to the following:
Installing bootrom... Writing bootrom ........................................................................ ........................................................................ ......................... Verifying Flash contents... ........................................................................ ........................................................................ ........................................................................ ........................................................................ .................................................... bootrom written. Bootrom installed successfully

History
This command was first available in ExtremeWare XOS 11.0. The msm parameter was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the Summit X450 switch and the BlackDiamond 10K switch.

1628

ExtremeWare XOS 11.3 Command Reference

install firmware

install firmware
install firmware {force}

Description
Installs the firmware bundled with the ExtremeWare XOS image on the BlackDiamond 8800 family of switches.

Syntax Description
force Specifies ExtremeWare XOS to upgrade the existing firmware image if the existing image does not match the firmware image bundled with the ExtremeWare XOS image. The switch prompts you to confirm the firmware upgrade. NOTE: Use this option only under the guidance of Extreme Networks Technical Support personnel.

Default
N/A.

Usage Guidelines
Use the configure firmware [auto-install | install-on-demand] and install firmware commands to upgrade the BootROM images on the MSM and I/O modules and the firmware on the PSU controllers installed in the BlackDiamond 8800 family of switches. Specify the force parameter only under guidance from Extreme Networks Technical Support personnel. Forcing a firmware upgrade may cause incompatibility issues between the firmware and the software installed on the MSM. Firmware images are bundled with ExtremeWare XOS software images. ExtremeWare XOS automatically compares the existing firmware image flashed into the hardware with the firmware image bundled with the ExtremeWare XOS image. After a firmware image upgrade, messages are sent to the log. The switch scans the I/O and MSM modules and the PSU controllers for a possible firmware upgrade. If the bundled firmware image is newer than the existing firmware image, the switch prompts you to confirm the upgrade. Enter y to upgrade the firmware. Enter n to cancel the firmware upgrade for the specified hardware and continue scanning for other hardware that needs to be upgraded. Enter <cr> to cancel the upgrade. The following output displays the messages displayed when you use the install firmware command:
Installing version 1.0.0.16 of the MSM bootrom(s), a reboot is required. Do you want to continue? (y - yes, n - no, <cr> - cancel) Yes Installing version 1.0.0.24 of the IO module bootrom(s), a reboot is required. Do you want to continue? (y - yes, n - no, <cr> - cancel) Yes

ExtremeWare XOS 11.3 Command Reference

1629

Configuration and Image Commands


Installing version 2.4 of the PSU control module firmware. Do you want to continue? (y - yes, n - no, <cr> - cancel) Yes Installing bootrom... MSM bootrom(s) installed successfully Installing bootrom... IO module bootrom(s) installed successfully Installing firmware... PSU controller firmware installed successfully

During the firmware upgrade, do not cycle down or disrupt the power to the switch. If a power interruption occurs, the firmware may be corrupted and need to be recovered. ExtremeWare XOS automatically recovers corrupted firmware; however, the time it takes for the switch to boot-up may increase. Power over Ethernet (PoE) firmware is always automatically upgraded or downgraded to match the operational code image. This configuration is not applicable to PoE firmware. Displaying BootROM and Firmware Versions. To display the BootROM (firmware) version for all modules and PSU controllers installed in the switch, use the show version command. Recovering From a Corrupted BootROM. If your default BootROM image becomes corrupted, you can force the MSM to book from an alternate BootROM image by inserting a pen into the Alternate (A) and Reset (R) holes on the BlackDiamond 8800 MSM and applying pressure. For more information, please refer to the Extreme Networks Consolidated XOS Hardware Installation Guide.

Example
The following command installs the newer firmware image:
install firmware

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available only on the BlackDiamond 8800 family of switches.

1630

ExtremeWare XOS 11.3 Command Reference

install image

install image
install image <fname> {<partition>} {msm <slotid>} {reboot}

Description
Installs a new version of the ExtremeWare XOS software image.

Syntax Description
fname partition Specifies the software image file. Specifies which partition the image should be saved to: primary or secondary. Select primary to save the image to the primary partition and secondary to save the image to the secondary partition. Specifies the MSM where the software image file should be installed. A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches. reboot Reboots the switch after the image is installed.

msm

Default
N/A.

Usage Guidelines
When you download a software image, you are asked if you want to install the image immediately after the download is finished. If you choose to install the image at a later time, use this command to install the software on the switch. The software image file can be a .xos file, which contains an ExtremeWare XOS core image, or a .xmod file, which contains additional functionality to supplement a core image. Local Filename Character Restrictions. This section provides information about the characters supported by the switch for local filenames. When specifying a local filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ )

When naming a local, remember the requirements listed above.

ExtremeWare XOS 11.3 Command Reference

1631

Configuration and Image Commands Installing an ExtremeWare XOS core image. If you install the software image on the active partition, you must reboot the switch. A message similar to the following appears when installing the image on the active partition:
Image will be installed to the active partition, a reboot required. Do you want to continue ? (y/n)

Enter y to continue the installation and reboot the switch. Enter n to cancel. If you install on the inactive partition, you can continue to run the currently booted image, but to run the newly installed image, you will need to set the boot partition with the use image {partition} <partition> {msm <slotid>} command and reboot the switch. Installing an ExtremeWare XOS module image. An ExtremeWare XOS module image has functionality that supplements a core image. You will install a module onto an already installed core image. The version number of the core image and the module must match. For example, the module bd10K-11.0.0.25ssh.xmod can only be installed onto the core image bd10K-11.0.0.25.xos. To install a module to the inactive partition, use the install image command to install the module. Remember, the core image on the inactive partition must be of the same version as the module. When you make the inactive partition active, by issuing the use image command and rebooting the switch, the module is also activated at boot time. To install a module to the active partition, use the install image command to install the module. Remember, the core image on the active partition must be of the same version as the module. If you reboot the switch, the module will also be activated, but you can activate the module without rebooting the switch by issuing the run update command. After issuing that command, all the functionality, and CLI commands, of the module will be available. Performing a Hitless UpgradeBlackDiamond 10K Switch Only. If you specify the msm parameter on a BlackDiamond 10K switch, you can initiate hitless upgrade between the primary and backup MSMs installed in the switch. Hitless upgrade is a mechanism that allows you to upgrade the ExtremeWare XOS software running on the switch without taking the switch out of service. Some additional benefits of using hitless upgrade include:

Minimizing network downtime Reducing the amount of traffic lost

Although any method of upgrading software can have an impact on network operation, including interrupting Layer 2 network operation, performing a hitless upgrade can decrease that impact. Regardless of how you upgrade the software, you must:

View the selected and booted partition using the show switch command Select the partition to use when downloading the image using the download image [[<hostname>
| <ipaddress>] <filename> {{vr} <vrname>} | memorycard <filename>] {<partition>} {msm <slotid>} or the use image {partition} <partition> {msm <slotid>} commands

When performing a hitless upgrade, you must first download the software to the backup MSM. If you download the image to the inactive partition, use the install image <fname> {<partition>} {msm <slotid>} {reboot} command to install the software image at a later time. After the software is downloaded and installed on the switch, use the run msm-failover command to initiate failover from the primary MSM to the backup MSM. The original primary MSM becomes the new backup MSM.

1632

ExtremeWare XOS 11.3 Command Reference

install image After failover is complete, download the software to the new backup MSM. Again, if you download the image to the inactive partition, use the install image <fname> {<partition>} {msm <slotid>} {reboot} command to install the software image at a later time. For more detailed information about hitless upgrade, see the download image command.

Example
The following command installs the software image file bd10K-11.1.0.20.xos on a BlackDiamond 10K switch:
install image bd10K-11.1.0.20.xos

The following command installs the software image file bd8800-11.3.0.10.xos on a BlackDiamond 8810 switch:
install image bd8800-11.3.0.10.xos

The following command installs the software image file summitX450-11.2.0.16.xos on a Summit X450 switch:
install image summitX450-11.2.0.16.xos

History
This command was first available in ExtremeWare XOS 10.1. The msm parameter was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1633

Configuration and Image Commands

run update
run update

Description
Activates a newly installed modular software package.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
After you install a modular software package to the active partition, issue this command to make the update active. This command causes the ExtremeWare XOS system to start the newly installed processes contained in the package, without rebooting the switch. If you installed the package to the inactive partition, you need to reboot the switch to activate the package.

Example
The following command activates any newly installed modular software packages installed on the active partition:
run update

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

1634

ExtremeWare XOS 11.3 Command Reference

save configuration

save configuration
save configuration {primary | secondary | <existing-config> | <new-config>}

Description
Saves the current configuration from the switchs runtime memory to non-volatile memory.

Syntax Description
primary secondary existing-config new-config Specifies the primary saved configuration. Specifies the secondary saved configuration. Specifies an existing user-defined configuration. Specifies a new user-defined configuration.

Default
Saves the current configuration to the location used on the last reboot.

Usage Guidelines
The configuration takes effect on the next reboot. Each file name must be unique and can be up to 32 characters long but cannot include any spaces, commas, or special characters. Configuration files have a .cfg file extension. When you enter the name of the file in the CLI, the system automatically adds the .cfg file extension. This command also displays in alphabetical order a list of available configurations. The following is sample output that displays the primary, secondary, and user-created and defined configurations (test and XOS1 are the names of the user-created and defined configurations):
exsh.9 # save configuration <cr> Execute the command primary Primary configuration file secondary Secondary configuration file <existing-config> Existing configuration file name "test" "XOS1" <new-config> New configuration file name

The switch prompts you to save your configuration changes. Enter y to save the changes or n to cancel the process. If you enter n, the switch displays a message similar to the following:
Save configuration cancelled.

ExtremeWare XOS 11.3 Command Reference

1635

Configuration and Image Commands If you enter y, the switch saves the configuration and displays a series of messages. The following sections provide information about the messages displayed when you save a configuration on your switch. Local Filename Character Restrictions. This section provides information about the characters supported by the switch for local filenames. When specifying a local filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ )

When naming a local file, remember the requirements listed above. Saving a New Configuration. If you create and save a configuration with a new file name, the switch saves the new configuration and then prompts you to select the newly created configuration as the switchs default configuration. The following sample output is similar to the message displayed:
Do you want to save configuration to test1.cfg? (y/n) Yes Saving configuration on primary MSM ................................. done! Configuration saved to test1.cfg successfully.

The switch then prompts you to select which configuration to use to bootup the system. The following sample output is similar to the message displayed:
The current selected default configuration database to boot up the system (primary.cfg) is different than the one just saved (test.cfg). Do you want to make test.cfg the default database? (y/n)

Enter y to use the new configuration as the default configuration. Enter n to cancel the operation and keep using the current default, active configuration. Saving an Existing Configuration. If you make and save changes to an existing configuration, the switch prompts you to save and override the existing configuration. The following sample output is similar to the message displayed:
The configuration file test.cfg already exists. Do you want to save configuration to test.cfg and overwrite it? (y/n) Yes Saving configuration on primary MSM ............................... done! Configuration saved to test.cfg successfully.

If you override an existing configuration that is not the current default, active configuration, the switch prompts you to select which configuration to use to bootup the system. The following sample output is similar to the message displayed:
The current selected default configuration database to boot up the system (primary.cfg) is different than the one just saved (test.cfg). Do you want to make test.cfg the default database? (y/n) No Default configuration database selection cancelled.

1636

ExtremeWare XOS 11.3 Command Reference

save configuration Enter y to use the updated configuration as the default configuration. Enter n to cancel the operation and keep using the current default, active configuration.

Example
The following command saves the current switch configuration to the configuration file named XOS1:
save configuration XOS1

The following command save the current switch configuration to the secondary configuration file:
save configuration secondary

History
This command was first available in ExtremeWare XOS 10.1. The status messages displayed by the switch were updated in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1637

Configuration and Image Commands

show configuration
show configuration {<module-name>}

Description
Displays a configuration to the terminal.

Syntax Description
module-name Specifies a module.

Default
N/A.

Usage Guidelines
If the output scrolls off the top of the screen, you can use the enable clipaging command to pause the display when the output fills the screen. The default for clipaging is enabled. Extreme Networks recommends using the show configuration command to view on the CLI your currently running switch configuration. Do not use a text editor to view or modify your switch configuration files. If you specify show configuration without any keywords, the switch displays configuration information for each of the switch modules. You can just display the configuration of a module of interest by using the module-name keyword. For example, some of the modules are AAA, ACL, BGP, EDP, FDB, SNMP, and VLAN. Use [TAB]completion to see a list. You must have administrator access to view the output of the save configuration command. Depending on the software version running on your switch, the configurations on your switch, and the type of switch you have, additional or different configuration information may be displayed.

Example
This command shows the current configuration active in the switch:
show configuration

The following is sample output from this command:


# Module devmgr configuration. # configure snmp sysName "Engineering" configure snmp sysContact "support@extremenetworks.com, +1 888 257 3000" #

1638

ExtremeWare XOS 11.3 Command Reference

show configuration
# Module vlan configuration. # create virtual-router "VR-Default" create vlan "Default" configure vlan Default tag 1 configure vlan Default qosprofile QP1 # # Module fdb configuration. # configure fdb agingtime 300 configure iparp vr VR-Control max_entries 4096 configure iparp vr VR-Control max_pending_entries 256 configure iparp vr VR-Control max_proxy_entries 256 configure iparp vr VR-Control timeout 20 enable iparp vr VR-Control checking enable iparp vr VR-Control refresh ...

This command shows the current configuration of the OSPF module in the switch:
show configuration ospf

The following is sample output from this command:


# Module ospf configuration. # configure ospf routerid automatic configure ospf spf-hold-time 3 configure ospf metric-table 10M 10 100M 5 1G 4 10G 2 configure ospf lsa-batch-interval 30 configure ospf import-policy none configure ospf ase-limit 0 disable ospf originate-default disable ospf use-ip-router-alert disable ospf disable ospf export direct disable ospf export static disable ospf export rip disable ospf export e-bgp disable ospf export i-bgp configure ospf area 0.0.0.0 external-filter none configure ospf area 0.0.0.0 interarea-filter none configure ospf area 0.0.0.0 normal

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1639

Configuration and Image Commands

show memorycard
show memorycard

Description
Displays whether an external memory card is present in the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to verify if there is an external memory card in the switch.

Example
This command shows whether a memory card is present on the switch:
show memorycard

History
This command was first available in ExtremeWare XOS 11.0.

Platform Availability
This command is available only on modular switches.

1640

ExtremeWare XOS 11.3 Command Reference

synchronize

synchronize
synchronize

Description
Replicates all saved images and configurations from the primary MSM to the backup MSM on the switch.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command: 1 Reboots the backup MSM to prepare it for synchronizing with the primary MSM 2 Performs a binary copy of the primary MSM to the backup MSM, including the primary and secondary software images, all configurations and policies, and temporary files 3 Reboots the backup MSM after replication is complete During a synchronization, half of the switch fabric is lost. When the primary MSM finishes replicating its configurations and images to the backup MSM, the full switch fabric is restored. To use the synchronize command make sure your switch is running the following software:

BlackDiamond 10K-series switchBoth the backup and the primary MSMs must be running ExtremeWare XOS 11.0 or later. BlackDiamond 8810 switchBoth the backup and the primary MSMs must be running ExtremeWare XOS 11.1 or later. BlackDiamond 8806 switchBoth the backup and the primary MSMs must be running ExtremeWare XOS 11.3 or later.

When you install a backup MSM, you are not prompted to synchronize the images and the configurations from the primary. If not synchronized, the backup uses its image and the primarys configuration. This image/configuration mismatch will likely cause the switch to operate differently after failover. Use the synchronize command to replicate all saved images and configurations from the primary to the backup. If you have not saved your runtime configuration, you are prompted to save it when you use the
synchronize command. A message similar to the following appears: Do you want to save configuration changes to primary.cfg? (y or n)

Enter y to save the configuration and continue with synchronizing the MSMs. Enter n to cancel the operation. If you enter y, messages similar to the following appear:

ExtremeWare XOS 11.3 Command Reference

1641

Configuration and Image Commands


Saving configuration on primary MSM ...... done! Synchronizing configuration to backup MSM .. done!

After the configuration has been saved and replicated to the backup MSM, synchronization begins. After the initial reboot, if the backup MSM is not available or does not respond within 120 seconds, the synchronize operation fails. Use the show switch {detail} command to verify that the backup MSM is in sync with the primary MSM. BlackDiamond 8800 Family of Switches Only. On the BlackDiamond 8800 family of switches, the I/O ports on the backup MSM go down when you synchronize the MSMs. When the primary MSM finishes replicating its configurations and images to the backup MSM, the I/O ports on the backup MSM come back up.

Example
The following example assumes you have already saved your runtime configuration. The following command replicates all saved images and configurations from the master MSM to the backup MSM:
synchronize

After you enter synchronize, status messages similar to the following appear:
Synchronize will reboot the backup MSM, then overwrite all code images and configs with a copy from the master MSM. Synchronize currently requires Extremeware XOS version 11 or greater on the backup MSM DO NOT interrupt synchronize, the backup MSM may become unbootable! OK to continue? (y/n) Yes Rebooting Backup MSM... NOTE: The command line is locked during synchronize synchronizing... synchronizing nvram... synchronizing nvram... synchronizing nvram... synchronizing nvram... synchronizing nvram... synchronizing nvram... synchronizing XOS... [========================================] 100% XOS Synchronize complete - rebooting backup MSM... BD-10808.4 #

History
This command was first available in ExtremeWare XOS 11.0.

1642

ExtremeWare XOS 11.3 Command Reference

synchronize

Platform Availability
This command is available only on modular switches.

ExtremeWare XOS 11.3 Command Reference

1643

Configuration and Image Commands

unconfigure switch
unconfigure switch {all}

Description
Returns the switch configuration to its factory default settings and reboots the switch.

Syntax Description
all Specifies that the entire current configuration should be erased, including the management IP address, and the switch rebooted.

Default
N/A.

Usage Guidelines
Use unconfigure switch to reset the configuration to factory defaults, but without erasing the configuration. This preserves users account information, date and time settings, and so on. Include the parameter all to clear the entire current configuration, including all switch parameters, and reboot using the last used image and factory default configuration. The command unconfigure switch {all} does not clear licensing information. The license cannot be disabled once it is enabled on the switch.

Example
The following command preserves the entire current configuration (but does not reload the current configuration after the switch reboots), resets the switch to factory defaults, and reboots the switch using the last specified saved image and factory default configuration:
unconfigure switch all

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1644

ExtremeWare XOS 11.3 Command Reference

uninstall image

uninstall image
uninstall image <fname> <partition> {msm <slotid>} {reboot}

Description
Uninstalls an ExtremeWare XOS software package.

Syntax Description
fname partition Specifies the software package to uninstall. Specifies which partition the package was installed to: primary or secondary. Select primary to remove it from the primary partition and secondary to remove it from the secondary partition. Specifies the MSM where the package should be uninstalled. A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches. reboot Reboots the switch after the package is uninstalled.

slotid

Default
N/A.

Usage Guidelines
Use this command to uninstall a software package previously installed on the switch. When you uninstall a software package, the switch prompts you to save your changes to your currently active configuration file:
Uninstallation of the EXOS module Do you want to save configuration changes to primary.cfg? (y or n)

Enter y to save the changes to your configuration file. Enter n to not save the changes to your configuration file. Local Filename Character Restrictions. This section provides information about the characters supported by the switch for local and remote filenames. When specifying a local filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ )

ExtremeWare XOS 11.3 Command Reference

1645

Configuration and Image Commands When naming a local file, remember the requirements previously described.

Example
The following command uninstalls the software package bd10K-11.0.0.25.xos from the secondary partition:
uninstall image bd10K-11.0.0.25.xos secondary

History
This command was first available in ExtremeWare XOS 11.0. The msm parameter was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1646

ExtremeWare XOS 11.3 Command Reference

use configuration

use configuration
use configuration [primary | secondary | <file_name>]

Description
Configures the switch to use a previously saved configuration on the next reboot.

Syntax Description
primary secondary file_name Specifies the configuration file named primary.cfg. Specifies the configuration file named secondary.cfg. Specifies an existing user-defined configuration file name (displays a list of available user-defined configuration files).

Default
N/A.

Usage Guidelines
Configuration files have a .cfg file extension. When you enter the name of the file in the CLI, the system automatically adds the .cfg file extension. There is no special significance to the primary and secondary configurations. They are just conveniences to specify the files primary.cfg and secondary.cfg. When you configure the switch to use a previously saved configuration, the switch displays the following message:
The selected configuration will take effect after the next switch reboot.

You can create a new configuration file by saving your current switch configurations and using that file on the next reboot. For example, to create a new configuration named test1 based on your current CLI session and switch configurations, use the following command:
save configuration test1

Tracking and Displaying Switch Configuration Files. To keep track of your configuration file names, use the ls command to display the files saved on your switch. Files with the .cfg extension are configuration files. In addition, you can see a list of available configuration files when you use the use configuration command. The following is sample output from this command (test and XOS1 are the names of the user-created and defined configurations):
exsh.1 # use configuration primary Primary configuration file secondary Secondary configuration file <file-name> Configuration file name "test" "XOS1"

ExtremeWare XOS 11.3 Command Reference

1647

Configuration and Image Commands You can also use the ls command to display a list of the current configuration and policy files in the system. Displaying the Active Configuration. To view the currently active, running configuration, use the show
switch command.

Local Filename Character Restrictions. This section provides information about the characters supported by the switch for local filenames. When specifying a local filename, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Underscore ( _ )

When naming a local file, remember the requirements listed above.

Example
The following command specifies that the next reboot should use the saved configuration file named XOS1.cfg:
use configuration XOS1

The following command specifies that the next reboot should use the configuration saved in the primary partition:
use configuration primary

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1648

ExtremeWare XOS 11.3 Command Reference

use image

use image
use image {partition} <partition> {msm <slotid>}

Description
Configures the switch to use a saved image on the next reboot.

Syntax Description
partition slotid Specifies which image to use on the next reboot, the one stored on the primary partition, or the one stored on the secondary partition. Specifies which MSM to use on the next reboot. A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

Default
The currently booted image.

Usage Guidelines
This command specifies which image to use on the next reboot. Two images can be stored, one on the primary partition, one on the secondary partition. To view your current (active) partition and the selected partition for the next reboot or installation, use the following command:
show switch

Output from this command includes the selected and booted images and if they are in the primary or the secondary partition. Primary indicates the saved image in the primary partition; secondary indicates the saved image in the secondary partition. This command also specifies which partition to install images to and which partition to download images to if not specified in the install image and download image commands.

Example
The following command configures the switch to use the image stored in the primary partition on the next reboot:
use image partion primary

A message similar to the following is displayed:


To take effect of partition change please reboot the switch!

ExtremeWare XOS 11.3 Command Reference

1649

Configuration and Image Commands

History
This command was first available in ExtremeWare XOS 10.1. The msm parameter was added in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1650

ExtremeWare XOS 11.3 Command Reference

Troubleshooting Commands

If you encounter problems when using your switch, ExtremeWare XOS provides troubleshooting commands. Use these commands only under the guidance of Extreme Networks technical personnel. This appendix describes commands for troubleshooting your switch, including:

Running diagnostics and displaying diagnostic test results Enabling and disabling the standalone Extreme Loop Recovery Protocol (ELRP) client Enabling and disabling debug mode for Event Management System (EMS) components

You can contact Extreme Networks Technical Support at (800) 998-2408 or (408) 579-2826.

Extreme Loop Recovery Protocol


ExtremeWare XOS 11.1 introduced support for the Extreme Loop Recovery Protocol (ELRP). ELRP is a feature of ExtremeWare XOS that allows you to prevent, detect, and recover from Layer 2 loops in the network. You can use ELRP with other protocols such as the Extreme Standby Router Protocol (ESRP) and the Ethernet Automatic Protection Switching Protocol (EAPS). A switch running ELRP transmits multicast packets with special MAC destination address out of some or all of the ports belonging to a Virtual LAN (VLAN). All the other switches in the network treat this packet as a regular, multicast packet and flood it to all the ports belonging to the VLAN. If the packets transmitted by a switch are received back by that switch, this indicates a loop in the Layer 2 network. Standalone ELRP gives you the ability to send ELRP packets, either periodically or on an ad hoc oneshot basis on a specified subset of VLAN ports. If any of these transmitted packets is received back then standalone ELRP can perform a configured action such as sending a log message to the system log file or sending a trap to the SNMP manager. Standalone ELRP allows you to:

Configure ELRP packet transmission on specified VLANs. Specify some or all the ports of VLAN for packet transmission. NOTE
Reception of packets is not limited to any specific ports of the VLAN and cannot be configured.

Configure transmission of ELRP packets on specified ports of a VLAN periodically with the added ability to configure the interval between consecutive timings. Save and restore standalone ELRP configuration across reboots.

ExtremeWare XOS 11.3 Command Reference

1651

Troubleshooting Commands

Request periodic or non-periodic transmission of ELRP packets on specified ports of a VLAN. For non-periodic ELRP requests:

You can specify the number of times ELRP packets must be transmitted and the interval between consecutive transmissions. A message is printed to the console and logged into the system log file indicating detection of network loop when ELRP packets are received back or no packets are received within the specified duration. There is no need to trap to the SNMP manager. If ELRP packets are received back, a message is printed to the system log file and a trap is sent to the SNMP manager indicating detection of a network loop.

For periodic ELRP requests:

Details of using ELRP with ESRP are discussed in the ExtremeWare XOS User Guide chapter, Extreme Standby Router Protocol, and the commands used to configure ELRP with ESRP are described in Chapter 20, ESRP Commands.

Event Management System


The Event Management System (EMS) provides enhanced features to filter and capture information generated on a switch. Details of using EMS are discussed in the ExtremeWare XOS User Guide, in the chapter, Status Monitoring and Statistics, and the commands used for EMS are detailed in this document in Chapter 8, Commands for Status Monitoring and Statistics. Included in this chapter, as well as in Chapter 8, are the EMS commands to enable and disable debug mode for EMS components.

1652

ExtremeWare XOS 11.3 Command Reference

clear elrp counters

clear elrp counters


clear elrp counters

Description
Clears and resets the ELRP counters.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
You should view the switch statistics before you delete the ELRP counters. Use the show log counters command to display event statistics. Viewing and maintaining statistics on a regular basis allows you to see how well your network is performing. If you keep simple daily records, you will see trends emerging and notice problems arising before they cause major network faults. By clearing the counters, you can see fresh statistics for the time period that you are monitoring.

Example
The following command clears all switch statistics related to ELRP:
clear elrp counters

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1653

Troubleshooting Commands

configure debug coredumps


configure debug coredumps [internal-memory | memorycard | off]

Description
Enables or disables sending debug information to the specified memory card.

Syntax Description
internal-memory Specifies that saving debug information to the internal memory card is enabled. Use this parameter only under the guidance of Extreme Networks Technical Support personnel. NOTE: This parameter is available only on the Summit X450 switch. memorycard Specifies that saving debug information to the external memory card is enabled. Use this parameter only under the guidance of Extreme Networks Technical Support personnel. NOTE: This parameter is available only on modular switches. off Specifies that saving debug information to the memory card is disabled. This is the default behavior.

Default
By default, the switch does not automatically send debug information to the memory card. The setting is set to off.

Usage Guidelines
NOTE
Use this command only under the guidance of Extreme Networks Technical Support personnel to troubleshoot the switch.

The Summit X450 switch sends debug information to the preinstalled internal memory card. Modular switches send debug information to the external memory card installed in the external compact flash slot of the MSM. The switch only writes core dump files to the specified memory card in the following situations:

If an ExtremeWare XOS process fails. When forced under the guidance of Extreme Networks Technical Support.

Modular Switches Only. Before you can enable and save debug information to the external memory card, you must install an external compact flash memory card into the external compact flash slot of the MSM. For more information about installing an external compact flash memory card, please refer to the Extreme Networks Consolidated XOS Hardware Installation Guide.

1654

ExtremeWare XOS 11.3 Command Reference

configure debug coredumps After you use the eject memorycard command and manually remove the card from the external compact flash slot of the MSM, this setting is automatically changed to off.

Example
The following example enables a modular switch to save debug information to the external memory card:
configure debug coredumps memorycard

The following example enables the Summit X450 switch to save debug information to the internal memory card:
configure debug coredumps internal-memory

History
This command was first available in ExtremeWare XOS 11.1. The internal-memory parameter was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1655

Troubleshooting Commands

configure elrp-client one-shot


configure elrp-client one-shot <vlan_name> ports [<ports> | all] interval <sec> retry <count> [log | print | print-and-log]

Description
Starts one-time, non-periodic ELRP packet transmission on the specified ports of the VLAN using the specified count and interval.

Syntax Description
vlan_name ports all sec count log Specifies a VLAN name. Specifies the set of VLAN ports for packet transmission. Specifies all ports of this VLAN for packet transmission. Specifies the interval (in seconds) between consecutive packet transmissions. The range is 1 to 600 seconds. The default is 1 second. Specifies the number of times ELRP packets must be transmitted. The range is 1 to 3 times. The default is 3 times. Specifies that a message should be logged in the system log file when ELRP packets are received back indicating detection of network loop, or no packets are received within the specified duration. Specifies that a message should be printed to the console when ELRP packets are received back indicating detection of network loop, or no packets are received within the specified duration. Specifies that a message should be logged in the system log file and printed to the console when ELRP packets are received back indicating detection of network loop, or no packets are received within the specified duration.

print

print-and-log

Default

secThe interval between consecutive packet transmissions is 1 second. countThe number of times ELRP packets must be transmitted is 3.

Usage Guidelines
This command starts one-time, non-periodic ELRP packet transmission on the specified ports of the VLAN using the specified count and interval. If any of these transmitted packets is returned, indicating loopback detection, the ELRP client can perform a configured action such as logging a message in the system log file or printing a log message to the console. There is no need to send a trap to the SNMP manager for non-periodic requests. NOTE
This command is backward compatible with Extreme Networks switches running ExtremeWare. If your network contains switches running only ExtremeWare XOS, you can also use the run elrp <vlan_name> {ports <ports>} {interval <sec>} {retry <count>} to perform one-time ELRP packet transmission.

1656

ExtremeWare XOS 11.3 Command Reference

configure elrp-client one-shot Use the configure elrp-client periodic command to configure periodic transmission of ELRP packets. The ELRP client must be enabled globally in order for it to work on any VLANs. Use the
enable elrp-client command to globally enable the ELRP client.

The ELRP client can be disabled globally so that none of the ELRP VLAN configurations take effect. Use the disable elrp-client command to globally disable the ELRP client.

Example
The following example starts one-time, non-periodic ELRP packet transmission on all ports of the VLAN sales, uses the default interval and transmission times, and sends messages to the console:
configure elrp-client one-shot sales ports all interval 1 retry 3 print

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1657

Troubleshooting Commands

configure elrp-client periodic


configure elrp-client periodic <vlan_name> ports [<ports> | all] interval <sec> [log | log-and-trap | trap]

Description
Starts periodic ELRP packet transmission on the specified ports of the VLAN using the specified interval.

Syntax Description
vlan_name ports all sec log Specifies a VLAN name. Specifies the set of VLAN ports for packet transmission. Specifies all ports of this VLAN for packet transmission. Specifies the interval (in seconds) between consecutive packet transmissions. The range is 1 to 600 seconds. The default is 1 second. Specifies that a message should be logged in the system log file when ELRP packets are received back indicating detection of network loop, or no packets are received within the specified duration. Specifies that a message should be logged in the system log file and a trap message should be sent to the SNMP manager when ELRP packets are received back indicating detection of network loop, or no packets are received within the specified duration. Specifies that a trap message should be sent to the SNMP manager when ELRP packets are received back indicating detection of network loop, or no packets are received within the specified duration.

log-and-trap

trap

Default
The interval between consecutive packet transmissions is 1 second.

Usage Guidelines
This command starts periodic ELRP packet transmission on the specified ports of the VLAN using the specified interval. If any of these transmitted packets is returned, indicating loopback detection, the ELRP client can perform a configured action such as logging a message in the system log file and/or sending a trap to the SNMP manager. Use either the configure elrp-client one-shot or the run elrp command to configure nonperiodic, one-time transmission of ELRP packets. The ELRP client must be enabled globally in order for it to work on any VLANs. Use the enable elrp-client command to globally enable the ELRP client. The ELRP client can be disabled globally so that none of the ELRP VLAN configurations take effect. Use the disable elrp-client command to globally disable the ELRP client.

1658

ExtremeWare XOS 11.3 Command Reference

configure elrp-client periodic

Example
The following example starts periodic ELRP packet transmission on slot 3, port 2 of VLAN marketing, sends packet transmissions every 2 seconds, and sends messages to the log;
configure elrp-client periodic marketing ports 3:2 interval 2 log

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1659

Troubleshooting Commands

disable elrp-client
disable elrp-client

Description
Disables the ELRP client (standalone ELRP) globally.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
This command disables the ELRP globally so that none of the ELRP VLAN configurations take effect. The ELRP client must be enabled globally in order for it to work on any VLANs. Use the enable elrp-client command to globally enable the ELRP client.

Example
The following command globally disables the ELRP client:
disable elrp-client

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1660

ExtremeWare XOS 11.3 Command Reference

disable log debug-mode

disable log debug-mode


disable log debug-mode

Description
Disables debug mode. The switch stops generating debug events.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
This command disables debug mode. Debug mode must be enabled prior to configuring advanced debugging capabilities. These include allowing debug messages, which can severely degrade performance. For typical network device monitoring, debug mode should remain disabled, the default setting. Debug mode should only be enabled when advised by technical support, or when advanced diagnosis is required. The debug mode setting is saved to FLASH. The following configuration options require that debug mode be enabled:

Including a severity of debug-summary, debug-verbose, or debug-data when configuring filters Target format options process-name, process-id, source-function, and source-line

Example
The following command disables debug mode:
disable log debug-mode

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1661

Troubleshooting Commands

eject memorycard
eject memorycard

Description
Ensures that the external memory card can be safely and manually removed from the external compact flash slot on the MSM.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
After the switch writes to the external memory card, and before you can view the contents on the card, you must ensure it is safe to remove the card from the external compact flash slot on the MSM. Use the eject memorycard command to prepare the card for removal. After you issue the eject memorycard command, you can manually remove the card from the external compact flash slot on the MSM and read the data on the card. If the configure debug coredumps memorycard command is in effect when you issue the eject memorycard command, the behavior is similar to issuing the configure debug coredumps off command. For more information about removing the external memory card, please refer to the Extreme Networks Consolidated XOS Hardware Installation Guide. To access and read the data on the card, use a PC with appropriate hardware such as a compact flash reader/writer and follow the manufacturers instructions to access the compact flash card and read the data.

Example
The following command prepares the external memory card to be removed from the external compact flash slot on the MSM:
eject memorycard

History
This command was first available in ExtremeWare XOS 11.1.

1662

ExtremeWare XOS 11.3 Command Reference

eject memorycard

Platform Availability
This command is available only on modular switches.

ExtremeWare XOS 11.3 Command Reference

1663

Troubleshooting Commands

enable elrp-client
enable elrp-client

Description
Enables the Extreme Loop Recovery Protocol (ELRP) client (standalone ELRP) globally.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
The ELRP client must be enabled globally in order for it to work on any VLANs. The ELRP client can be disabled globally so that none of the ELRP VLAN configurations take effect. Use the disable elrp-client command to globally disable the ELRP client.

Example
The following command globally enables the ELRP client:
enable elrp-client

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1664

ExtremeWare XOS 11.3 Command Reference

enable log debug-mode

enable log debug-mode


enable log debug-mode

Description
Enables debug mode. The switch generates debug events.

Syntax Description
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
This command enables debug mode. Debug mode must be enabled prior to configuring advanced debugging capabilities. These include allowing debug messages, which can severely degrade performance. For typical network device monitoring, debug mode should remain disabled, the default setting. Debug mode should only be enabled when advised by technical support, or when advanced diagnosis is required. The debug mode setting is saved to FLASH. The following configuration options require that debug mode be enabled:

Including a severity of debug-summary, debug-verbose, or debug-data when configuring filters Target format options process-name, process-id, source-function, and source-line

Example
The following command enables debug mode:
enable log debug-mode

When you enable debug mode, the following message appears:


WARNING: Debug mode should only be enabled when advised by technical support, or when advanced diagnosis is required. Performance degradation is possible. Debug mode now enabled.

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1665

Troubleshooting Commands

nslookup
nslookup <host-name-or-ip>

Description
Displays the IP address or hostname of the requested host.

Syntax Description
host-name-or-ip Specifies the hostname or IP address.

Default
N/A.

Usage Guidelines
For nslookup to work, you must configure the DNS client, and the switch must be able to reach the DNS server. Host Name and Remote IP Address Character Restrictions. This section provides information about the characters supported by the switch for host names and remote IP addresses. When specifying a host name or remote IP address, the switch permits only the following characters:

Alphabetical letters, upper case and lower case (A-Z, a-z) Numerals (0-9) Period ( . ) Dash ( - ) Permitted only for host names Underscore ( _ ) Permitted only for host names Colon ( : )

When naming or configuring an IP address for your network server, remember the requirements listed above.

Example
The following command looks up the IP address of a computer with the name of bigserver.xyz_inc.com:
nslookup bigserver.xyz_inc.com

History
This command was first available in ExtremeWare XOS 10.1. Support for using an IP address to obtain the name of the host was added in ExtremeWare XOS 11.0.

1666

ExtremeWare XOS 11.3 Command Reference

nslookup

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1667

Troubleshooting Commands

run diagnostics
run diagnostics [extended | normal] slot [<slot> | A | B]

Description
Runs normal or extended diagnostics on the switch, slot, or management module.

Syntax Description
extended normal slot A|B Runs an extended diagnostic routine. Takes the ports offline, and performs extensive ASIC and packet loopback tests on all of the ports. Runs a normal diagnostic routine. Takes the ports offline, and performs a simple ASIC and packet loopback test on all of the ports. Specifies the slot number of an I/O module. NOTE: This parameter is available only on modular switches. Specifies which MSM to run diagnostics on. A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
Use this command to run diagnostics on the switch, slot, or management module. Running DiagnosticsModular Switches Only. If you run the diagnostic routine on an I/O module, that module is taken off-line while the diagnostic test is performed. The ports on the module do not forward traffic. Once the diagnostic test is completed, the I/O module is automatically reset and becomes operational again. After the switch runs the diagnostic routine, test results are saved in the modules EEPROM and messages are logged to the syslog.

NOTE
On the BlackDiamond 10K switch, run diagnostics when the switch can be brought off-line. The tests conducted are extensive and affect traffic that must be processed by the system CPU. The CPU processes the diagnostics whether you run diagnostics on an I/O module or a management module.

On an I/O module, the extended diagnostic routine can require significantly more time to complete, depending on the number of ports on the module.

1668

ExtremeWare XOS 11.3 Command Reference

run diagnostics On a management module, the module is taken offline while the diagnostics test is performed. Once the diagnostic test is completed, the MSM reboots, and becomes operational again.

NOTE
On the BlackDiamond 8810 switch (formerly known as Aspen), if you run diagnostics on slots 5 and 6 with an MSM installed in those slots, the diagnostic routine tests the I/O subsystem of the MSM. To run diagnostics on the management portion of the master MSM, specify slot A or B.

Running DiagnosticsSummit X450 Switch Only. If you run the diagnostic routine on a Summit X450 switch, the switch reboots and then performs the diagnostic test. During the test, traffic to and from the ports on the switch is temporarily unavailable. When the diagnostic test is complete, the switch reboots and becomes operational again. Viewing Diagnostics. To view results of the last diagnostics test run, use the following command:
show diagnostics {slot [<slot> | A | B]}

NOTE
The slot, A, and B parameters are available only on modular switches.

If the results indicate that the diagnostic failed on a module, replace the module with another module of the same type. If the results indicate that the diagnostic failed on the switch, contact Extreme Networks Technical Support.

Example
The following command runs normal diagnostics on the I/O module installed in slot 3 of the chassis:
run diagnostics normal slot 3

The switch displays a warning similar to the following about the impact of this test. You also have the opportunity to continue or cancel the test:
Running Diagnostics will disrupt network traffic. Are you sure you want to continue? (y/n)

Enter y to continue and run the diagnostics. Enter n to cancel the operation. The following command runs normal diagnostics on the Summit X450 switch:
run diagnostics normal

The switch displays a warning similar to the following about the impact of this test. You also have the opportunity to continue or cancel the test:
Running Diagnostics will disrupt network traffic. Are you sure you want to continue? (y/n)

Enter y to continue and run the diagnostics. Enter n to cancel the operation.

ExtremeWare XOS 11.3 Command Reference

1669

Troubleshooting Commands

History
This command was first available in ExtremeWare XOS 10.1. This command was modified in ExtremeWare XOS 11.0 to run diagnostics on management modules from the command line interface (CLI).

Platform Availability
This command is available on all platforms.

1670

ExtremeWare XOS 11.3 Command Reference

run elrp

run elrp
run elrp <vlan_name> {ports <ports>} {interval <sec>} {retry <count>}

Description
Starts one-time, non-periodic ELRP packet transmission on the specified ports of the VLAN using the specified count and interval.

Syntax Description
vlan_name ports sec count Specifies a VLAN name. Specifies the set of VLAN ports for packet transmission. Specifies the interval (in seconds) between consecutive packet transmissions. The range is 1 to 64 seconds. The default is 1 second. Specifies the number of times ELRP packets must be transmitted. The range is 3 to 255 times. The default is 10 times.

Default

secThe interval between consecutive packet transmissions is 1 second. countThe number of time ELRP packets must be transmitted is 10.

Usage Guidelines
This command starts one-time, non-periodic ELRP packet transmission on the specified ports of the VLAN using the specified count and interval. If any of these transmitted packets is returned, indicating loopback detection, the ELRP client prints a log message to the console. There is no need to send a trap to the SNMP manager for non-periodic requests. NOTE
This command is compatible with Extreme Networks switches running only the ExtremeWare XOS software. If your network contains switches running ExtremeWare XOS and switches running ExtremeWare, use the configure elrp-client one-shot <vlan_name> ports [<ports> | all] interval <sec> retry <count> [log | print | print-and-log] command to perform one-time ELRP packet transmission.

If you do not specify the optional interval or retry parameters, the default values are used. Use the configure elrp-client periodic command to configure periodic transmission of ELRP packets. The ELRP client must be enabled globally in order for it to work on any VLANs. Use the enable elrp-client command to globally enable the ELRP client. The ELRP client can be disabled globally so that none of the ELRP VLAN configurations take effect. Use the disable elrp-client command to globally disable the ELRP client.

ExtremeWare XOS 11.3 Command Reference

1671

Troubleshooting Commands

Example
The following command starts one-time, non-periodic ELRP packet transmission on the VLAN green using the default interval and packet transmission:
run elrp green

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

1672

ExtremeWare XOS 11.3 Command Reference

save debug tracefiles

save debug tracefiles


save debug tracefiles [internal-memory | memorycard]

Description
Copies debug information to the specified memory card.

Syntax Description
internal-memory memorycard Specifies that the switch saves debug information to the internal memory card. NOTE: This parameter is available only on the Summit X450 switch. Specifies that the switch saves debug information to the external memory card. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
NOTE
Use this command only under the guidance of Extreme Networks Technical Support personnel to troubleshoot the switch.

Use this command to copy debug information to the specified memory card. The debug information includes log files and trace files. Progress messages are displayed that indicate the file being copied and when the copying is finished. BlackDiamond 10K Switch Only. In ExtremeWare XOS 11.0, use the upload debug-info memorycard command to copy debug information to the external memory card.

Example
The following command copies debug information to the external memory card installed in a modular switch:
save debug tracefiles memorycard

The following command copies debug information to the internal memory card installed in the Summit X450 switch:
save debug tracefiles internal-memory

ExtremeWare XOS 11.3 Command Reference

1673

Troubleshooting Commands

History
This command was first available in ExtremeWare XOS 11.0. The syntax for this command was modified in ExtremeWare XOS 11.1 from upload debug-info
memorycard to save debug tracefiles memorycard.

The internal-memory card parameter was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1674

ExtremeWare XOS 11.3 Command Reference

show debug

show debug
show debug

Description
This command displays the status of writing core dump files to the specified memory card.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
By default, the switch does not write core dump files to the memory card. Use the this command to verify if you are writing core dump files to the memory card. To configure the Summit X450 switch to write core dump files to the internal memory card, use the configure debug coredumps internal-memory command. To configure a modular switch to write core dump files to the external memory card, use the configure debug coredumps memorycard command.

Example
The following example shows if the switch is sending core dump files to the specified memory card:
show debug

The following sample output shows that the switch is not sending core dump files to the specified memory card:
Debug Settings: Core dumps: Disabled

Modular Switches Only. The following sample output shows that the switch is sending core dump files to the external memory card:
Debug Settings: Core dumps: Enabled (memorycard)

Summit X450 Switch Only. The following sample output shows that the switch is sending core dump files to the internal memory card:
Debug Settings: Core dumps: Enabled (internal-memory)

ExtremeWare XOS 11.3 Command Reference

1675

Troubleshooting Commands

History
This command was first available in ExtremeWare XOS 11.1. Support for the internal memory card was added in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1676

ExtremeWare XOS 11.3 Command Reference

show diagnostics

show diagnostics
show diagnostics {slot [<slot> | A | B]}

Description
Displays the status of the last diagnostic test run on the switch.

Syntax Description
slot A|B Specifies which I/O module to display diagnostic status information on. NOTE: This parameter is available only on modular switches. Specifies which MSM to display diagnostic status information on: A specifies the MSM installed in slot A. B specifies the MSM installed in slot B. NOTE: This parameter is available only on modular switches.

Default
N/A.

Usage Guidelines
Use this command to display information from the last diagnostic test run on the switch. Output on the BlackDiamond 10K Switch. The following switch diagnostic information is displayed:

Slot number Result of the test (pass/fail) Date the test was run Date the test last failed (if the test has never failed, Never is displayed) Summary of the test (Diagnostics pass/Diagnostics fail)

Output on the BlackDiamond 8800 Family of Switches. The following switch diagnostic information is displayed:

Date the test last failed (if the test has never failed, Never is displayed) Summary of the test (Diagnostics pass/Diagnostics fail)

Output on the Summit X450 Switch. The following switch diagnostic information is displayed:

Date the test last failed (if the test has never failed, Never is displayed) Summary of the test (Diagnostics pass/Diagnostics fail)

Additional Guidelines Applicable to Modular Switches Only. If you use the show diagnostics {slot [<slot> | A | B]} command on a slot where diagnostics have not been run, the switch displays a message similar to the following:

ExtremeWare XOS 11.3 Command Reference

1677

Troubleshooting Commands
Diagnostics never run

If you try to display diagnostic test information on a slot where no module is installed, the switch displays a message similar to the following:
No card in slot

Running Diagnostics. To run diagnostics on an I/O module or an MSM installed in a modular switch, use the following command:
run diagnostics [extended | normal] slot [<slot> | A | B]

To run diagnostics on the Summit X450 switch, use the following command:
run diagnostics [extended | normal]

Depending on the software version running on your switch or your switch model, additional or different diagnostic information might be displayed. For more information, see the command run diagnostics on page 1668.

Example
The following command displays the results of module diagnostics for the I/O module in slot 1:
show diagnostics slot 2

The following is sample output from the BlackDiamond 10K switch:


Slotnum 2 DiagResult timestamp Fri Oct 8 10:09:02 2004 Test Temperature = 34 degrees C Diag Test Version=1.0.4.2. S/N=0646F-01234 -----------------------------------------------------------------------CPU System | Passed -----------------------------------------------------------------------Register Test | Passed -----------------------------------------------------------------------Memory Test | Passed -----------------------------------------------------------------------System Test | Passed -----------------------------------------------------------------------Last Fail: Never Summary: Diagnostics Pass

The following is sample output from the BlackDiamond 8800 family of switches:
Last Fail: Never Summary: Diagnostics Pass

The following command displays the results of the switch diagnostics for the Summit X450 switch:
show diagnostics

The following is sample output from this command:


Last Fail: Never Summary: Diagnostics Pass

1678

ExtremeWare XOS 11.3 Command Reference

show diagnostics

History
This command was available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1679

Troubleshooting Commands

show elrp
show elrp

Description
Displays ELRP information.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
If you enter the show elrp command, this command displays the:

State of ELRP (enabled/disabled). Total number of ELRP sessions. ELRP packets transmitted. ELRP packets received.

In addition to the summary information at the top of the display, the show elrp command also displays the following information:
Client VLAN Ports Interval Count Displays the name of the ELRP client. Displays the name of the VLAN with ELRP enabled. Displays the set of VLAN ports used for packet transmission. Displays the configured interval. An interval of 3 indicates that ELRP PDUs are transmitted every 3 seconds. Lists the configured number of ELRP PDUs that are transmitted. The PDUs are transmitted at the configured interval. This method of ELRP PDU transmission is used by ESRP in the premaster state. A count of 0 indicates continuous PDU transmission. If the Cyclic value is Yes, the count is always 0. Indicates whether ELRP PDUs are being continuously sent. The column shows Yes for the master VLAN because that VLAN is continuously sending ELRP PDUs for loop detection. When a VLAN is in the pre-master state, it only sends three ELRP PDUs before changing to master or slave. During this time the column shows No for that VLAN. Displays the number of ELRP PDUs transmitted. Displays the number of ELRP PDUs received.

Cyclic

Pkts-Xmit Pkts-Rcvd

1680

ExtremeWare XOS 11.3 Command Reference

show elrp

Action

Displays the configured action the switch takes when ELRP messages are received back indicating a detection of a network loop or no packets are received within the specified duration. The following list describes the actions: Print (P)Specifies that the switch prints a message to the console. Log (L)Specifies that the switch sends a message to the system log file. Trap (T)Specifies that the switch sends a message to the SNMP manager. Callback (C)Specifies a callback action. If you use ELRP with another protocol (for example ESRP), ELRP uses a callback action to notify the protocol of a loop detection.

Example
The following command displays summary ELRP status information on the switch:
show elrp

The following sample output is displayed:


ELRP Standalone Client: Enabled 1 3288 0

Number of ELRP sessions: Number of ELRP pkts transmitted: Number of ELRP pkts Received:

Client Vlan Ports Int. Count Cyclic Pkts-Xmit Pkts-Rcvd Action -------------------------------------------------------------------------CLI Default All 1 0 Yes 3288 0 LT -------------------------------------------------------------------------Action : (P) Print , (L) Log , (T) Trap , (C) Callback

History
This command was first available in ExtremeWare XOS 11.1.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1681

Troubleshooting Commands

show platform
show platform

Description
This command displays information about the switch used only in conjunction with Extreme Networks Technical Support.

Syntax Description
The arguments supported by this command are platform-dependent; use only in conjunction with Extreme Networks Technical Support personnel.

Default
N/A.

Usage Guidelines
NOTE
Use this command only under the guidance of Extreme Networks Technical Support personnel to troubleshoot the switch.

This command displays information about the switch.

Example
The following command displays switch information:
show platform

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1682

ExtremeWare XOS 11.3 Command Reference

show tech

show tech
show tech {all | <area>} {detail}

Description
Displays the output of various show commands to assist in monitoring and troubleshooting the switch.

Syntax Description
all area detail Indicates all available show command output to be displayed. Specifies one tech support area. For example, if you want to view STP information, enter stp. Specifies more detailed information.

Default
N/A.

Usage Guidelines
Use this command only under the guidance of Extreme Networks Technical Support personnel to view your switch configurations and to troubleshoot the switch. The show tech command displays the output of the following show commands, among others:

show bootprelay show configuration show dhcp-client state show diagnostics show memory show odometers show policy show port rxerror show port txerror show power show power budget show power controller show process show radius show session show switch show tacacs

ExtremeWare XOS 11.3 Command Reference

1683

Troubleshooting Commands

show version show vlan

Information about the following areas is also displayed, among others:


aaa bootp cli stp

If you enter the detail keyword, the following show output is displayed, among others:

show log show log configuration show log counters all show process detail

This information can be useful for your technical support representative if you experience a problem. Depending on the software version running on your switch, the configurations running on your switch, and the type of switch you have, additional or different show command and configuration output may be displayed.

Example
The following command displays the show command output on the switch:
show tech

History
This command was first available in ExtremeWare XOS 10.1.

Platform Availability
This command is available on all platforms.

1684

ExtremeWare XOS 11.3 Command Reference

top

top
top

Description
Displays real-time CPU utilization information by process.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
Use this command to show the percentage of CPU processing devoted to each process, sampled every 5 seconds. You can change the display by typing a character while the display is active. The following commands are supported:

Table 30: TOP interactive command display options


Key P T N M q [Ctrl] + c Action Sort process list by CPU utilization Sort process list by time usage Sort process list by number (process ID) Sort process list by memory usage Exit the top program

For more detailed information about the top command including display options, command fields, and command usage, please refer to your UNIX documentation.

Example
The following command displays the real-time CPU utilization information by process:
top

History
This command was first available in ExtremeWare XOS 11.0.

ExtremeWare XOS 11.3 Command Reference

1685

Troubleshooting Commands

Platform Availability
This command is available on all platforms.

1686

ExtremeWare XOS 11.3 Command Reference

unconfigure elrp-client

unconfigure elrp-client
unconfigure elrp-client <vlan_name>

Description
Disables a pending one-shot or periodic ELRP request for the specified VLAN.

Syntax Description
vlan_name Specifies a VLAN name.

Default
None.

Usage Guidelines
This command disables a pending one-shot or periodic ELRP request for the specified VLAN. To start one-time, non-periodic ELRP packet transmission on specified ports of a VLAN using a particular count and interval, use one of the following commands:

configure elrp-client one-shot <vlan_name> ports [<ports> | all] interval <sec> retry <count> [log | print | print-and-log](This command is backward compatible with

Extreme Networks switches running the ExtremeWare software.)

run elrp <vlan_name> {ports <ports>} {interval <sec>} {retry <count>}

To configure periodic transmission of ELRP packets, use the configure elrp-client periodic command. The ELRP client must be enabled globally in order for it to work on any VLANs. Use the enable elrp-client command to globally enable the ELRP client. The ELRP client can be disabled globally so that none of the ELRP VLAN configurations take effect. Use the disable elrp-client command to globally disable the ELRP client.

Example
The following command disables a pending ELRP request on VLAN elrp1:
unconfigure elrp-client elrp1

History
This command was first available in ExtremeWare XOS 11.1.

ExtremeWare XOS 11.3 Command Reference

1687

Troubleshooting Commands

Platform Availability
This command is available on all platforms.

1688

ExtremeWare XOS 11.3 Command Reference

CNA Agent Commands

The Converged Network Analyzer (CNA) Agent is part of the CNA software used to test network conditions from Avaya Inc. You use the CNA Agent only if your network includes an Avaya solution that uses CNA. The entire CNA software package consists of multiple parts. The user interface is a combination of a Java applet hosted from the CNA Server and a Command Line Interface (CLI). You obtain all parts (except the CNA Agent) from your Avaya representative, along with the accompanying documentation. You configure and manage the CNA Agent using the CLI. The CNA Agent is a downloadable software module that you use when running the Avaya CNA software.

NOTE
You must download and install the SSH software module prior to downloading and installing the CNA Agent software module.

Using the CNA software, the CNA Agent runs the requested tests and returns the test results. The CNA Agent runs the following tests as directed by the CNA Server:

Traceroute RTP Ping TCPconnect Merge

You enable the software and configure the CNA Agent to communicate with the CNA Server, to clear the test counters, and to display connection status and test results.

ExtremeWare XOS 11.3 Command Reference

1689

CNA Agent Commands

clear cna-testplug counters


clear cna-testplug counters

Description
Clears all counters maintained by the CNA Agent and resets the counters to zero.

Syntax Description
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
You can also use the clear counters command to reset the internal counters for the CNA Agent and return them to 0.

Example
The following command clears all the counters on the CNA Agent and returns the values to zero:
clear cna-testplug counters

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1690

ExtremeWare XOS 11.3 Command Reference

configure cna-testplug scheduler ipaddress

configure cna-testplug scheduler ipaddress


configure cna-testplug scheduler ipaddress <ip_address>

Description
Configures the IP address of the CNA Server using open SSL; you enter the IP address of the CNA server.

Syntax
ip_address Specifies the IP address of the CNA Server that communicates with the CNA Agent to schedule tests and receive the results.

Default
N/A.

Usage Guidelines
Use this command to configure the CNA Agent with the IP address of the CNA Server. The CNA Server requests the timing and type of networking testing, and the CNA Agent runs the tests. NOTE
You use the CNA Agent only if you are running the Avaya CNA solution; you must have other pieces of the CNA (available from Avaya) to run these tests.

You enter the IP address of the CNA server. This command sets up the encryption key that is subsequently used for all communication between the CNA Agent and the CNA Server.

NOTE
You must have previously installed the SSH downloadable software module, which contains SSL, to use the CNA Agent software.

Example
The following command enters the CNA Servers IP address to 10.6.13.116; the CNA Agent uses this IP address to communicate with the CNA Server:
configure cna-testplug scheduler ipaddress 10.6.13.116

History
This command was first available in ExtremeWare XOS 11.2.

ExtremeWare XOS 11.3 Command Reference

1691

CNA Agent Commands

Platform Availability
This command is available on all platforms.

1692

ExtremeWare XOS 11.3 Command Reference

configure cna-testplug vlan

configure cna-testplug vlan


configure cna-testplug vlan <vlan_name>

Description
Configures the CNA Agent (test plug) to an interface. By default, the CNA Agent is bound to the Default VLAN.

Syntax
valn_name Specifies which interface IP address the CNA Server uses to communicate with the CNA Agent.

Default
Default VLAN.

Usage Guidelines
The interface IP address is specified when setting up the SSL connection with the CNA Server (when you issue the configure cna-testplug scheduler ipaddress command. The CNA Server attempts to establish the socket connection on the interface specified in the configure cna-testplug vlan interface to conduct the actual tests. The system uses the primary IP address if the VLAN has more than one IP address. By default, the CNA Server uses the Default VLAN.

NOTE
Extreme Networks recommends that you put IP telephones on the same virtual router.

Example
The following command instructs the CNA Server to use the interface associated with VLAN gateway to conduct tests:
configure cna-testplug vlan gateway

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1693

CNA Agent Commands

disable cna-testplug
disable cna-testplug

Description
Disables the CNA Agent.

Syntax
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
You must enable the CNA Agent before it can run the network tests requested by the CNA Server

Example
The following command disables the CNA Agent:
disable cna-testplug

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1694

ExtremeWare XOS 11.3 Command Reference

enable cna-testplug

enable cna-testplug
enable cna-testplug

Description
Enables the CNA Agent (test plug). Once enabled, the CNA Agent coordinates with the CNA Server to test the network for throughput.

Syntax
This command has no arguments or variables.

Default
Disabled.

Usage Guidelines
If you previously configured the IP address for the CNA Server and the VLAN interface, the CNA Agent immediately registers with the CNA Server upon being enabled and begins running the requested tests.

Example
The following command enables the CNA Agent:
enable cna-testplug

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

ExtremeWare XOS 11.3 Command Reference

1695

CNA Agent Commands

show cna-testplug
show cna-testplug

Description
Displays the statistics and connection status with the CNA software from Avaya. The display includes configured CNA Agent (test plug) and CNA Server (scheduler) connections and the number of tests conducted on each connection

Syntax
This command has no arguments or variables.

Default
N/A.

Usage Guidelines
This command displays the following information:

Hardware NameThe name of the Extreme Networks device running the CNA Agent (test plug) Firmware versionThe version of ExtremeWare XOS firmware running on the device Interface VLANVLAN (and virtual router) interface the CNA Server uses to schedule and run the tests IP address on the interfaceIP address of the interface the CNA Server uses; the connection on which the CNA Agent tests and sends results CNA Test plug versionVersion of CNA Agent (test plug) software, in the following format: MajorRev.MinorRev.Build Interface version with SchedulerShows compatibility between the CNA Agent (test plug) and the CNA Server (scheduler) software Enabled or Disabled StatusConnection status to the CNA Server:

Registered Unregistered

ErrorsNumber of errors in tests of connectivity Total tests receivedTotal test requests received by the CNA Agent Scheduler (SBC)IP address and port number on which the CNA Server communicates with the CNA Agent; the connection on which the CNA Agent listens Listening ports

Test requests(from ANS)Number of tests that the CNA Agent was requested to run by the Adaptive Networking Software (ANS) on the CNA Server RTP test requests(from test plugs)Number of RTP streams that the CNA Agent initiates

1696

ExtremeWare XOS 11.3 Command Reference

show cna-testplug

RTP and Traceroute responses(from test plugs)Number of responses by the CNA Agent to requests for RTP and Traceroute tests

Last TestLast test that CNA Agent performed Result Last TestResults of the last test, which the CNA Agent sends to the CNA Server TestTests run by the CNA Agent CountNumber of tests successfully run

Example
The following command displays CNA Agent statistics and connection status on the BlackDiamond 10K series switch:
show cna-testplug HW Name: BlackDiamond 10808 Firmware Version: 11.3.0.4 Interface VLAN: "Default" on Virtual router "VR-Default" IP address of the Interface: 10.203.135.61 CNA Testplug version: 3.0.1 Interface version with Scheduler:17 Admin: Enabled Status: Registered Errors: 29846 Total tests received: 58338 Scheduler (SBC): 10.203.128.123: 20000: Listening ports --Test requests(from ANS): 50000 --RTP test requests(from test plugs): 50001 --RTP and Traceroute responses(from test plugs): 50015 Last Test: Ping to 10.203.135.61 Result Last Test: ping results: rtt: 2.292000, loss: 0.000000 Results: TEST COUNT FAILED -------------Traceroute 65489 0 RTP 51403 0 Ping 101549 0 Tcpconnect 36455 0 Merge 50 0

The following command displays CNA Agent statistics and connection status on the Summit X450 switch:
show cna HW Name: Firmware version: Interface VLAN: IP address of the Interface: CNA Test plug version: CNA Interface version: Admin: Status: Errors: SummitX450-24t 11.3.0.11 "Default" on Virtual router "VR-Default" 10.203.128.126 3.0.2 17 Enabled Registered 22

ExtremeWare XOS 11.3 Command Reference

1697

CNA Agent Commands


Total tests received: 23529 Scheduler (SBC): 10.203.128.127 Listening ports --Test requests(from ANS): 50000 --RTP test requests(from test plugs): 50001 --RTP and Traceroute responses(from test plugs): 50016 Last Test: RTP to 10.203.128.124 Result Last Test: delay: 0.136375, jitter: 0.007525, loss: 0.000000(in milli secs) Test Results: Name ---Traceroute RTP Ping Tcpconnect Merge

COUNT -----74898 145146 0 0 93

FAILED -----0 22 0 0 0

History
This command was first available in ExtremeWare XOS 11.2.

Platform Availability
This command is available on all platforms.

1698

ExtremeWare XOS 11.3 Command Reference

Added, Modified, and Deleted Commands

The following is a list of the commands that were added, modified or deleted from one release of ExtremeWare XOS to the next. This list covers only commands that were newly added or deleted, or commands that had keywords added or modified for the release. Changes to command defaults or behavior is not captured here.

ExtremeWare XOS Release 11.3


The changes captured here are changes from the first release of ExtremeWare XOS 11.2 (release number 11.2.2.4), to the first release of ExtremeWare XOS 11.3.

New Commands for Release 11.3


The following are the commands that were added for ExtremeWare XOS release 11.3:
clear counters ports clear lacp counters configure access-list add configure access-list delete configure netlogin local-user configure netlogin ports mode configure ospf restart configure ospf restart grace-period configure ospf restart-helper configure power supply configure sharing lacp system-priority configure sys-recovery-level slot create access-list delete access-list disable ospf restart-helper-lsa-check enable dos-protect simulated enable ospf restart-helper-lsa-check restart process show access-list dynamic show access-list dynamic counter show access-list dynamic rule show lacp show lacp lag show lacp member-port show ports utilization

ExtremeWare XOS 11.3 Command Reference

1699

Added, Modified, and Deleted Commands

Modified Commands for Release 11.3


The following are the commands that had keywords added for ExtremeWare XOS release 11.3:
clear access-list counter configure access-list configure netlogin add mac-list create netlogin local-user enable sharing grouping reboot show access-list show access-list counter show fdb show ports collisions show ports configuration show ports packet show ports qosmonitor show ports rxerrors show ports statistics show ports txerrors unconfigure access-list

Deleted Commands for Release 11.3


The following are the commands that were deleted for ExtremeWare XOS release 11.3:
clear counters vlan

1700

ExtremeWare XOS 11.3 Command Reference

Index of Commands
C
check policy, 650 check policy attribute, 651 clear access-list counter, 658 clear access-list meter, 660 clear account lockout, 40 clear bgp flap-statistics, 1413 clear bgp neighbor counters, 1411 clear bgp neighbor flap-statistics, 1413 clear cna-testplug counters, 1690 clear counters, 457 clear counters edp, 283 clear counters ports, 281 clear counters stp, 938 clear counters vrrp, 1043 clear cpu-monitoring, 238 clear elrp counters, 1653 clear esrp counters, 983 clear esrp neighbor, 985 clear esrp sticky, 986 clear fdb, 638 clear igmp group, 1527 clear igmp snooping, 1528 clear inline-power stats ports, 412 clear iparp, 1067 clear lacp counters, 282 clear log, 458 clear log counters, 459 clear mld group, 1584 clear mld snooping, 1585 clear netlogin state, 832 clear netlogin state mac-address, 833 clear ospf counters, 1283 clear ospfv3 counters, 1352 clear pim cache, 1529 clear rip counters, 1210 clear ripng counters, 1248 clear session, 41 clear slot, 284 clear vlan dhcp-address-allocation, 732 config inline-power priority ports, 421 configure access-list, 661 configure access-list add, 663 configure access-list delete, 665 configure account, 42 configure account password-policy validation, 44 configure account password-policy history, 46 configure account password-policy lockout-onlogin-failures, 48 configure account password-policy max-age, 50 configure account password-policy min-length, 52 configure banner, 54 configure bgp add aggregate-address, 1415 configure bgp add confederation-peer sub-ASnumber, 1417 configure bgp add network, 1418 configure bgp AS-number, 1419 configure bgp cluster-id, 1420 configure bgp confederation-id, 1421 configure bgp delete aggregate-address, 1422 configure bgp delete confederation-peer sub-ASnumber, 1423 configure bgp delete network, 1424 configure bgp export shutdown-priority, 1425 configure bgp import-policy, 1427 configure bgp local-preference, 1428 configure bgp med, 1430 configure bgp neighbor dampening, 1431 configure bgp neighbor description, 1433 configure bgp neighbor maximum-prefix, 1434 configure bgp neighbor next-hop-self, 1436 configure bgp neighbor no-dampening, 1437 configure bgp neighbor password, 1438 configure bgp neighbor peer-group, 1440 configure bgp neighbor route-policy, 1442 configure bgp neighbor route-reflector-client, 1443 configure bgp neighbor send-community, 1445 configure bgp neighbor shutdown-priority, 1447 configure bgp neighbor soft-reset, 1448 configure bgp neighbor source-interface, 1450 configure bgp neighbor timer, 1451 configure bgp neighbor weight, 1452 configure bgp peer-group dampening, 1454 configure bgp peer-group maximum-prefix, 1456 configure bgp peer-group next-hop-self, 1458 configure bgp peer-group no-dampening, 1459 configure bgp peer-group password, 1462 configure bgp peer-group remote-AS-number, 1463 configure bgp peer-group route-policy, 1464 configure bgp peer-group route-reflector-client, 1460 configure bgp peer-group send-community, 1461

char-

ExtremeWare XOS 11.3 Command Reference

1701

Index of Commands configure bgp peer-group soft-reset, 1465 configure bgp peer-group source-interface, 1467 configure bgp peer-group timer, 1469 configure bgp peer-group weight, 1471 configure bgp routerid, 1472 configure bgp soft-reconfiguration, 1473 configure bootprelay add, 1068 configure bootprelay delete, 1069 configure bootprelay dhcp-agent information check, 1070 configure bootprelay dhcp-agent information option, 1071 configure bootprelay dhcp-agent information policy, 1073 configure cli max-failed-logins, 56 configure cli max-sessions, 55 configure cna-testplug scheduler ipaddress, 1691 configure cna-testplug vlan, 1693 configure debug coredumps, 1654 configure diffserv examination code-point, 689 configure diffserv replacement, 691 configure dns-client add, 57 configure dns-client default-domain, 59 configure dns-client delete, 60 configure dos-protect acl-expire, 733 configure dos-protect interval, 734 configure dos-protect trusted-ports, 735 configure dos-protect type l3-protect alertthreshold, 737 configure dos-protect type l3-protect notifythreshold, 738 configure dot1p type, 693 configure eaps add control vlan, 893 configure eaps add protect vlan, 895 configure eaps delete control vlan, 896 configure eaps delete protect vlan, 897 configure eaps failtime, 898 configure eaps failtime expiry-action, 900 configure eaps fast-convergence, 902 configure eaps hellotime, 904 configure eaps mode, 906 configure eaps name, 907 configure eaps port, 908 configure eaps shared-port link-id, 910 configure eaps shared-port mode, 911 configure eaps shared-port segment-timeout expiry-action, 912 configure edp advertisement-interval, 285 configure elrp-client one-shot, 1656 configure elrp-client periodic, 1658 configure esrp add elrp-poll ports, 988 configure esrp add master, 989 configure esrp add member, 990 configure esrp add track-environment, 991 configure esrp add track-iproute, 992 configure esrp add track-ping, 993 configure esrp add track-vlan, 994 configure esrp delete elrp-poll ports, 995 configure esrp delete master, 996 configure esrp delete member, 997 configure esrp delete track-environment, 998 configure esrp delete track-iproute, 999 configure esrp delete track-ping, 1000 configure esrp delete track-vlan, 1001 configure esrp domain-id, 1002 configure esrp election-policy, 1003 configure esrp elrp-master-poll disable, 1006 configure esrp elrp-master-poll enable, 1007 configure esrp elrp-premaster-poll disable, 1009 configure esrp elrp-premaster-poll enable, 1010 configure esrp group, 1012 configure esrp mode, 1014 configure esrp name, 1016 configure esrp ports mode, 1017 configure esrp ports no-restart, 1018 configure esrp ports restart, 1019 configure esrp ports weight, 1020 configure esrp priority, 1022 configure esrp timer hello, 1023 configure esrp timer neighbor, 1025 configure esrp timer neutral, 1027 configure esrp timer premaster, 1028 configure esrp timer restart, 1030 configure failsafe-account, 62 configure fdb agingtime, 639 configure firmware, 1614 configure idletimeout, 64 configure igmp, 1530 configure igmp snooping flood-list, 1532 configure igmp snooping leave-timeout, 1534 configure igmp snooping timer, 1535 configure igmp snooping vlan ports add static group, 1536 configure igmp snooping vlan ports add static router, 1539 configure igmp snooping vlan ports delete static group, 1538 configure igmp snooping vlan ports delete static router, 1540 configure igmp snooping vlan ports filter, 1541 configure inline-power budget slot, 414 configure inline-power disconnect-precedence, 416 configure inline-power label ports, 418 configure inline-power operator-limit ports, 420 configure inline-power usage-threshold, 422 configure iparp add, 1074 configure iparp add proxy, 1075

1702

ExtremeWare XOS 11.3 Command Reference

Index of Commands configure iparp delete, 1077 configure iparp delete proxy, 1078 configure iparp max_entries, 1080 configure iparp max_pending_entries, 1081 configure iparp max_proxy_entries, 1082 configure iparp timeout, 1083 configure ip-mtu vlan, 286 configure iproute add, 1084, 1163, 1168 configure iproute add blackhole, 1085, 1164 configure iproute add blackhole default, 1086 configure iproute add blackhole ipv6 default, 1165 configure iproute add default, 1087, 1167 configure iproute delete, 1088 configure iproute delete blackhole, 1089, 1169 configure iproute delete blackhole default, 1090 configure iproute delete blackhole ipv6 default, 1170 configure iproute delete default, 1091, 1171 configure iproute ipv6 priority, 1172 configure iproute priority, 1092 configure ipv6acl address-mask, 666 configure irdp, 1094 configure jumbo-frame size, 288 configure lldp ports management-address, 380 configure lldp ports port-description, 381 configure lldp ports system-capabilities, 382 configure lldp ports system-description, 383 configure lldp ports system-name, 384 configure lldp ports system-name vendor-specific dot1 port-vlan-id, 385 configure lldp ports vendor-specific dot1 portprotocol-vlan-ID, 386 configure lldp ports vendor-specific dot1 vlanname, 388 configure lldp ports vendor-specific dot3 linkaggregation, 390 configure lldp ports vendor-specific dot3 macphy, 391 configure lldp ports vendor-specific dot3 maxframe-size, 392 configure lldp ports vendor-specific dot3 powervia-mdi, 393 configure lldp reinitialize-delay, 395 configure lldp snmp-notification-interval, 396 configure lldp transmit-delay, 397 configure lldp transmit-hold, 398 configure lldp transmit-interval, 399 configure log display, 461 configure log filter events, 463 configure log filter events match, 466 configure log filter events strict-match, 466 configure log target filter, 470 configure log target format, 473 configure log target match, 477 configure log target severity, 479 configure log target syslog, 481 configure mirroring add, 290 configure mirroring delete, 292 configure mld, 1586 configure mld snooping flood-list, 1593 configure mld snooping leave-timeout, 1595 configure mld snooping timer, 1596 configure mld snooping vlan ports add static group, 1588 configure mld snooping vlan ports add static router, 1591, 1592 configure mld snooping vlan ports delete static group, 1590 configure neighbor-discovery cache add, 1174 configure neighbor-discovery cache delete, 1162, 1175 configure netlogin add mac-list, 834 configure netlogin banner, 836 configure netlogin base-url, 837 configure netlogin delete mac-list, 838 configure netlogin dot1x eapol-transmit-version, 839 configure netlogin dot1x guest-vlan, 840 configure netlogin dot1x timers, 842 configure netlogin move-fail-action, 845 configure netlogin redirect-page, 850 configure netlogin vlan, 851 configure node priority, 106 configure ospf add virtual-link, 1289 configure ospf add vlan area, 1290 configure ospf add vlan area link-type, 1291 configure ospf area add range, 1294 configure ospf area delete range, 1295 configure ospf area external-filter, 1292 configure ospf area interarea-filter, 1293 configure ospf area normal, 1296 configure ospf area nssa stub-default-cost, 1297 configure ospf area stub stub-default-cost, 1299 configure ospf area timer, 1300 configure ospf ase-limit, 1302 configure ospf ase-summary add cost, 1303 configure ospf ase-summary delete, 1304 configure ospf authentication, 1287 configure ospf cost, 1285 configure ospf delete virtual-link, 1305 configure ospf delete vlan, 1306, 1371 configure ospf import-policy, 1307, 1373 configure ospf lsa-batch-interval, 1308 configure ospf metric-table, 1309, 1380 configure ospf priority, 1286 configure ospf restart, 1310 configure ospf restart grace-period, 1311

ExtremeWare XOS 11.3 Command Reference

1703

Index of Commands configure ospf restart-helper, 1312 configure ospf routerid, 1314, 1381 configure ospf spf-hold-time, 1315 configure ospf timer, 1300, 1316, 1321, 1384 configure ospf virtual-link timer, 1316, 1384 configure ospf vlan area, 1318 configure ospf vlan neighbor add, 1319 configure ospf vlan neighbor delete, 1320 configure ospf vlan timer, 1321 configure ospfv3 add interface, 1354 configure ospfv3 add tunnel, 1354 configure ospfv3 add tunnel all, 1356 configure ospfv3 add virtual-link, 1358 configure ospfv3 add vlan, 1354 configure ospfv3 add vlan all, 1356 configure ospfv3 area add range, 1359 configure ospfv3 area cost, 1360 configure ospfv3 area delete range, 1361 configure ospfv3 area external-filter, 1362 configure ospfv3 area interarea-filter, 1364 configure ospfv3 area normal, 1366 configure ospfv3 area priority, 1367 configure ospfv3 area stub, 1368 configure ospfv3 area timer, 1369 configure ospfv3 cost, 1360, 1376 configure ospfv3 delete virtual-link, 1372 configure ospfv3 interface area, 1375 configure ospfv3 interface cost, 1376 configure ospfv3 interface timer, 1378 configure ospfv3 priority, 1367, 1377 configure ospfv3 spf-hold-time, 1383 configure ospfv3 timer, 1369, 1378 configure ospfv3 tunnel cost, 1376 configure ospfv3 vlan area, 1375 configure ospfv3 vlan cost, 1376 configure ospfv3 vlan timer, 1378 configure ospv3 tunnel area, 1375 configure pim add vlan, 1543 configure pim cbsr, 1544 configure pim crp static, 1545 configure pim crp timer, 1547 configure pim crp vlan, 1548 configure pim delete vlan, 1550 configure pim register-checksum-to, 1553 configure pim register-rate-limit-interval, 1551 configure pim register-suppress-interval registerprobe-interval, 1552 configure pim spt-threshold, 1554 configure pim timer vlan, 1555 configure pim vlan trusted-gateway, 1556 configure ports auto off, 294 configure ports auto on, 296 configure ports auto-polarity, 297 configure ports display-string, 298 configure ports limit-learning, 739 configure ports preferred-medium, 299 configure ports qosprofile, 695 configure ports rate-limit egress, 697 configure ports rate-limit flood, 301 configure ports redundant, 302 configure power supply, 108, 109 configure protocol add, 586 configure protocol delete, 588 configure qosprofile ingress ports, 699 configure qosprofile ports, 701 configure qosprofile weight, 703 configure qosscheduler, 705 configure radius server client-ip, 742 configure radius shared-secret, 744 configure radius timeout, 746 configure radius-accounting server client-ip, 748 configure radius-accounting shared-secret, 750 configure radius-accounting timeout, 752 configure rip add vlan, 1211 configure rip delete vlan, 1212 configure rip garbagetime, 1213 configure rip import-policy, 1214 configure rip routetimeout, 1215 configure rip rxmode, 1216 configure rip txmode, 1217 configure rip updatetime, 1218 configure rip vlan cost, 1219 configure rip vlan route-policy, 1220 configure rip vlan rxmode, 1216 configure rip vlan trusted-gateway, 1222 configure rip vlan txmode, 1217 configure ripng add, 1249 configure ripng add tunnel, 1249 configure ripng add vlan, 1249 configure ripng cost, 1256 configure ripng delete, 1250 configure ripng delete tunnel, 1250 configure ripng delete vlan, 1250 configure ripng garbagetime, 1251 configure ripng import-policy, 1252 configure ripng route-policy, 1257 configure ripng routetimeout, 1254 configure ripng trusted-gateway, 1259 configure ripng updatetime, 1255 configure router-discovery add prefix, 1176, 1177 configure router-discovery default-lifetime, 1178 configure router-discovery hop-limit, 1179 configure router-discovery link-mtu, 1180 configure router-discovery managed-config-flag, 1181 configure router-discovery max-interval, 1182 configure router-discovery min-interval, 1183

1704

ExtremeWare XOS 11.3 Command Reference

Index of Commands configure router-discovery other-config-flag, 1184 configure router-discovery reachable-time, 1185 configure router-discovery retransmit-time, 1186 configure router-discovery set prefix, 1187 configure safe-default-script, 65 configure sflow agent ipaddress, 483 configure sflow collector ipaddress, 484 configure sflow max-cpu-sample-limit, 486 configure sflow poll-interval, 487 configure sflow ports sample-rate, 488 configure sflow sample-rate, 490 configure sharing add ports, 304 configure sharing address-based, 306 configure sharing delete ports, 308 configure sharing lacp system-priority, 309 configure slot module, 311 configure snmp add community, 111 configure snmp add trapreceiver, 113 configure snmp delete community, 115 configure snmp delete trapreceiver, 117 configure snmp syscontact, 118 configure snmp syslocation, 119 configure snmp sysname, 120 configure snmpv3 add access, 121 configure snmpv3 add community, 123 configure snmpv3 add filter, 125 configure snmpv3 add filter-profile, 127 configure snmpv3 add group user, 128 configure snmpv3 add mib-view, 130 configure snmpv3 add notify, 132 configure snmpv3 add target-addr, 133 configure snmpv3 add target-params, 135 configure snmpv3 add user, 137 configure snmpv3 add user clone-from, 139 configure snmpv3 delete access, 140 configure snmpv3 delete community, 142 configure snmpv3 delete filter, 143 configure snmpv3 delete filter-profile, 144 configure snmpv3 delete group user, 145 configure snmpv3 delete mib-view, 147 configure snmpv3 delete notify, 149 configure snmpv3 delete target-addr, 150 configure snmpv3 delete target-params, 151 configure snmpv3 delete user, 152 configure snmpv3 engine-boots, 154 configure snmpv3 engine-id, 155 configure sntp-client, 156 configure sntp-client update-interval, 158 configure ssh2 key, 753 configure ssl certificate pregenerated, 755 configure ssl certificate privkeylen, 757 configure ssl privkey pregenerated, 759 configure stpd add vlan, 940 configure stpd default-encapsulation, 943 configure stpd delete vlan, 945 configure stpd forwarddelay, 946 configure stpd hellotime, 947 configure stpd maxage, 948 configure stpd mode, 949 configure stpd ports cost, 950 configure stpd ports link-type, 952 configure stpd ports mode, 954 configure stpd ports priority, 956 configure stpd priority, 957 configure stpd tag, 958 configure sys-health-check interval, 491 configure syslog add, 499 configure syslog delete, 501 configure sys-recovery-level, 494 configure sys-recovery-level slot, 496 configure tacacs server client-ip, 761 configure tacacs shared-secret, 763 configure tacacs timeout, 764 configure tacacs-accounting server client-ip, 765 configure tacacs-accounting shared-secret, 767 configure tacacs-accounting timeout, 768 configure telnet access-profile, 159 configure telnet port, 161 configure telnet vr, 163 configure time, 67 configure timezone, 68 configure tunnel, 1189 configure vlan add ports, 589 configure vlan add ports stpd, 959 configure vlan add secondary-ipaddress, 1095 configure vlan delete ports, 591 configure vlan delete secondary-ipaddress, 1096 configure vlan dhcp-address-range, 769 configure vlan dhcp-lease-timer, 770 configure vlan dhcp-options, 771 configure vlan ipaddress, 592 configure vlan name, 594 configure vlan netlogin-lease-timer, 852 configure vlan protocol, 595 configure vlan qosprofile, 706 configure vlan tag, 597 configure vlan udp-profile, 1097 configure vman add ports, 598 configure vman delete ports, 600 configure vman ethertype, 601 configure vman tag, 602 configure vr add ports, 628 configure vr add protocol, 627 configure vr delete ports, 630 configure vr delete protocol, 629 configure vrrp vlan vrid add ipaddress, 1044 configure vrrp vlan vrid add track-iproute, 1045 configure vrrp vlan vrid add track-ping, 1046

ExtremeWare XOS 11.3 Command Reference

1705

Index of Commands configure vrrp vlan vrid add track-vlan, 1047 configure vrrp vlan vrid advertisement-interval, 1048 configure vrrp vlan vrid authentication, 1049 configure vrrp vlan vrid delete ipaddress, 1050 configure vrrp vlan vrid delete track-iproute, 1051 configure vrrp vlan vrid delete track-ping, 1052 configure vrrp vlan vrid delete track-vlan, 1053 configure vrrp vlan vrid dont-preempt, 1054 configure vrrp vlan vrid preempt, 1055 configure vrrp vlan vrid priority, 1056 cp, 240 create access-list, 669 create account, 72 create bgp neighbor peer-group, 1474 create bgp neighbor remote-AS-number, 1475 create bgp peer-group, 1476 create eaps, 914 create eaps shared-port, 915 create esrp, 1031 create fdbentry vlan ports, 640 create log filter, 503 create netlogin local-user, 853 create ospf area, 1323 create ospfv3 area, 1386 create protocol, 603 create qosprofile, 707 create stpd, 961 create tunnel 6to4, 1190 create tunnel ipv6-in-ipv4, 1191 create virtual-router, 626 create vlan, 604 create vman, 606 create vrrp vlan vrid, 1057 delete vlan, 609 delete vman, 610 delete vrrp vlan vrid, 1058 disable access-list refresh blackhole, 674 disable bgp, 1479 disable bgp aggregation, 1480 disable bgp always-compare-med, 1481 disable bgp community format, 1482 disable bgp export, 1483 disable bgp neighbor, 1485 disable bgp neighbor capability, 1486 disable bgp neighbor remove-private-AS-numbers, 1488 disable bgp neighbor soft-in-reset, 1489 disable bgp neighbor use-ip-router-alert, 1490 disable bgp peer-group, 1491 disable bgp peer-group capability, 1492 disable bgp peer-group remove-private-ASnumber, 1493 disable bgp peer-group soft-in-reset, 1494 disable bgp peer-group use-ip-router-alert, 1495 disable bootp vlan, 1099 disable bootprelay, 1100 disable clear-flow, 882 disable cli space-completion, 76 disable cli-config-logging, 506 disable clipaging, 77 disable cna-testplug, 1694 disable cpu-dos-protect, 773 disable cpu-monitoring, 243 disable dhcp ports vlan, 774 disable dhcp vlan, 165 disable diffserv examination port, 710 disable diffserv replacement port, 711 disable dot1p examination inner-tag port, 611 disable dot1p replacement ports, 712 disable eaps, 918 disable edp ports, 313 disable elrp-client, 1660 disable esrp, 1034 disable icmp address-mask, 1101 disable icmp parameter-problem, 1102 disable icmp port-unreachables, 1103 disable icmp redirects, 1104 disable icmp time-exceeded, 1105 disable icmp timestamp, 1106 disable icmp unreachables, 1107 disable icmp useredirects, 1108 disable idletimeout, 78 disable igmp, 1557 disable igmp snooping, 1558 disable inline-power, 423 disable inline-power legacy slot, 425 disable inline-power ports, 426

D
delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete access-list, 672 account, 74 bgp neighbor, 1477 bgp peer-group, 1478 eaps, 916 eaps shared-port, 917 esrp, 1033 fdbentry, 642 log filter, 505 netlogin local-user, 856 ospf area, 1324 ospfv3 area, 1387 protocol, 608 qosprofile, 709 stpd, 963 tunnel, 1192 virtual-router, 631

1706

ExtremeWare XOS 11.3 Command Reference

Index of Commands disable inline-power slot, 427 disable iparp checking, 1109 disable iparp refresh, 1110 disable ipforwarding, 1111 disable ipforwarding ipv6, 1193 disable ipmcforwarding, 1560 disable ip-option loose-source-route, 1112 disable ip-option record-route, 1113 disable ip-option record-timestamp, 1114 disable ip-option strict-source-route, 1115 disable irdp, 1117 disable jumbo-frame ports, 314 disable learning port, 315 disable lldp ports, 400 disable log debug-mode, 507, 1661 disable log display, 508 disable log target, 509 disable loopback-mode vlan, 612 disable mirroring, 316 disable mld, 1598 disable mld forward-mcrouter-only, 1599 disable mld snooping, 1599 disable mld snooping with-proxy, 1599 disable netlogin, 857 disable netlogin dot1x guest-vlan ports, 858 disable netlogin logout-privilege, 859 disable netlogin ports, 860 disable netlogin session-refresh, 861 disable ospf, 1325 disable ospf capability opaque-lsa, 1326 disable ospf export, 1327, 1389 disable ospf originate-default, 1328 disable ospf restart-helper-lsa-check, 1329 disable ospf use-ip-router-alert, 1330 disable ospfv3, 1388 disable peer-group, 1491 disable pim, 1561 disable port, 317 disable radius, 775 disable radius-accounting, 776 disable rip, 1223, 1261 disable rip aggregation, 1224 disable rip export, 1225 disable rip originate-default, 1226 disable rip poisonreverse, 1227, 1264 disable rip splithorizon, 1228 disable rip triggerupdate, 1229, 1266 disable rip use-ip-router-alert, 1230 disable ripng export, 1262 disable ripng originate-default, 1263 disable ripng splithorizon, 1265 disable rmon, 511 disable router-discovery, 1194 disable sflow, 512 disable sflow ports, 513 disable sharing, 318 disable slot, 319 disable smartredundancy, 321 disable snmp access, 166 disable snmp traps, 167 disable snmp traps lldp, 401 disable sntp-client, 168 disable ssh2, 777 disable stpd, 964 disable stpd auto-bind, 965 disable stpd ports, 966 disable stpd rapid-root-failover, 967 disable sys-health-check, 514 disable syslog, 516 disable tacacs, 778 disable tacacs-accounting, 779 disable tacacs-authorization, 780 disable telnet, 169 disable udp-echo-server, 1118 disable use-ip router-alert, 1116 disable vrrp vrid, 1059 disable watchdog, 170 disable web https, 781 disable xml-mode, 244 download bootrom, 1617 download image, 1620 download ssl certificate, 782 download ssl privkey, 784

E
edit policy, 653 eject memorycard, 1662 enable access-list refresh blackhole, 675 enable bgp, 1496 enable bgp aggregation, 1497 enable bgp always-compare-med, 1498 enable bgp community format, 1499 enable bgp export, 1500 enable bgp neighbor, 1502 enable bgp neighbor capability, 1503 enable bgp neighbor remove-private-AS-numbers, 1505 enable bgp neighbor soft-in-reset, 1506 enable bgp neighbor use-ip-router-alert, 1507 enable bgp peer-group, 1508 enable bgp peer-group capability, 1509 enable bgp peer-group remove-private-ASnumber, 1510 enable bgp peer-group soft-in-reset, 1511 enable bgp peer-group use-ip-router-alert, 1512 enable bootp vlan, 1119 enable bootprelay, 1120

ExtremeWare XOS 11.3 Command Reference

1707

Index of Commands enable clear-flow, 883 enable cli space-completion, 79 enable cli-config-logging, 517 enable clipaging, 80 enable cna-testplug, 1695 enable cpu-monitoring, 245 enable dhcp ports vlan, 788 enable dhcp vlan, 171 enable diffserv examination port, 713 enable diffserv replacement ports, 714 enable dos-protect, 786 enable dos-protect simulated, 787 enable dot1p examination inner-tag port, 613 enable dot1p replacement ports, 716 enable eaps, 919 enable edp ports, 322 enable elrp-client, 1664 enable esrp, 1035 enable flooding port, 643, 645 enable icmp address-mask, 1121 enable icmp parameter-problem, 1122 enable icmp port-unreachables, 1123 enable icmp redirects, 1124 enable icmp time-exceeded, 1125 enable icmp timestamp, 1126 enable icmp unreachables, 1127 enable icmp useredirects, 1128 enable idletimeout, 81 enable igmp, 1562 enable igmp snooping, 1563 enable igmp snooping with-proxy, 1565 enable inline-power, 428 enable inline-power legacy slot, 430 enable inline-power ports, 431 enable inline-power slot, 433 enable iparp checking, 1129 enable iparp refresh, 1130 enable ipforwarding, 1131 enable ipforwarding ipv6, 1195 enable ipmcforwarding, 1566 enable ip-option loose-source-route, 1133 enable ip-option record-route, 1134 enable ip-option record-timestamp, 1135 enable ip-option router-alert, 1137 enable ip-option strict-source-route, 1136 enable iproute sharing, 1138 enable irdp, 1139 enable jumbo-frame ports, 324 enable learning port, 326 enable license, 82 enable lldp ports, 402 enable log debug-mode, 518, 1665 enable log display, 519 enable log target, 520 enable loopback-mode vlan, 614 enable mirroring to port, 327 enable mld, 1601 enable mld snooping, 1602 enable mld snooping forward-mcrouter-only, 1602 enable mld snooping with-proxy, 1604 enable netlogin, 862 enable netlogin dot1x guest-vlan ports, 863 enable netlogin logout-privilege, 865 enable netlogin ports, 866 enable netlogin session-refresh, 868 enable ospf, 1331, 1390 enable ospf capability opaque-lsa, 1332 enable ospf export, 1333 enable ospf originate-default, 1335 enable ospf restart-helper-lsa-check, 1336 enable ospf use-ip-router-alert, 1337 enable ospfv3 export, 1391 enable pim, 1567 enable port, 329 enable radius, 789 enable radius-accounting, 791 enable rip, 1231 enable rip aggregation, 1232 enable rip export, 1233 enable rip originate-default cost, 1235 enable rip poisonreverse, 1236 enable rip splithorizon, 1237, 1272 enable rip triggerupdate, 1238, 1273 enable rip use-ip-router-alert, 1239 enable ripng, 1267 enable ripng export, 1268 enable ripng originate-default, 1270 enable ripng poisonreverse, 1271 enable rmon, 522 enable router-discovery, 1196 enable sflow, 524 enable sflow ports, 525 enable sharing grouping, 330 enable slot, 333 enable smartredundancy, 335 enable snmp access, 172 enable snmp traps, 174 enable snmp traps lldp, 403 enable sntp-client, 175 enable ssh2, 793 enable stpd, 968 enable stpd auto-bind, 969 enable stpd ports, 971 enable stpd rapid-root-failover, 972 enable sys-health-check, 526 enable syslog, 528 enable tacacs, 795

1708

ExtremeWare XOS 11.3 Command Reference

Index of Commands enable tacacs accounting, 796 enable tacacs-authorization, 797 enable telnet, 176 enable udp-echo-server, 1140 enable use-ip-router-alert, 1137 enable vrrp vrid, 1060 enable watchdog, 178 enable web https, 798 enable xml-mode, 247 exit, 179

S
save configuration, 1635 save debug tracefiles, 1673 scp2, 800 show access-list, 676 show access-list configuration, 678 show access-list counter, 679 show access-list dynamic, 681 show access-list dynamic counter, 682 show access-list dynamic rule, 683 show access-list meter, 684 show accounts, 89 show accounts password-policy, 91 show banner, 93 show banner netlogin, 869 show bgp, 1513 show bgp memory, 1523 show bgp neighbor, 1514 show bgp neighbor accepted-routes, 1517 show bgp neighbor flap-statistics, 1515 show bgp neighbor received-routes, 1517 show bgp neighbor rejected-routes, 1517 show bgp neighbor routes, 1517 show bgp neighbor suppressed-routes, 1517 show bgp neighbor transmitted-routes, 1517 show bgp peer-group, 1519 show bgp routes, 1520 show bgp routes summary, 1522 show bootprelay, 1142 show checkpoint-data, 183 show clear-flow, 884 show clear-flow acl-modified, 885 show clear-flow rule, 886 show clear-flow rule-all, 888 show clear-flow rule-triggered, 890 show cna-testplug, 1696 show configuration, 297, 1638 show debug, 1675 show dhcp-client state, 182 show dhcp-server, 803 show diagnostics, 1677 show diffserv, 718 show dns-client, 94 show dos-protect, 804 show dot1p, 720 show eaps, 921 show eaps shared-port, 925 show edp, 339 show elrp, 1680 show esrp, 1036 show esrp counters, 1039 show fans, 529 show fdb, 647

H
history, 84

I
install bootrom, 1627 install firmware, 1629 install image, 1631

L
logout, 180 ls, 248

M
mv, 250

N
nslookup, 1666

P
ping, 85

Q
quit, 181

R
reboot, 87 refresh policy, 655 reset inline-power ports, 435 restart ports, 336 restart process, 253 rm, 255 rtlookup, 1141, 1197 run diagnostics, 1668 run elrp, 1671 run msm-failover, 337 run update, 1634

ExtremeWare XOS 11.3 Command Reference

1709

Index of Commands show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show heartbeat process, 260 igmp, 1568 igmp group, 1570 igmp snooping, 1571 igmp snooping vlan filter, 1573 igmp snooping vlan static, 1574 inline-power, 436 inline-power configuration ports, 439 inline-power info ports, 441 inline-power slot, 444 inline-power stats ports, 446 inline-power stats slot, 448 iparp, 1143 iparp proxy, 1146 ipconfig, 1147 ipconfig ipv6, 1198 iproute, 1148 iproute ipv6, 1199 iproute ipv6 origin, 1200 iproute origin, 1149 ipstats, 1150, 1201 l2stats, 1575 lacp, 341 lacp lag, 343 lacp member-port, 347 licenses, 95 lldp, 404 lldp neighbors, 406 lldp statistics, 408 log, 532 log components, 536 log configuration, 540 log configuration filter, 542 log configuration target, 544 log counters, 547 log events, 549 management, 185 memory, 263 memory process, 267 memorycard, 1640 mirroring, 350 mld, 1605 mld group, 1607 mld snooping, 1608 mld snooping vlan static, 1610 neighbor-discovery cache ipv6, 1202 netlogin, 870 netlogin local-users, 875 netlogin mac-list, 877 netlogin ports, 870 node, 187 odometers, 189 ospf, 1338 ospf area, 1339 show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show show ospf area detail, 1340 ospf ase-summary, 1341 ospf interfaces, 1343, 1397 ospf interfaces detail, 1342 ospf memory, 1346 ospf neighbor, 1347, 1404 ospf virtual-link, 1348 ospfv3, 1393 ospfv3 area, 1395 ospfv3 memory, 1403 ospfv3 virtual-link, 1405 pim, 1576 pim cache, 1578 pim rp-set, 1576 platform, 1682 policy, 656 ports collisions, 352 ports configuration, 354 ports information, 357 ports packet, 361 ports qosmonitor, 722 ports redundant, 363 ports rxerrors, 551 ports sharing, 364 ports statistics, 554 ports txerrors, 557 ports utilization, 366 power, 192 power budget, 195 power controller, 199 powersupplies, 192 process, 269 protocol, 615 qosprofile, 724 radius, 806 radius-accounting, 809 rip, 1240 rip interface, 1241 rip interface vlan, 1243 rip memory, 1244 rip routes, 1245, 1278 ripng, 1274 ripng interface, 1276 rmon memory, 560 router-discovery, 1204 session, 201 sflow configuration, 563 sflow statistics, 565 slot, 370 snmpv3 access, 203 snmpv3 context, 206 snmpv3 counters, 207 snmpv3 engine-info, 209 snmpv3 extreme target-addr-extr, 222

1710

ExtremeWare XOS 11.3 Command Reference

Index of Commands show snmpv3 filter, 210 show snmpv3 filter-profile, 212 show snmpv3 group, 214 show snmpv3 mib-view, 217 show snmpv3 notify, 219 show snmpv3 target-addr, 220 show snmpv3 target-params, 223 show snmpv3 user, 225 show sntp-client, 227 show ssl, 811 show stpd, 973 show stpd ports, 975 show switch, 97 show tacacs, 813 show tacacs-accounting, 815 show tech, 1683 show temperature, 567 show tunnel, 1206 show udp-profile, 1153 show version, 569 show virtual-router, 632 show vlan, 616 show vlan dhcp-address-allocation, 817 show vlan dhcp-config, 818 show vlan eaps, 930 show vlan stpd, 977 show vman, 620 show vr, 632 show vrrp, 1061 show vrrp vlan, 1063 ssh2, 819 start process, 275 synchronize, 1641 unconfigure eaps shared-port link-id, 932 unconfigure eaps shared-port mode, 933 unconfigure elrp-client, 1687 unconfigure icmp, 1157 unconfigure igmp, 1580 unconfigure inline-power budget slot, 450 unconfigure inline-power disconnect-precedence, 451 unconfigure inline-power operator-limit ports, 452 unconfigure inline-power priority ports, 453 unconfigure inline-power usage-threshold, 454 unconfigure iparp, 1158 unconfigure irdp, 1159 unconfigure lldp, 410 unconfigure log filter, 573 unconfigure log target format, 574 unconfigure mld, 1611 unconfigure netlogin dot1x guest-vlan, 878 unconfigure netlogin vlan, 879 unconfigure ospf, 1349 unconfigure ospfv3, 1406 unconfigure pim, 1581 unconfigure ports display-string, 375 unconfigure ports redundant, 376 unconfigure qosprofile, 728 unconfigure radius, 822 unconfigure radius-accounting, 824 unconfigure rip, 1246 unconfigure ripng, 1280 unconfigure sflow, 576 unconfigure sflow agent, 577 unconfigure sflow collector ipaddress, 578 unconfigure sflow ports, 580 unconfigure slot, 377 unconfigure stpd, 979 unconfigure stpd ports link-type, 980 unconfigure switch, 1644 unconfigure tacacs, 826 unconfigure tacacs-accounting, 827 unconfigure tunnel, 1207 unconfigure udp-profile, 1160 unconfigure vlan dhcp, 828 unconfigure vlan dhcp-address-range, 829 unconfigure vlan dhcp-options, 830 unconfigure vlan ipaddress, 622 uninstall image, 1645 upload debug-info memorycard, 1673 upload log, 581 use configuration, 1647 use image, 1649

T
telnet, 229 telnet msm, 231 terminate process, 277 tftp, 233 top, 1685 traceroute, 100

U
unconfigure access-list, 685 unconfigure bootprelay dhcp-agent information check, 1154 unconfigure bootprelay dhcp-agent information option, 1155 unconfigure bootprelay dhcp-agent information policy, 1156 unconfigure diffserv, 727 unconfigure eaps port, 934

V
virtual-router, 634

ExtremeWare XOS 11.3 Command Reference

1711

Index of Commands

1712

ExtremeWare XOS 11.3 Command Reference

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy