PicOS Routing and Switching Commands Reference Guide

Transcription

1 PicOS Routing and Switching Commands Reference Guide January, 2015 Version: 37 Pica8, Inc Elwell Court, Suite 105 Palo Alto, CA (650) Copyright 2015 Pica8 Inc. Pica8 is a registered trademark of Pica8 Incorporated, PicOS is a trademark of Pica8 Incorporated. All rights reserved. All other trademarks are property of their respective owners.

2 Contents Interface Configuration Commands 21 VLAN Configuration Commands 25 Firewall Configuration Commands 26 QoS Configuration Commands 27 multicast_interface Configuration Commands 28 Protocol Configuration Commands 29 Open-Flow Configuration Command 36 System Configuration Commands 39 Interface Configuration Commands 41 interface aggregate-balancing hash-mapping field ethernet-destination-address disable 44 interface aggregate-balancing hash-mapping field ethernet-source-address disable 44 interface aggregate-balancing hash-mapping field ethernet-type disable 45 interface aggregate-balancing hash-mapping field ingress-interface disable 45 interface aggregate-balancing hash-mapping field ip-destination disable 46 interface aggregate-balancing hash-mapping field ip-protocol disable 46 interface aggregate-balancing hash-mapping field ip-source disable 47 interface aggregate-balancing hash-mapping field port-destination disable 47 interface aggregate-balancing hash-mapping field port-source disable 48 interface aggregate-balancing hash-mapping field vlan disable 48

3 interface aggregate-ethernet <lag> 49 interface aggregate-ethernet <lag> aggregated-ether-options flow-control 49 interface aggregate-ethernet <lag> aggregated-ether-options lacp enable 49 interface aggregate-ethernet <lag> aggregated-ether-options min-selected-port 50 interface aggregate-ethernet <lag> aggregated-ether-options mlag disable 50 interface aggregate-ethernet <lag> aggregated-ether-options mlag domain-id 51 interface aggregate-ethernet <lag> aggregated-ether-options mlag hello-interval 52 interface aggregate-ethernet <lag> aggregated-ether-options mlag peer <ipv4> peer-link 52 interface aggregate-ethernet <lag> aggregated-ether-options mlag priority 53 interface aggregate-ethernet <lag> aggregated-ether-options mlag system-id 53 interface aggregate-ethernet <lag> backup-port delay 54 interface aggregate-ethernet <lag> backup-port interface 54 interface aggregate-ethernet <lag> backup-port mode 54 interface aggregate-ethernet <lag> crossflow enable 55 interface aggregate-ethernet <lag> crossflow local-control 55 interface aggregate-ethernet <lag> description 56 interface aggregate-ethernet <lag> disable 56 interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling egress 57 interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling ether-type 57 interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling ingress 58 interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling mode 58 interface aggregate-ethernet <lag> family ethernet-switching native-vlan-id 59 interface aggregate-ethernet <lag> family ethernet-switching port-mode 59 interface aggregate-ethernet <lag> family ethernet-switching vlan members 60 interface aggregate-ethernet <lag> hash-mapping mode 60 interface aggregate-ethernet <lag> mtu 61 interface aggregate-ethernet <lag> port-security block 61 interface aggregate-ethernet <lag> port-security mac-address 62 interface aggregate-ethernet <lag> port-security mac-limit 62

4 interface aggregate-ethernet <lag> port-security sticky 62 interface aggregate-ethernet <lag> port-security violation 63 interface aggregate-ethernet <lag> snmp-trap 63 interface aggregate-ethernet <lag> static-ethernet-switching mac-address <macaddr> vlan 64 interface aggregate-ethernet <lag> storm-control <mode> pps 64 interface bpdu-tunneling destination-mac 65 interface cut-through-mode 65 interface ecmp hash-mapping field ingress-interface disable 66 interface ecmp hash-mapping field ip-destination disable 66 interface ecmp hash-mapping field ip-protocol disable 67 interface ecmp hash-mapping field ip-source disable 67 interface ecmp hash-mapping field port-destination disable 67 interface ecmp hash-mapping field port-source disable 68 interface ecmp hash-mapping field vlan disable 68 interface ecmp max-path 69 interface ethernet-switching-options analyzer <text> <in/out> <traffic-interface mode> 69 interface ethernet-switching-options buffer queue-limit 70 interface ethernet-switching-options mac-table-aging-time 70 Interface ethernet-switching-options port-error-discard timeout 71 interface gigabit-ethernet <port> backup-port delay 71 interface gigabit-ethernet <port> backup-port interface 71 interface gigabit-ethernet <port> backup-port mode 72 interface gigabit-ethernet <port> crossflow enable 72 interface gigabit-ethernet <port> crossflow local-control 73 interface gigabit-ethernet <port> description 73 interface gigabit-ethernet <port> disable 74 interface gigabit-ethernet <port> ether-options 802.3ad 74 interface gigabit-ethernet <port> ether-options flow-control 74 interface gigabit-ethernet <port> family ethernet-switching bpdu-tunneling protocol 75

5 interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling egress 75 interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling ether-type 76 interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling ingress 76 interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling mode 77 interface gigabit-ethernet <port> family ethernet-switching native-vlan-id 77 interface gigabit-ethernet <port> family ethernet-switching port-mode 78 interface gigabit-ethernet <port> family ethernet-switching vlan members 78 interface gigabit-ethernet <port> mtu 78 interface gigabit-ethernet <port> port-security block 79 interface gigabit-ethernet <port> port-security mac-address 79 interface gigabit-ethernet <port> port-security mac-limit 80 interface gigabit-ethernet <port> port-security sticky 80 interface gigabit-ethernet <port> port-security violation 81 interface gigabit-ethernet <port> power-preemphasis-level 81 interface gigabit-ethernet <port> rate-limiting <ingress/egress> kilobits 82 interface gigabit-ethernet <port> snmp-trap 82 interface gigabit-ethernet <port> speed 83 interface gigabit-ethernet <port> static-ethernet-switching mac-address <macaddr> vlan 83 interface gigabit-ethernet <port> storm-control <mode> pps 84 interface gigabit-ethernet <port> wred queue <value> drop_probability 84 interface gigabit-ethernet <port> wred queue <value> ecn_thresh 85 interface gigabit-ethernet <port> wred queue <value> enable 85 interface gigabit-ethernet <port> wred queue <value> max_thresh 85 interface gigabit-ethernet <port> wred queue <value> min_thresh 86 interface management-ethernet eth0 address 86 interface management-ethernet eth0 gateway 87 interface management-ethernet eth1 address 87 interface management-ethernet eth1 gateway 87 interface max-acl-rule-limit <egress/ingress> 88

6 interface max-route-limit 88 interface qe-interface-mode 89 show interface aggregate-ethernet <lag> 89 show interface aggregate-ethernet <lag> dot1q-tunneling 90 show interface bpdu-tunneling 90 show interface brief 90 show interface detail 91 show interface diagnostics optics all 92 show interface flexlink 92 show interface gigabit-ethernet 92 show interface gigabit-ethernet <interface> 93 show interface management-ethernet eth0 94 VLAN Configuration Commands 96 run clear vlan-interface statistics loopback 96 show vlan-interface 96 show vlan-interface interface 97 show vlans 98 vlan-interface interface <bozo> router-advertisement disable 99 vlan-interface interface <bozo> vif <bozo> address <ip-address> prefix-length 99 vlan-interface interface <bozo> vif <bozo> description 100 vlans dot1q-tunneling egress <bozo> from <vlan-mode> 100 vlans dot1q-tunneling egress <bozo> then action 101 vlans dot1q-tunneling egress <bozo> then service-vlan 101 vlans dot1q-tunneling ingress <bozo> from double-tag service-vlan 102 vlans dot1q-tunneling ingress <bozo> from one-tag customer-vlan-list 102 vlans dot1q-tunneling ingress <bozo> from untag enabled 103 vlans dot1q-tunneling ingress <bozo> then <vlan-mode> 103 vlans-interface loopback address <ip-address> prefix-length 104 vlans vlan-id 104

7 vlans vlan-id <vlan-id> description 104 vlans vlan-id <vlan-id> l3-interface 105 vlans vlan-id <vlan-id> vlan-name 105 Firewall Configuration Commands 107 firewall filter <bozo> description 108 firewall filter <bozo> input interface 108 firewall filter <bozo> input vlan-interface 108 firewall filter <bozo> output interface 109 firewall filter <bozo> output vlan-interface 109 firewall filter <bozo> sequence <int> description 110 firewall filter <bozo> sequence <int> from destination-address-ipv4 110 firewall filter <bozo> sequence <int> from destination-address-ipv6 110 firewall filter <bozo> sequence <int> from destination-mac-address 111 firewall filter <bozo> sequence <int> from destination-port 111 firewall filter <bozo> sequence <int> from ether-type 112 firewall filter <bozo> sequence <int> from iptrust-mode 112 firewallfilter <bozo> sequence <int> from ip value 113 firewall filter <bozo> sequence <int> from protocol icmp 113 firewall filter <bozo> sequence <int> from protocol igmp 114 firewall filter <bozo> sequence <int> from protocol ip 114 firewall filter <bozo> sequence <int> from protocol ospf 115 firewall filter <bozo> sequence <int> from protocol others 115 firewall filter <bozo> sequence <int> from protocol tcp 116 firewall filter <bozo> sequence <int> from protocol tcp flags 116 firewall filter <bozo> sequence <int> from protocol udp 117 firewall filter <bozo> sequence <int> from source-address-ipv4 117 firewall filter <bozo> sequence <int> from source-address-ipv6 118 firewall filter <bozo> sequence <int> from source-mac-address 118 firewall filter <bozo> sequence <int> from source-port 119

8 firewall filter <bozo> sequence <int> from vlan 119 firewall filter <bozo> sequence <int> log interval 120 firewall filter <bozo> sequence <int> then action 120 firewall system-output disable 121 show filter 121 QoS Configuration Commands 123 class-of-service classifier <classifier-name> 123 class-of-service classifier <classifier-name> forwarding-class <forwarding-class-name> code-point <code-point> 124 class-of-service classifier <classifier-name> forwarding-class <forwarding-class-name> schedule <schedule-name> 124 class-of-service classifier <classifier-name> trust-mode <trust-mode> 125 class-of-service forwarding-class <forwarding-class-name> local-priority <local-priority> 125 class-of-service interface <port> classifier <classifier-name> 126 class-of-service schedule <schedule-name> guaranteed-rate <guaranteed-rate> 126 class-of-service schedule <schedule-name> mode SP 126 class-of-service schedule <schedule-name> mode WFQ 127 class-of-service schedule <schedule-name> mode WRR 127 class-of-service schedule <schedule-name> weight <weight-id> 127 interface gigabit-ethernet <port> static-ethernet-switching mac-address <mac-address> vlan <vlan-id> 128 show class-of-service <text> 128 multicast_interface Configuration Commands 130 multicast-interface interface <text> vif <text> disable 130 show multicast interface 130 Protocol Configuration Commands 132 protocols arp aging-time 138 protocols arp interface <interface> address <ipv4-addr> mac-address 138

9 protocols arp interface <interface> inspection disable 138 protocols arp interface <interface> proxy disable 139 protocols bfd interface <interface> detect-multiplier 139 protocols bfd interface <interface> disable 140 protocols bfd interface <interface> min-echo-receive-interval 140 protocols bfd interface <interface> min-receive-interval 140 protocols bfd interface <interface> min-transmit-interval 141 protocols bfd mode 141 protocols bgp aggregate <network> <IPV?net> suppress-detail 142 protocols bgp aggregate network4 <IPV4net> brief-mode 142 protocols bgp auto-summary 143 protocols bgp bgp-id 143 protocols bgp confederation disable 143 protocols bgp confederation identifier 144 protocols bgp damping disable 144 protocols bgp damping half-life 144 protocols bgp damping max-suppress 145 protocols bgp damping reuse 145 protocols bgp damping suppress 145 protocols bgp enable-4byte-as-numbers 146 protocols bgp export 146 protocols bgp fast-external-fallover disable 147 protocols bgp import 147 protocols bgp local-as 147 protocols bgp local-preference 148 protocols bgp med 148 protocols bgp multipath disable 148 protocols bgp multipath path-relax 149 protocols bgp network4 <IPv4Net> 149 protocols bgp network6 <ipv6net> 150

10 protocols bgp peer <text> advertise community disable 150 protocols bgp peer <text> advertise community-ext disable 150 protocols bgp peer <text> allow-as-loop 151 protocols bgp peer <text> as 151 protocols bgp peer <text> bfd disable 152 protocols bgp peer <text> client 152 protocols bgp peer <text> confederation-member 153 protocols bgp peer <text> default-route-advertise disable 153 protocols bgp peer <text> delay-open-time 153 protocols bgp peer <text> disable 154 protocols bgp peer <text> export 154 protocols bgp peer <text> holdtime 155 protocols bgp peer <text> import 155 protocols bgp peer <text> ipv4-multicast 155 protocols bgp peer <text> ipv4-unicast 156 protocols bgp peer <text> ipv6-multicast 156 protocols bgp peer <text> ipv6-unicast 157 protocols bgp peer <text> local-ip 157 protocols bgp peer <text> md5-password 157 protocols bgp peer <text> next-hop-self 158 protocols bgp peer <text> prefix-limit maximum 158 protocols bgp peer <text> public-as-only 159 protocols bgp route-reflector cluster-id 159 protocols bgp route-reflector disable 159 protocols bgp synchronization 160 protocols dhcp option82 disable 160 protocols dhcp relay port <bozo> circuit-id 161 protocols dhcp relay vlan-interface <bozo> dhcp-server-address <numbere> 161 protocols dhcp relay vlan-interface <bozo> disable 161 protocols dhcp snooping binding file 162

11 protocols dhcp snooping binding timeout 162 protocols dhcp snooping disable 162 protocols dhcp snooping port <bozo> trust 163 protocols igmp disable 163 protocols igmp interface <text> vif <text> disable 164 protocols igmp interface <text> vif <text> enable-ip-router-alert-option-check 164 protocols igmp interface <text> vif <text> query-interval 165 protocols igmp interface <text> vif <text> query-last-member-interval 165 protocols igmp interface <text> vif <text> query-response-interval 165 protocols igmp interface <text> vif <text> robust-count 166 protocols igmp interface <text> vif <text> version 166 protocols igmp-snooping enable 167 protocols igmp-snooping last-member-query-count 167 protocols igmp-snooping last-member-query-interval 167 protocols igmp-snooping max-response-time 168 protocols igmp-snooping query-interval 168 protocols igmp-snooping report-suppression 168 protocols igmp-snooping robustness-variable 169 protocols igmp-snooping vlan-id <id> enable 169 protocols igmp-snooping vlan-id <id> fast-leave 170 protocols igmp-snooping vlan-id <id> mrouter interface 170 protocols igmp-snooping vlan-id <id> querier address 171 protocols igmp-snooping vlan-id <id> querier enable 171 protocols igmp-snooping vlan-id <id> querier other-querier-timer 171 protocols igmp-snooping vlan-id <id> querier version 172 protocols igmp-snooping vlan-id <id> static group <IPv4> interface 172 protocols lacp interface <interface> priority 173 protocols lacp priority 173 protocols ospf4 area <area-id1> interface <bozo> vif <bozo> address <ip-address1> neighbor <ip-address2> router-id 173

12 protocols ospf4 area <area-id1> virtual-link <router-id> transmit-area 174 protocols ospf4 area <area-id> area-range <ip-address/netmask> advertise 175 protocols ospf4 area <area-id> area-type 175 protocols ospf4 area <area-id> default-lsa disable 176 protocols ospf4 area <area-id> default-lsa metric 176 protocols ospf4 area <area-id> interface <bozo> link-type 176 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address 177 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> end-time 177 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> max-time-drift 178 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> password 178 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> simple-password 179 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> bfd disable 179 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> disable 180 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> hello-interval 180 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> interface-cost 181 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> passive disable 181 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> priority 182 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> retransmit-interval 182 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> router-dead-interval 183 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> transmit-delay 183 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address authentication md5 <int> start-time 184

13 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address passive host 184 protocols ospf4 area <area-id> summaries disable 185 protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> end-time 185 protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> max-time-drift 186 protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> password 186 protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> simple-password 187 protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> start-time 187 protocols ospf4 area <area-id> virtual-link <router-id> hello-interval 188 protocols ospf4 area <area-id> virtual-link <router-id> retransmit-interval 188 protocols ospf4 area <area-id> virtual-link <router-id> router-dead-interval 189 protocols ospf4 area <area-id> virtual-link <router-id> transmit-delay 189 protocols ospf4 export 190 protocols ospf4 import 190 protocols ospf4 ip-router-alert 190 protocols ospf4 rfc1583-compatibility 191 protocols ospf4 router-id 191 protocols ospf6 area <area-id1> interface <bozo> vif <bozo> neighbor <ip-address> router-id 191 protocols ospf6 area <area-id1> virtual-link <router-id> transmit-area 192 protocols ospf6 area <area-id> area-range <ip-address/netmask> advertise 193 protocols ospf6 area <area-id> area-type 193 protocols ospf6 area <area-id> default-lsa disable 193 protocols ospf6 area <area-id> default-lsa metric 194 protocols ospf6 area <area-id> interface <bozo> link-type 194 protocols ospf6 area <area-id> interface <bozo> vif <bozo> address <ip-address> disable 195 protocols ospf6 area <area-id> interface <bozo> vif <bozo> bfd disable 195

14 protocols ospf6 area <area-id> interface <bozo> vif <bozo> disable 196 protocols ospf6 area <area-id> interface <bozo> vif <bozo> hello-interval 196 protocols ospf6 area <area-id> interface <bozo> vif <bozo> interface-cost 197 protocols ospf6 area <area-id> interface <bozo> vif <bozo> passive 197 protocols ospf6 area <area-id> interface <bozo> vif <bozo> priority 197 protocols ospf6 area <area-id> interface <bozo> vif <bozo> retransmit-interval 198 protocols ospf6 area <area-id> interface <bozo> vif <bozo> router-dead-interval 198 protocols ospf6 area <area-id> interface <bozo> vif <bozo> transmit-delay 199 protocols ospf6 area <area-id> summaries disable 199 protocols ospf6 area <area-id> virtual-link <router-id> hello-interval 200 protocols ospf6 area <area-id> virtual-link <router-id> retransmit-interval 200 protocols ospf6 area <area-id> virtual-link <router-id> router-dead-interval 200 protocols ospf6 area <area-id> virtual-link <router-id> transmit-delay 201 protocols ospf6 export 201 protocols ospf6 import 202 protocols ospf6 instance-id 202 protocols ospf6 ip-router-alert 202 protocols ospf6 router-id 203 protocols rip export 203 protocols rip import 203 protocols rip interface <bozo> vif <bozo> address <ip-address> accept-default-route 204 protocols rip interface <bozo> vif <bozo> address <ip-address> accept-non-rip-requests 204 protocols rip interface <bozo> vif <bozo> address <ip-address> advertise-default-route 205 protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> end-time 205 protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> password 206 protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> start-time 206 protocols rip interface <bozo> vif <bozo> address <ip-address> authentication simple-password 207

15 protocols rip interface <bozo> vif <bozo> address <ip-address> deletion-delay 207 protocols rip interface <bozo> vif <bozo> address <ip-address> disable 207 protocols rip interface <bozo> vif <bozo> address <ip-address> horizon 208 protocols rip interface <bozo> vif <bozo> address <ip-address> interpacket-delay 208 protocols rip interface <bozo> vif <bozo> address <ip-address> metric 209 protocols rip interface <bozo> vif <bozo> address <ip-address> passive 209 protocols rip interface <bozo> vif <bozo> address <ip-address> request-interval 210 protocols rip interface <bozo> vif <bozo> address <ip-address> route-timeout 210 protocols rip interface <bozo> vif <bozo> address <ip-address> triggered-delay 211 protocols rip interface <bozo> vif <bozo> address <ip-address> triggered-jitter 211 protocols rip interface <bozo> vif <bozo> address <ip-address> update-interval 212 protocols rip interface <bozo> vif <bozo> address <ip-address> update-jitter 212 protocols sflow agent-id 212 protocols sflow collector <IPv4> udp-port 213 protocols sflow disable 213 protocols sflow header-len 214 protocols sflow interface <port> disable 214 protocols sflow interface <port> header-len 214 protocols sflow interface <port> polling-interval 215 protocols sflow interface <port> sampling-rate egress 215 protocols sflow interface <port> sampling-rate ingress 215 protocols sflow polling-interval 216 protocols sflow sampling-rate egress 216 protocols sflow sampling-rate ingress 216 protocols sflow source-address 217 Open-Flow Configuration Command 218 open-flow 220 open-flow allowed-versions 220 open-flow allowed-versions <version> disable 220

16 open-flow controller 221 open-flow controller <text> address 221 open-flow controller <text> port 222 open-flow controller <text> protocol 222 open-flow flow 223 open-flow flow <text1> action ecmp output-interface 223 open-flow flow <text1> action ecmp output-interface <text2> next-hop 223 open-flow flow <text1> action ecmp output-interface <text2> src-mac 224 open-flow flow <text1> action ecmp output-interface <text2> vlan-id 224 open-flow flow <text1> action output interface 225 open-flow flow <text1> action output virtual-interface 225 open-flow flow <text1> match-field ingress-port 226 open-flow flow <text> action group 226 open-flow flow <text> action modify ethernet-destination-address 226 open-flow flow <text> action modify ethernet-source-address 227 open-flow flow <text> action modify ip-tos 227 open-flow flow <text> action modify mpls ethernet-type 227 open-flow flow <text> action modify mpls inner-label 228 open-flow flow <text> action modify mpls outmost-label 228 open-flow flow <text> action modify mpls type 229 open-flow flow <text> action modify vlan-id 229 open-flow flow <text> action modify vlan-priority 230 open-flow flow <text> action output controller 230 open-flow flow <text> action output controller max-length 230 open-flow flow <text> hard-timeout 231 open-flow flow <text> idle-timeout 231 open-flow flow <text> match-field destination-port 231 open-flow flow <text> match-field ethernet-destination-address 232 open-flow flow <text> match-field ethernet-destination-mask 232 open-flow flow <text> match-field ethernet-source-address 233

17 open-flow flow <text> match-field ethernet-source-mask 233 open-flow flow <text> match-field ethernet-type 233 open-flow flow <text> match-field ip-destination-address 234 open-flow flow <text> match-field ip-dst-addr-mask 234 open-flow flow <text> match-field ip-protocol 235 open-flow flow <text> match-field ip-source-address 235 open-flow flow <text> match-field ip-src-addr-mask 235 open-flow flow <text> match-field ip-tos 236 open-flow flow <text> match-field ipv6-destination-address 236 open-flow flow <text> match-field ipv6-source-address 236 open-flow flow <text> match-field source-port 237 open-flow flow <text> match-field vlan-id 237 open-flow flow <text> match-field vlan-priority 238 open-flow flow <text> priority 238 open-flow groups group-id <group-id> bucket-id <bucket-id> action modify eth-dst-address 238 open-flow groups group-id <group-id> bucket-id <bucket-id> action modify eth-src-address 239 open-flow groups group-id <group-id> bucket-id <bucket-id> action modify ip-tos 239 open-flow groups group-id <group-id> bucket-id <bucket-id> action modify vlan-id 240 open-flow groups group-id <group-id> bucket-id <bucket-id> action modify vlan-priority 240 open-flow groups group-id <group-id> bucket-id <bucket-id> action output-interface 241 open-flow groups group-id <group-id> bucket-id <bucket-id> watch-port 241 open-flow groups group-id <group-id> type 241 open-flow local-port address 242 open-flow local-port netmask 242 open-flow working-mode 243 show open-flow controller 243 show open-flow controller detail 243 show open-flow flow 244

18 show open-flow flow-table 244 show open-flow flow-table hardware 245 show open-flow flow-table layer show open-flow flow-table layer show open-flow flow-table software 246 show open-flow groups 246 System Configuration Commands 247 show system boot-messages 249 show system connections 250 show system core-dumps 256 show system cpu-usage 256 show system date 256 show system fan 257 show system memory-usage 257 show system name 257 show system ntp-status 258 show system os 258 show system processes brief 259 show system processes detail 260 show system rollback compare to 261 show system rollback file 262 show system rollback list 263 show system rpsu 264 show system serial-number 264 show system temperature 264 show system uptime 265 show system users 265 system aaa local disable 265 system aaa radius accounting disable 266

19 system aaa radius accounting server-ip 266 system aaa radius accounting server-ip <IPV4> port 266 system aaa radius accounting server-ip <IPV4> shared-key 267 system aaa radius accounting server-ip <IPV4> timeout 267 system aaa radius authorization disable 267 system aaa radius authorization server-ip 268 system aaa radius authorization server-ip <IPV4> port 268 system aaa radius authorization server-ip <IPV4> shared-key 268 system aaa radius authorization server-ip <IPV4> timeout 269 system aaa tacacs-plus accounting 269 system aaa tacacs-plus authorization 270 system aaa tacacs-plus auth-type 270 system aaa tacacs-plus disable 270 system aaa tacacs-plus key 271 system aaa tacacs-plus port-number 271 system aaa tacacs-plus server-ip 271 system hostname 272 system inband enable 272 system login-acl network 273 system login announcement 273 system login user 273 system login user <text> authentication plain-text-password 274 system login user <text> class 274 system login user admin authentication plain-text-password 275 system login user admin class 275 system ntp-server-ip 275 system remote-config allow-client 276 system services ssh connection-limit 276 system services ssh disable 277 system services ssh protocol-version v2 277

20 system services ssh rate-limit 277 system services ssh root-login 278 system services telnet connection-limit 278 system services telnet disable 278 system services telnet rate-limit 279 system snmp-acl network 279 system syslog host 279 system syslog local-file 280 system syslog port-number 280 system syslog port-protocol 280 system timezone 281

21 Interface Configuration Commands interface aggregate-balancing hash-mapping field ethernet-destination-address disable interface aggregate-balancing hash-mapping field ethernet-source-address disable interface aggregate-balancing hash-mapping field ethernet-type disable interface aggregate-balancing hash-mapping field ingress-interface disable interface aggregate-balancing hash-mapping field ip-destination disable interface aggregate-balancing hash-mapping field ip-protocol disable interface aggregate-balancing hash-mapping field ip-source disable interface aggregate-balancing hash-mapping field port-destination disable interface aggregate-balancing hash-mapping field port-source disable interface aggregate-balancing hash-mapping field vlan disable interface aggregate-ethernet <lag> interface aggregate-ethernet <lag> aggregated-ether-options flow-control interface aggregate-ethernet <lag> aggregated-ether-options lacp enable interface aggregate-ethernet <lag> aggregated-ether-options min-selected-port interface aggregate-ethernet <lag> aggregated-ether-options mlag disable interface aggregate-ethernet <lag> aggregated-ether-options mlag domain-id interface aggregate-ethernet <lag> aggregated-ether-options mlag hello-interval interface aggregate-ethernet <lag> aggregated-ether-options mlag peer <ipv4> peer-link interface aggregate-ethernet <lag> aggregated-ether-options mlag priority interface aggregate-ethernet <lag> aggregated-ether-options mlag system-id interface aggregate-ethernet <lag> backup-port delay interface aggregate-ethernet <lag> backup-port interface interface aggregate-ethernet <lag> backup-port mode interface aggregate-ethernet <lag> crossflow enable interface aggregate-ethernet <lag> crossflow local-control interface aggregate-ethernet <lag> description interface aggregate-ethernet <lag> disable interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling egress interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling ether-type interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling ingress interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling mode 21

22 interface aggregate-ethernet <lag> family ethernet-switching native-vlan-id interface aggregate-ethernet <lag> family ethernet-switching port-mode interface aggregate-ethernet <lag> family ethernet-switching vlan members interface aggregate-ethernet <lag> hash-mapping mode interface aggregate-ethernet <lag> mtu interface aggregate-ethernet <lag> port-security block interface aggregate-ethernet <lag> port-security mac-address interface aggregate-ethernet <lag> port-security mac-limit interface aggregate-ethernet <lag> port-security sticky interface aggregate-ethernet <lag> port-security violation interface aggregate-ethernet <lag> snmp-trap interface aggregate-ethernet <lag> static-ethernet-switching mac-address <macaddr> vlan interface aggregate-ethernet <lag> storm-control <mode> pps interface bpdu-tunneling destination-mac interface cut-through-mode interface ecmp hash-mapping field ingress-interface disable interface ecmp hash-mapping field ip-destination disable interface ecmp hash-mapping field ip-protocol disable interface ecmp hash-mapping field ip-source disable interface ecmp hash-mapping field port-destination disable interface ecmp hash-mapping field port-source disable interface ecmp hash-mapping field vlan disable interface ecmp max-path interface ethernet-switching-options analyzer <text> <in/out> <traffic-interface mode> interface ethernet-switching-options buffer queue-limit interface ethernet-switching-options mac-table-aging-time Interface ethernet-switching-options port-error-discard timeout interface gigabit-ethernet <port> backup-port delay interface gigabit-ethernet <port> backup-port interface interface gigabit-ethernet <port> backup-port mode interface gigabit-ethernet <port> crossflow enable interface gigabit-ethernet <port> crossflow local-control interface gigabit-ethernet <port> description interface gigabit-ethernet <port> disable 22

23 interface gigabit-ethernet <port> ether-options 802.3ad interface gigabit-ethernet <port> ether-options flow-control interface gigabit-ethernet <port> family ethernet-switching bpdu-tunneling protocol interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling egress interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling ether-type interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling ingress interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling mode interface gigabit-ethernet <port> family ethernet-switching native-vlan-id interface gigabit-ethernet <port> family ethernet-switching port-mode interface gigabit-ethernet <port> family ethernet-switching vlan members interface gigabit-ethernet <port> mtu interface gigabit-ethernet <port> port-security block interface gigabit-ethernet <port> port-security mac-address interface gigabit-ethernet <port> port-security mac-limit interface gigabit-ethernet <port> port-security sticky interface gigabit-ethernet <port> port-security violation interface gigabit-ethernet <port> power-preemphasis-level interface gigabit-ethernet <port> rate-limiting <ingress/egress> kilobits interface gigabit-ethernet <port> snmp-trap interface gigabit-ethernet <port> speed interface gigabit-ethernet <port> static-ethernet-switching mac-address <macaddr> vlan interface gigabit-ethernet <port> storm-control <mode> pps interface gigabit-ethernet <port> wred queue <value> drop_probability interface gigabit-ethernet <port> wred queue <value> ecn_thresh interface gigabit-ethernet <port> wred queue <value> enable interface gigabit-ethernet <port> wred queue <value> max_thresh interface gigabit-ethernet <port> wred queue <value> min_thresh interface management-ethernet eth0 address interface management-ethernet eth0 gateway interface management-ethernet eth1 address interface management-ethernet eth1 gateway interface max-acl-rule-limit <egress/ingress> interface max-route-limit interface qe-interface-mode 23

24 show interface aggregate-ethernet <lag> show interface aggregate-ethernet <lag> dot1q-tunneling show interface bpdu-tunneling show interface brief show interface detail show interface diagnostics optics all show interface flexlink show interface gigabit-ethernet show interface gigabit-ethernet <interface> show interface management-ethernet eth0 24

25 VLAN Configuration Commands run clear vlan-interface statistics loopback show vlan-interface show vlan-interface interface show vlans vlan-interface interface <bozo> router-advertisement disable vlan-interface interface <bozo> vif <bozo> address <ip-address> prefix-length vlan-interface interface <bozo> vif <bozo> description vlans dot1q-tunneling egress <bozo> from <vlan-mode> vlans dot1q-tunneling egress <bozo> then action vlans dot1q-tunneling egress <bozo> then service-vlan vlans dot1q-tunneling ingress <bozo> from double-tag service-vlan vlans dot1q-tunneling ingress <bozo> from one-tag customer-vlan-list vlans dot1q-tunneling ingress <bozo> from untag enabled vlans dot1q-tunneling ingress <bozo> then <vlan-mode> vlans-interface loopback address <ip-address> prefix-length vlans vlan-id vlans vlan-id <vlan-id> description vlans vlan-id <vlan-id> l3-interface vlans vlan-id <vlan-id> vlan-name 25

26 Firewall Configuration Commands firewall filter <bozo> description firewall filter <bozo> input interface firewall filter <bozo> input vlan-interface firewall filter <bozo> output interface firewall filter <bozo> output vlan-interface firewall filter <bozo> sequence <int> description firewall filter <bozo> sequence <int> from destination-address-ipv4 firewall filter <bozo> sequence <int> from destination-address-ipv6 firewall filter <bozo> sequence <int> from destination-mac-address firewall filter <bozo> sequence <int> from destination-port firewall filter <bozo> sequence <int> from ether-type firewall filter <bozo> sequence <int> from iptrust-mode firewallfilter <bozo> sequence <int> from ip value firewall filter <bozo> sequence <int> from protocol icmp firewall filter <bozo> sequence <int> from protocol igmp firewall filter <bozo> sequence <int> from protocol ip firewall filter <bozo> sequence <int> from protocol ospf firewall filter <bozo> sequence <int> from protocol others firewall filter <bozo> sequence <int> from protocol tcp firewall filter <bozo> sequence <int> from protocol tcp flags firewall filter <bozo> sequence <int> from protocol udp firewall filter <bozo> sequence <int> from source-address-ipv4 firewall filter <bozo> sequence <int> from source-address-ipv6 firewall filter <bozo> sequence <int> from source-mac-address firewall filter <bozo> sequence <int> from source-port firewall filter <bozo> sequence <int> from vlan firewall filter <bozo> sequence <int> log interval firewall filter <bozo> sequence <int> then action firewall system-output disable show filter 26

27 QoS Configuration Commands class-of-service classifier <classifier-name> class-of-service classifier <classifier-name> forwarding-class <forwarding-class-name> code-point <code-point> class-of-service classifier <classifier-name> forwarding-class <forwarding-class-name> schedule <schedule-name> class-of-service classifier <classifier-name> trust-mode <trust-mode> class-of-service forwarding-class <forwarding-class-name> local-priority <local-priority> class-of-service interface <port> classifier <classifier-name> class-of-service schedule <schedule-name> guaranteed-rate <guaranteed-rate> class-of-service schedule <schedule-name> mode SP class-of-service schedule <schedule-name> mode WFQ class-of-service schedule <schedule-name> mode WRR class-of-service schedule <schedule-name> weight <weight-id> interface gigabit-ethernet <port> static-ethernet-switching mac-address <mac-address> vlan <vlan-id> show class-of-service <text> 27

28 multicast_interface Configuration Commands multicast-interface interface <text> vif <text> disable show multicast interface 28

29 Protocol Configuration Commands protocols arp aging-time protocols arp interface <interface> address <ipv4-addr> mac-address protocols arp interface <interface> inspection disable protocols arp interface <interface> proxy disable protocols bfd interface <interface> detect-multiplier protocols bfd interface <interface> disable protocols bfd interface <interface> min-echo-receive-interval protocols bfd interface <interface> min-receive-interval protocols bfd interface <interface> min-transmit-interval protocols bfd mode protocols bgp aggregate <network> <IPV?net> suppress-detail protocols bgp aggregate network4 <IPV4net> brief-mode protocols bgp auto-summary protocols bgp bgp-id protocols bgp confederation disable protocols bgp confederation identifier protocols bgp damping disable protocols bgp damping half-life protocols bgp damping max-suppress protocols bgp damping reuse protocols bgp damping suppress protocols bgp enable-4byte-as-numbers protocols bgp export protocols bgp fast-external-fallover disable protocols bgp import protocols bgp local-as protocols bgp local-preference protocols bgp med protocols bgp multipath disable protocols bgp multipath path-relax protocols bgp network4 <IPv4Net> 29

30 protocols bgp network6 <ipv6net> protocols bgp peer <text> advertise community disable protocols bgp peer <text> advertise community-ext disable protocols bgp peer <text> allow-as-loop protocols bgp peer <text> as protocols bgp peer <text> bfd disable protocols bgp peer <text> client protocols bgp peer <text> confederation-member protocols bgp peer <text> default-route-advertise disable protocols bgp peer <text> delay-open-time protocols bgp peer <text> disable protocols bgp peer <text> export protocols bgp peer <text> holdtime protocols bgp peer <text> import protocols bgp peer <text> ipv4-multicast protocols bgp peer <text> ipv4-unicast protocols bgp peer <text> ipv6-multicast protocols bgp peer <text> ipv6-unicast protocols bgp peer <text> local-ip protocols bgp peer <text> md5-password protocols bgp peer <text> next-hop-self protocols bgp peer <text> prefix-limit maximum protocols bgp peer <text> public-as-only protocols bgp route-reflector cluster-id protocols bgp route-reflector disable protocols bgp synchronization protocols dhcp option82 disable protocols dhcp relay port <bozo> circuit-id protocols dhcp relay vlan-interface <bozo> dhcp-server-address <numbere> protocols dhcp relay vlan-interface <bozo> disable protocols dhcp snooping binding file protocols dhcp snooping binding timeout protocols dhcp snooping disable protocols dhcp snooping port <bozo> trust 30

31 protocols igmp disable protocols igmp interface <text> vif <text> disable protocols igmp interface <text> vif <text> enable-ip-router-alert-option-check protocols igmp interface <text> vif <text> query-interval protocols igmp interface <text> vif <text> query-last-member-interval protocols igmp interface <text> vif <text> query-response-interval protocols igmp interface <text> vif <text> robust-count protocols igmp interface <text> vif <text> version protocols igmp-snooping enable protocols igmp-snooping last-member-query-count protocols igmp-snooping last-member-query-interval protocols igmp-snooping max-response-time protocols igmp-snooping query-interval protocols igmp-snooping report-suppression protocols igmp-snooping robustness-variable protocols igmp-snooping vlan-id <id> enable protocols igmp-snooping vlan-id <id> fast-leave protocols igmp-snooping vlan-id <id> mrouter interface protocols igmp-snooping vlan-id <id> querier address protocols igmp-snooping vlan-id <id> querier enable protocols igmp-snooping vlan-id <id> querier other-querier-timer protocols igmp-snooping vlan-id <id> querier version protocols igmp-snooping vlan-id <id> static group <IPv4> interface protocols lacp interface <interface> priority protocols lacp priority protocols ospf4 area <area-id1> interface <bozo> vif <bozo> address <ip-address1> neighbor <ip-address2> router-id protocols ospf4 area <area-id1> virtual-link <router-id> transmit-area protocols ospf4 area <area-id> area-range <ip-address/netmask> advertise protocols ospf4 area <area-id> area-type protocols ospf4 area <area-id> default-lsa disable protocols ospf4 area <area-id> default-lsa metric protocols ospf4 area <area-id> interface <bozo> link-type protocols ospf4 area <area-id> interface <bozo> vif <bozo> address 31

32 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> end-time protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> max-time-drift protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> password protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> simple-password protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> bfd disable protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> disable protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> hello-interval protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> interface-cost protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> passive disable protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> priority protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> retransmit-interval protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> router-dead-interval protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> transmit-delay protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address authentication md5 <int> start-time protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address passive host protocols ospf4 area <area-id> summaries disable protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> end-time protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> max-time-drift protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> password protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> simple-password protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> start-time protocols ospf4 area <area-id> virtual-link <router-id> hello-interval 32

33 protocols ospf4 area <area-id> virtual-link <router-id> retransmit-interval protocols ospf4 area <area-id> virtual-link <router-id> router-dead-interval protocols ospf4 area <area-id> virtual-link <router-id> transmit-delay protocols ospf4 export protocols ospf4 import protocols ospf4 ip-router-alert protocols ospf4 rfc1583-compatibility protocols ospf4 router-id protocols ospf6 area <area-id1> interface <bozo> vif <bozo> neighbor <ip-address> router-id protocols ospf6 area <area-id1> virtual-link <router-id> transmit-area protocols ospf6 area <area-id> area-range <ip-address/netmask> advertise protocols ospf6 area <area-id> area-type protocols ospf6 area <area-id> default-lsa disable protocols ospf6 area <area-id> default-lsa metric protocols ospf6 area <area-id> interface <bozo> link-type protocols ospf6 area <area-id> interface <bozo> vif <bozo> address <ip-address> disable protocols ospf6 area <area-id> interface <bozo> vif <bozo> bfd disable protocols ospf6 area <area-id> interface <bozo> vif <bozo> disable protocols ospf6 area <area-id> interface <bozo> vif <bozo> hello-interval protocols ospf6 area <area-id> interface <bozo> vif <bozo> interface-cost protocols ospf6 area <area-id> interface <bozo> vif <bozo> passive protocols ospf6 area <area-id> interface <bozo> vif <bozo> priority protocols ospf6 area <area-id> interface <bozo> vif <bozo> retransmit-interval protocols ospf6 area <area-id> interface <bozo> vif <bozo> router-dead-interval protocols ospf6 area <area-id> interface <bozo> vif <bozo> transmit-delay protocols ospf6 area <area-id> summaries disable protocols ospf6 area <area-id> virtual-link <router-id> hello-interval protocols ospf6 area <area-id> virtual-link <router-id> retransmit-interval protocols ospf6 area <area-id> virtual-link <router-id> router-dead-interval protocols ospf6 area <area-id> virtual-link <router-id> transmit-delay protocols ospf6 export protocols ospf6 import protocols ospf6 instance-id 33

34 protocols ospf6 ip-router-alert protocols ospf6 router-id protocols rip export protocols rip import protocols rip interface <bozo> vif <bozo> address <ip-address> accept-default-route protocols rip interface <bozo> vif <bozo> address <ip-address> accept-non-rip-requests protocols rip interface <bozo> vif <bozo> address <ip-address> advertise-default-route protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> end-time protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> password protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> start-time protocols rip interface <bozo> vif <bozo> address <ip-address> authentication simple-password protocols rip interface <bozo> vif <bozo> address <ip-address> deletion-delay protocols rip interface <bozo> vif <bozo> address <ip-address> disable protocols rip interface <bozo> vif <bozo> address <ip-address> horizon protocols rip interface <bozo> vif <bozo> address <ip-address> interpacket-delay protocols rip interface <bozo> vif <bozo> address <ip-address> metric protocols rip interface <bozo> vif <bozo> address <ip-address> passive protocols rip interface <bozo> vif <bozo> address <ip-address> request-interval protocols rip interface <bozo> vif <bozo> address <ip-address> route-timeout protocols rip interface <bozo> vif <bozo> address <ip-address> triggered-delay protocols rip interface <bozo> vif <bozo> address <ip-address> triggered-jitter protocols rip interface <bozo> vif <bozo> address <ip-address> update-interval protocols rip interface <bozo> vif <bozo> address <ip-address> update-jitter protocols sflow agent-id protocols sflow collector <IPv4> udp-port protocols sflow disable protocols sflow header-len protocols sflow interface <port> disable protocols sflow interface <port> header-len protocols sflow interface <port> polling-interval protocols sflow interface <port> sampling-rate egress 34

35 protocols sflow interface <port> sampling-rate ingress protocols sflow polling-interval protocols sflow sampling-rate egress protocols sflow sampling-rate ingress protocols sflow source-address 35

36 Open-Flow Configuration Command open-flow open-flow allowed-versions open-flow allowed-versions <version> disable open-flow controller open-flow controller <text> address open-flow controller <text> port open-flow controller <text> protocol open-flow flow open-flow flow <text1> action ecmp output-interface open-flow flow <text1> action ecmp output-interface <text2> next-hop open-flow flow <text1> action ecmp output-interface <text2> src-mac open-flow flow <text1> action ecmp output-interface <text2> vlan-id open-flow flow <text1> action output interface open-flow flow <text1> action output virtual-interface open-flow flow <text1> match-field ingress-port open-flow flow <text> action group open-flow flow <text> action modify ethernet-destination-address open-flow flow <text> action modify ethernet-source-address open-flow flow <text> action modify ip-tos open-flow flow <text> action modify mpls ethernet-type open-flow flow <text> action modify mpls inner-label open-flow flow <text> action modify mpls outmost-label open-flow flow <text> action modify mpls type open-flow flow <text> action modify vlan-id open-flow flow <text> action modify vlan-priority open-flow flow <text> action output controller open-flow flow <text> action output controller max-length open-flow flow <text> hard-timeout open-flow flow <text> idle-timeout open-flow flow <text> match-field destination-port open-flow flow <text> match-field ethernet-destination-address 36

37 open-flow flow <text> match-field ethernet-destination-mask open-flow flow <text> match-field ethernet-source-address open-flow flow <text> match-field ethernet-source-mask open-flow flow <text> match-field ethernet-type open-flow flow <text> match-field ip-destination-address open-flow flow <text> match-field ip-dst-addr-mask open-flow flow <text> match-field ip-protocol open-flow flow <text> match-field ip-source-address open-flow flow <text> match-field ip-src-addr-mask open-flow flow <text> match-field ip-tos open-flow flow <text> match-field ipv6-destination-address open-flow flow <text> match-field ipv6-source-address open-flow flow <text> match-field source-port open-flow flow <text> match-field vlan-id open-flow flow <text> match-field vlan-priority open-flow flow <text> priority open-flow groups group-id <group-id> bucket-id <bucket-id> action modify eth-dst-address open-flow groups group-id <group-id> bucket-id <bucket-id> action modify eth-src-address open-flow groups group-id <group-id> bucket-id <bucket-id> action modify ip-tos open-flow groups group-id <group-id> bucket-id <bucket-id> action modify vlan-id open-flow groups group-id <group-id> bucket-id <bucket-id> action modify vlan-priority open-flow groups group-id <group-id> bucket-id <bucket-id> action output-interface open-flow groups group-id <group-id> bucket-id <bucket-id> watch-port open-flow groups group-id <group-id> type open-flow local-port address open-flow local-port netmask open-flow working-mode show open-flow controller show open-flow controller detail show open-flow flow show open-flow flow-table show open-flow flow-table hardware show open-flow flow-table layer-2 show open-flow flow-table layer-3 37

38 show open-flow flow-table software show open-flow groups 38

39 System Configuration Commands show system boot-messages show system connections show system core-dumps show system cpu-usage show system date show system fan show system memory-usage show system name show system ntp-status show system os show system processes brief show system processes detail show system rollback compare to show system rollback file show system rollback list show system rpsu show system serial-number show system temperature show system uptime show system users system aaa local disable system aaa radius accounting disable system aaa radius accounting server-ip system aaa radius accounting server-ip <IPV4> port system aaa radius accounting server-ip <IPV4> shared-key system aaa radius accounting server-ip <IPV4> timeout system aaa radius authorization disable system aaa radius authorization server-ip system aaa radius authorization server-ip <IPV4> port system aaa radius authorization server-ip <IPV4> shared-key system aaa radius authorization server-ip <IPV4> timeout 39

40 system aaa tacacs-plus accounting system aaa tacacs-plus authorization system aaa tacacs-plus auth-type system aaa tacacs-plus disable system aaa tacacs-plus key system aaa tacacs-plus port-number system aaa tacacs-plus server-ip system hostname system inband enable system login-acl network system login announcement system login user system login user <text> authentication plain-text-password system login user <text> class system login user admin authentication plain-text-password system login user admin class system ntp-server-ip system remote-config allow-client system services ssh connection-limit system services ssh disable system services ssh protocol-version v2 system services ssh rate-limit system services ssh root-login system services telnet connection-limit system services telnet disable system services telnet rate-limit system snmp-acl network system syslog host system syslog local-file system syslog port-number system syslog port-protocol system timezone 40

41 Interface Configuration Commands This section contains descriptions of the CLI commands that this chapter references. interface aggregate-balancing hash-mapping field ethernet-destination-address disable interface aggregate-balancing hash-mapping field ethernet-source-address disable interface aggregate-balancing hash-mapping field ethernet-type disable interface aggregate-balancing hash-mapping field ingress-interface disable interface aggregate-balancing hash-mapping field ip-destination disable interface aggregate-balancing hash-mapping field ip-protocol disable interface aggregate-balancing hash-mapping field ip-source disable interface aggregate-balancing hash-mapping field port-destination disable interface aggregate-balancing hash-mapping field port-source disable interface aggregate-balancing hash-mapping field vlan disable interface aggregate-ethernet <lag> interface aggregate-ethernet <lag> aggregated-ether-options flow-control interface aggregate-ethernet <lag> aggregated-ether-options lacp enable interface aggregate-ethernet <lag> aggregated-ether-options min-selected-port interface aggregate-ethernet <lag> aggregated-ether-options mlag disable interface aggregate-ethernet <lag> aggregated-ether-options mlag domain-id interface aggregate-ethernet <lag> aggregated-ether-options mlag hello-interval interface aggregate-ethernet <lag> aggregated-ether-options mlag peer <ipv4> peer-link interface aggregate-ethernet <lag> aggregated-ether-options mlag priority interface aggregate-ethernet <lag> aggregated-ether-options mlag system-id interface aggregate-ethernet <lag> backup-port delay interface aggregate-ethernet <lag> backup-port interface interface aggregate-ethernet <lag> backup-port mode interface aggregate-ethernet <lag> crossflow enable interface aggregate-ethernet <lag> crossflow local-control interface aggregate-ethernet <lag> description interface aggregate-ethernet <lag> disable interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling egress interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling ether-type interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling ingress 41

42 interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling mode interface aggregate-ethernet <lag> family ethernet-switching native-vlan-id interface aggregate-ethernet <lag> family ethernet-switching port-mode interface aggregate-ethernet <lag> family ethernet-switching vlan members interface aggregate-ethernet <lag> hash-mapping mode interface aggregate-ethernet <lag> mtu interface aggregate-ethernet <lag> port-security block interface aggregate-ethernet <lag> port-security mac-address interface aggregate-ethernet <lag> port-security mac-limit interface aggregate-ethernet <lag> port-security sticky interface aggregate-ethernet <lag> port-security violation interface aggregate-ethernet <lag> snmp-trap interface aggregate-ethernet <lag> static-ethernet-switching mac-address <macaddr> vlan interface aggregate-ethernet <lag> storm-control <mode> pps interface bpdu-tunneling destination-mac interface cut-through-mode interface ecmp hash-mapping field ingress-interface disable interface ecmp hash-mapping field ip-destination disable interface ecmp hash-mapping field ip-protocol disable interface ecmp hash-mapping field ip-source disable interface ecmp hash-mapping field port-destination disable interface ecmp hash-mapping field port-source disable interface ecmp hash-mapping field vlan disable interface ecmp max-path interface ethernet-switching-options analyzer <text> <in/out> <traffic-interface mode> interface ethernet-switching-options buffer queue-limit interface ethernet-switching-options mac-table-aging-time Interface ethernet-switching-options port-error-discard timeout interface gigabit-ethernet <port> backup-port delay interface gigabit-ethernet <port> backup-port interface interface gigabit-ethernet <port> backup-port mode interface gigabit-ethernet <port> crossflow enable interface gigabit-ethernet <port> crossflow local-control interface gigabit-ethernet <port> description 42

43 interface gigabit-ethernet <port> disable interface gigabit-ethernet <port> ether-options 802.3ad interface gigabit-ethernet <port> ether-options flow-control interface gigabit-ethernet <port> family ethernet-switching bpdu-tunneling protocol interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling egress interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling ether-type interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling ingress interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling mode interface gigabit-ethernet <port> family ethernet-switching native-vlan-id interface gigabit-ethernet <port> family ethernet-switching port-mode interface gigabit-ethernet <port> family ethernet-switching vlan members interface gigabit-ethernet <port> mtu interface gigabit-ethernet <port> port-security block interface gigabit-ethernet <port> port-security mac-address interface gigabit-ethernet <port> port-security mac-limit interface gigabit-ethernet <port> port-security sticky interface gigabit-ethernet <port> port-security violation interface gigabit-ethernet <port> power-preemphasis-level interface gigabit-ethernet <port> rate-limiting <ingress/egress> kilobits interface gigabit-ethernet <port> snmp-trap interface gigabit-ethernet <port> speed interface gigabit-ethernet <port> static-ethernet-switching mac-address <macaddr> vlan interface gigabit-ethernet <port> storm-control <mode> pps interface gigabit-ethernet <port> wred queue <value> drop_probability interface gigabit-ethernet <port> wred queue <value> ecn_thresh interface gigabit-ethernet <port> wred queue <value> enable interface gigabit-ethernet <port> wred queue <value> max_thresh interface gigabit-ethernet <port> wred queue <value> min_thresh interface management-ethernet eth0 address interface management-ethernet eth0 gateway interface management-ethernet eth1 address interface management-ethernet eth1 gateway interface max-acl-rule-limit <egress/ingress> interface max-route-limit 43

44 interface qe-interface-mode show interface aggregate-ethernet <lag> show interface aggregate-ethernet <lag> dot1q-tunneling show interface bpdu-tunneling show interface brief show interface detail show interface diagnostics optics all show interface flexlink show interface gigabit-ethernet show interface gigabit-ethernet <interface> show interface management-ethernet eth0 interface aggregate-balancing hash-mapping field ethernet-destination-address disable This command designates data packets to be forwarded via the ethernet-destination-address. set interface aggregate-balancing hash-mapping field ethernet-destination-address disable <true false> To remove the configuration enter: delete interface aggregate-balancing hash-mapping field ethernet-destination-address disable true--disable ethernet-destination-address false--enable ethernet-destination-address This example enables data packets forwarded by ethernet-destination-address: XorPlus# set interface aggregate-balancing hash-mapping field ethernet-destination-address disable false interface aggregate-balancing hash-mapping field ethernet-source-address disable This command designates data packets to be forwarded via ethernet-source-address. set interface aggregate-balancing hash-mapping field ethernet-source-address disable < true false> 44

45 To remove the configuration enter: delete interface aggregate-balancing hash-mapping field ethernet-source-address disable true--disable ethernet-source-address false--enable ethernet-source-address This example enables data packets to be forwarded via ethernet-source-address: XorPlus# set interface aggregate-balancing hash-mapping field ethernet-source-address disable false interface aggregate-balancing hash-mapping field ethernet-type disable This command designates data packets to be forwarded via the ethernet-type. set interface aggregate-balancing hash-mapping field ethernet-type disable <true false> To remove the configuration enter: delete interface aggregate-balancing hash-mapping field ethernet-type disable true--disable ethernet-type false--enable ethernet-type This example enables data packets to be forwarded via ethernet-type: XorPlus# set interface aggregate-balancing hash-mapping field ethernet-type disable false interface aggregate-balancing hash-mapping field ingress-interface disable This command designates data packets to be forwarded via the ingress-interface. set interface aggregate-balancing hash-mapping field ingress-interface disable < true false> To remove the configuration enter: delete interface aggregate-balancing hash-mapping field ingress-interface disable 45

46 true--disable ingress-interface false--enable ingress-interface This example enables ingress-interface: XorPlus# set interface aggregate-balancing hash-mapping field ingress-interface disable false interface aggregate-balancing hash-mapping field ip-destination disable This command designates data packets to be forwarded via ip-destination. set interface aggregate-balancing hash-mapping field ip-destination disable < true false> To remove the configuration enter: delete interface aggregate-balancing hash-mapping field ip-destination disable true--disable ip-destination false--enable ip-destination This example enables data packet fowarded by ip-destination: XorPlus# set interface aggregate-balancing hash-mapping field ip-destination disable false interface aggregate-balancing hash-mapping field ip-protocol disable This command designates data packets to be forwarded via the IP protocol. set interface aggregate-balancing hash-mapping field ip-protocol disable < true false> To remove the configuration enter: delete interface aggregate-balancing hash-mapping field ip-protocol disable true--disable ip-protocol false--enable ip-protocol 46

47 This example enables forwarding of data packets via the ip-protocol: XorPlus# set interface aggregate-balancing hash-mapping field ip-protocol disable false interface aggregate-balancing hash-mapping field ip-source disable This command designates data packets to be forwarded via the IP source. set interface aggregate-balancing hash-mapping field ip-source disable < true false> To return the configuration enter: delete interface aggregate-balancing hash-mapping field ip-source disable true--disable ip-source false--enable ip-source This example enables forwarding of data packets via ip-source: XorPlus# set interface aggregate-balancing hash-mapping field ip-source disable false interface aggregate-balancing hash-mapping field port-destination disable This command designates data packets to be forwarded via the port-destination. set interface aggregate-balancing hash-mapping field port-destination disable < true false> To return the configuration enter: delete interface aggregate-balancing hash-mapping field port-destination disable true--disable port-destination false--enable port-destination This example enables data packets to be forwarded via port-destination: 47

48 XorPlus# set interface aggregate-balancing hash-mapping field port-destination disable false interface aggregate-balancing hash-mapping field port-source disable This command designates data packets to be forwarded via the port-source. set interface aggregate-balancing hash-mapping field port-source disable <true false> To return the configuration enter: delete interface aggregate-balancing hash-mapping field port-source disable true--disable port-source false--enable port-source This example enables data packets to be forwarded via ip-source: XorPlus# set interface aggregate-balancing hash-mapping field port-source disable false interface aggregate-balancing hash-mapping field vlan disable Use this command to enables aggregate load balancing hash map on the VLAN. set interface aggregate-balancing hash-mapping field vlan disable <true false> To return the configuration enter: delete interface aggregate-balancing hash-mapping field vlan disable true--disable vlan false--enable vlan This example is to enable ip-source: XorPlus# set interface aggregate-balancing hash-mapping field vlan disable false 48

49 interface aggregate-ethernet <lag> Use this command to create a Link Aggregation Group (LAG) interface. set interface aggregate-ethernet <lag_name> <lag_name> Enter the name of the LAG interface (range: ae1 to ae48). The example creates a lag named ae4. XorPlus# set interface aggregate-ethernet ae4 interface aggregate-ethernet <lag> aggregated-ether-options flow-control Configure flow-control for a logical port. set interface aggregate-ethernet To return the configuration enter: delete interface aggregate-ethernet <lag_name> aggregated-ether-options flow-control < lag_name> aggregated-ether-options flow-control <lag_name>--enter the name of the LAG interface (range: ae1 to ae48). true--enable flow control false--disable flow control This example enables flow-control on the LAG named ae1: <true false> XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options flow-control true interface aggregate-ethernet <lag> aggregated-ether-options lacp enable Creates a Link Aggregation Control Protocol (LACP) link aggregation group (LAG) on a specified logical port. set interface aggregate-ethernet <lag_name> aggregated-ether-options lacp enable <true false> 49

50 To return the configuration enter: delete interface aggregate-ethernet < lag_name> aggregated-ether-options lacp < lag_name > Enter the name of the LAG (range ae1 to ae48) true enable LACP false disable LACP This example configures LACP for ae1: XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options lacp enable true interface aggregate-ethernet <lag> aggregated-ether-options min-selected-port Configure min-selected-port for a specified logical port (LAG). Min-selected-port denotes that the LAG is up only when no fewer than the defined number of ports are up set interface aggregate-ethernet <port-id> To return to the configuration enter: delete interface aggregate-ethernet < lag_name > LAG interface name (range: ae1 through ae48) <lag_name> aggregated-ether-options min-selected-port <lag_name> aggregated-ether-options min-selected-port <port-id> Minimum number of selected ports (range: 1 through 8) This example is to configure min-selected-port for ae1 XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options min-selected-port 1 interface aggregate-ethernet <lag> aggregated-ether-options mlag disable Enable or disable MLAG for a logical port. 50

51 set interface aggregate-ethernet > delete interface aggregate-ethernet <lag_name> aggregated-ether-options mlag disable < lag_name> disable < lag_name > Name of LAG interface (range: ae1 through ae48) true disable MLAG false enable MLAG This example is to enable MLAG for the LAG named ae1: <true false XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options mlag disable false interface aggregate-ethernet <lag> aggregated-ether-options mlag domain-id You can set domain ID of MLAG for a logical port (ae1...ae48).the domain-id assigns an MLAG ID to an aggregation interface. Neighbour switches form an MLAG when each switch configures the same MLAG-ID to an aggregation interface. Only one aggregation interface. set interface aggregate-ethernet <domain-id> To rdelete the configuration enter: domain-id can be assigned to an <lag_name> aggregated-ether-options mlag domain-id d elete interface aggregate-ethernet < lag_name> aggregated-ether-options mlag domain-id < lag_name> LAG interface name (range: ae1 through ae48) <domain-id> The domain id of MLAG (range: 1 through 48) This example is to set MLAG ID as 5 for ae1: XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options mlag domain-id 5 51

52 interface aggregate-ethernet <lag> aggregated-ether-options mlag hello-interval The command is to configure the interval of hello message. The hello message is sent in both directions, between MLAG neighbors. If the neighbor switch is pinged four times, and doesn't receive any hello messages, then MLAG neighbor switches revert to their independent state. set interface aggregate-ethernet To delete the configuration enter: delete interface aggregate-ethernet <lag_name> Name of LAG interface (range: ae1..ae48) <lag_name> aggregated-ether-options mlag hello-interval <lag> aggregated-ether-options mlag hello-interval <value> The interval for sending hello message (range 1..60) This example is to set interval of hello messsages to 5 for ae1: <value> XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options mlag hello-interval 3 interface aggregate-ethernet <lag> aggregated-ether-options mlag peer <ipv4> peer-link Use this command to specify IP address of neighbors' switch.the synchronized messages are sent to neighbor' switch by peer link. set interface aggregate-ethernet peer-link <text> To delete the configuration enter: delete interface aggregate-ethernet ipv4_address> peer-link <lag_name> aggregated-ether-options mlag peer <lag_name> aggregated-ether-options mlag peer < < lag_name> Name of LAG interface (range: ae1 through ae48) <ipv4_address> The ip address of peer aggregated port. <text> The interface that connect to the peer This example is to configure IP address of peer ae2: <ipv4_address> 52

53 XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options mlag peer peer-link "ae2" interface aggregate-ethernet <lag> aggregated-ether-options mlag priority Set the MLAG priority.mlag priority is used to negotiate switch's role,including master or slave role. set interface aggregate-ethernet To delete the configuration enter: delete interface aggregate-ethernet <lag_name> aggregated-ether-options mlag priority < lag_name> aggregated-ether-options mlag priority < lag_name> Name of LAG interface (range: ae1 through ae48). <value> System priority for master selection ( ) This example is to configure MLAG priority for ae1: <value> XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options mlag priority 2 interface aggregate-ethernet <lag> aggregated-ether-options mlag system-id Users can set system id.this command specifies the local chassis system's MAC address for an MLAG domain and is used in LACP aggregation as source system MAC address. set interface aggregate-ethernet <macaddr> To delete the configuration enter: delete interface aggregate-ethernet <lag_name> aggregated-ether-options mlag system-id < lag_name> aggregated-ether-options mlag system-id < lag_name> Name of LAG interface (range: ae1 through ae48). <macaddr> Enter the system MAC address in the format This example is to configure MLAG system id for ae1: nn:nn:nn:nn:nn:nn 53

54 XorPlus# set interface aggregate-ethernet ae1 aggregated-ether-options mlag system-id 22:00:00:00:00:00 interface aggregate-ethernet <lag> backup-port delay Set backup port delay time, in seconds, to a port. set interface aggregate-ethernet To return the configuration enter: delete interface aggregate-ethernet <lag_name> backup-port delay < lag_name> backup-port delay <lag_name> Name of LAG interface (range: ae1 through ae48). <seconds> <seconds> Preemption delay, in seconds (range: 0 through 300 seconds) This example is to set the delay time to 20 seconds: XorPlus# set interface aggregate-ethernet ae1 backup-port delay 20 interface aggregate-ethernet <lag> backup-port interface You can configure two physical ports or two LAGs as Flex Links, or one physical port and one LAG as Flex Links. set interface aggregate-ethernet To return the configuration enter: delete interface aggregate-ethernet <lag_name> backup-port interface < lag_name> backup-port interface < lag_name> Name of LAG interface (range: ae1 through ae48). <interface_type> <interface_type> Set backup port of an interface, which will disable RSTP/MSTP This example is to set Flex links between a physical port and a LAG : XorPlus# set interface aggregate-ethernet ae1 backup-port interface ge-1/1/3 interface aggregate-ethernet <lag> backup-port mode You can set preemption mode of a logical port. 54

55 set interface aggregate-ethernet To return to the configuration enter: delete interface aggregate-ethernet <lag_name> backup-port mode < lag_name> backup-port mode < lag_name > Name of LAG interface (range: ae1 through ae48). bandwidth higher bandwidth interface preferred forced active interface preferred,the default mode Off turn off preemption This example is to set the port preemption mode to bandwidth: <bandwidth forced Off> XorPlus# set interface aggregate-ethernet ae1 backup-port mode bandwidth interface aggregate-ethernet <lag> crossflow enable Enable or disable the crossflow mode in a logical port. set interface aggregate-ethernet <lag_name> crossflow enable < true false> To delete the configuration enter: delete interface aggregate-ethernet < lag_name> crossflow enable < lag_name > Name of LAG interface (range: ae1 through ae48). true enable crossflow false disable crossflow This example enables crossflow in ge-1/1/3 port: XorPlus# set interface aggregate-ethernet ae1 crossflow enable true XorPlus#commit interface aggregate-ethernet <lag> crossflow local-control Enable or disable local-control function of crossflow for a logical port. set interface aggregate-ethernet To delete the configuration enter: delete interface aggregate-ethernet <lag_name> crossflow local-control < lag_name> crossflow local-control <true false> 55

56 <lag_name> Name of LAG interface (range: ae1 through ae48) true enable local control, this is the default mode. false disable local control The example disables local-control function of crossflow on port ae1. XorPlus# set aggregate-ethernet ae1 crossflow local-control false interface aggregate-ethernet <lag> description Use this command to add a description to a logical port. set interface aggregate-ethernett To delete the configuration enter: <lag_name> description delete interface aggregate-ethernet <lag_name> description <lag_name> Name of LAG interface (range: ae1 through ae48) <description> <description> Add a human-readable description of the interface This example adds the description hello to port named ae1. XorPlus# set interface aggregate-ethernet ae1 description hello interface aggregate-ethernet <lag> disable Enable or disable a logical interface. set interface aggregate-ethernet To delete the configuration enter: delete interfaceaggregate-ethernet <lag_name> disable < lag_name> disable <true false> < lag_name > Name of LAG interface (range: ae1 through ae48) true disable a logical interface false enable a logical interface 56

57 This example disables the ae1 interface: XorPlus# set interface aggregate-ethernet ae1 disable true interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling egress Configure or delete a Q-in-Q tunnel for exiting traffic on a port. set interface aggregate-ethernet <text> To delete the configuration enter: delete interface gigabit-ethernet <text> <lag_name> family ethernet-switching dot1q-tunneling egress <lag_name> family ethernet-switching dot1q-tunneling egress < lag_name> Name of LAG interface (range: ae1 through ae48) < text>q-in-q tunneling for exiting traffic This example is to configure a Q-in-Q tunnel for egress logical port: XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching dot1q-tunneling egress t2 interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling ether-type Set or delete an EtherType value on Q-in-Q tunnel for a logical port. set interface aggregate-ethernet <value> To delete enter: delete interface aggregate-ethernet ether-type <value> <lag_name> family ethernet-switching dot1q-tunneling ether-type < lag_name> family ethernet-switching dot1q-tunneling < lag_name > Name of LAG interface (range: ae1 through ae48) <value> EtherType value: 0x8100 0x88a8 57

58 0x9100 0x9200 This example is to select a Ethertype value on Q-in-Q tunnel for ge-1/1/3 port: XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching dot1q-tunneling ether-type 0x8100 interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling ingress Users can configure/delete a Q-in-Q tunnel for entering traffic on a logical port. set interface aggregate-ethernet delete interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48). < text> Tunneling for entering traffic <lag> family ethernet-switching dot1q-tunneling ingress <lag> family ethernet-switching dot1q-tunneling ingress This example is to configure a Q-in-Q tunnel for entering traffic: <text> <text> XorPlus# set interface aggregate-ethernet ge-1/1/4 family ethernet-switching dot1q-tunneling ingress t2 interface aggregate-ethernet <lag> family ethernet-switching dot1q-tunneling mode Users can configure a Q-in-Q tunnel mode for a logical port. By default, the mode is none. set interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48). [mode] Q-in-Q tunnel mode. external customer mode internal service provider mode none Disable tunneling mode, default mode This example is to set Q-in-Q tunnel mode for ae1 port: <lag> family ethernet-switching dot1q-tunneling mode [mode] 58

59 XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching dot1q-tunneling mode internal interface aggregate-ethernet <lag> family ethernet-switching native-vlan-id The native VLANID is the ID of the default VLAN (usually vlan-id 1) in which the port belongs. User can change the native VLANID for port. set interface aggregate-ethernet <lag> family ethernet-switching native-vlan-id < vlan-id> delete interface aggregate-ethernet <lag> family ethernet-switching native-vlan-id < vlan-id> <lag> Name of LAG interface (ae1..ae48). < vlan_id> The native-vlan-id,vlan identifier to associate with untagged packets.the valid VLAN numbers range This example creates VLAN 3 and puts ge-1/1/3 port on this VLAN: XorPlus# set vlans vlan-id 3 XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching native-vlan-id 3 interface aggregate-ethernet <lag> family ethernet-switching port-mode By default the port mode is access, user can configure trunk ports belong to more than one VLAN including the native VLAN. set interface aggregate-ethernet delete interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48). <lag> family ethernet-switching port-mode <lag> family ethernet-switching port-mode <port-mode> <port-mode> Configure lag as access or trunk port mode. Required select include: access access port mode, the default mode trunk trunk port mode This example sets ae1 port mode to trunk: 59

60 XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching port-mode trunk interface aggregate-ethernet <lag> family ethernet-switching vlan members This command is to adding a trunk lag to a VLAN, vlan members range from 1 to 4094 set interface aggregate-ethernet delete interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48). <lag> family ethernet-switching vlan members <port> family ethernet-switching vlan members <members> Configure the VLANs for which the interface can carry traffic,eg:2,3... This example is adding a trunk lag(ae1) to a vlan: <members> <members> XorPlus# set interface aggregate-ethernet ae1 family ethernet-switching vlan members 5 interface aggregate-ethernet <lag> hash-mapping mode This command is to control the data packets to forward on a specified lag. set interface aggregate-ethernet <lag> hash-mapping mode delete interface aggregate-ethernet <lag> hash-mapping mode <lag> Name of LAG interface (ae1..ae48). <mode> Configure hash mapping mode Default value: ethernet-source-destination advance Use global advanced configure as hash-key <mode> ethernet-destination-only Use destination mac as hash-key ethernet-source-destination Use source and destination mac as hash-key ethernet-source-only Use source mac as hash-key ip-destination-only Use destination ip as hash-key ip-source-destination Use source and destination ip as hash-key ip-source-only Use source ip as hash-key 60

61 This example is configure hash mapping mode to ethernet-destination-only advance for ae1: XorPlus# set interface aggregate-ethernet ae1 hash-mapping mode ethernet-destination-only interface aggregate-ethernet <lag> mtu Users can set maximum transmit packet size for a specified lag. set interface aggregate-ethernet delete interface aggregate-ethernet <lag> mtu <lag> mtu <lag> Name of LAG interface (ae1..ae48). <value> <value> maximum transmit packet size identifier(in octets),value is between [ ] This example sets MTU 1024 for ae1: XorPlus# set interface aggregate-ethernet ae1 mtu 1024 interface aggregate-ethernet <lag> port-security block Port security can be configured to take one of five block actions. set interface aggregate-ethernet delete interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48) <lag> port-security block <lag> port-security block <action> Disable forwarding unknow uni/multi cast addresses all Block broadcast and unknow addresses broadcast Block broadcast address multicast Block unknow multicast addresses uni-multi-cast Block unknow uni/multi cast addresses unicast Block unknow unicast addresses This example configure ae1 in block broadcast mode: <action> 61

62 XorPlus# set interface aggregate-ethernetae1 port-security block broadcast interface aggregate-ethernet <lag> port-security mac-address Users can use port security with static MAC addresses to restrict a port's ingress traffic by limiting the MAC addresses that are allowed to send traffic into the port. set interface aggregate-ethernet delete interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48) <lag> port-security mac-address <lag> port-security mac-address <madaddr> secure mac address identifier(eg:22:00:00:00:00:00) This example configure MAC address for ae1 : <madaddr> <madaddr> XorPlus#set interface aggregate-ethernet ae1 port-security mac-address 22:00:00:00:00:00 vlan 1 XorPlus#commit interface aggregate-ethernet <lag> port-security mac-limit Users can use port security with static MAC addresses to restrict a port's ingress traffic by limiting the MAC addresses that are allowed to send traffic into the port. set interface aggregate-ethernet delete interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48) <lag> port-security mac-limit <lag> port-security mac-limit <value> <value> The maximum number of dynamic mac address on this port, [ ] This example configure the maximum number of dynamic mac address as 10 for ae1: XorPlus# set interface aggregate-ethernet ae1 port-security mac-limit 10 interface aggregate-ethernet <lag> port-security sticky Port security with sticky MAC addresses retains dynamically learned MAC addresses when the link is down, and restores the MAC addresses when the link ups. 62

63 set interface aggregate-ethernet delete interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48) <bool> Sticky mac address true enable sticky mac address false disable sticky mac address <lag> port-security sticky <lag> port-security sticky This example configure sticky MAC address for ae2 <bool> XorPlus# set interface aggregate-ethernet ae2 port-security sticky true interface aggregate-ethernet <lag> port-security violation Users can configuring Port Security Violation Mode on a Port. set interface aggregate-ethernet delete interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48) <action> the violation action identifier. <lag> port-security violation <lag> port-security violation protect Drop packets with unknown source addresses <action> restrict Drop packets with unknown source addresses and log violation shutdown Disable interface shutdown-temp Disable interface temporarily(20 seconds for the default) This example configures the violation mode for ae1 XorPlus# set interface aggregate-ethernet ae1 port-security violation restrict interface aggregate-ethernet <lag> snmp-trap Users can eable or disable snmp trap when necessary. set interface aggregate-ethernet delete interface aggregate-ethernet <lag> snmp-trap <lag> snmp-trap <bool> 63

64 <lag> Name of LAG interface (ae1..ae48) <bool> Snmp trap when port link up and down true enable snmp-trap false disable snmp-trap This example enable snmp-trap for ae1: XorPlus# set interface aggregate-ethernet ae1 snmp-trap true interface aggregate-ethernet <lag> static-ethernet-switching mac-address <macaddr> vlan Users can add static mac address for a specific lag. set interface aggregate-ethernet <lag> static-ethernet-switching mac-address <macaddr> vlan <vlan-id> delete interface aggregate-ethernet <lag> static-ethernet-switching mac-address <macaddr> vlan <vlan-id> <lag> Name of LAG interface (ae1..ae48) <macaddr> static mac address identifier <vlan-id> vlan id identifier,[ ] This example is to configure mac-addr 12:11:11:11:11:11 for ae1: XorPlus# set interface aggregate-ethernet ae1 static-ethernet-switching mac-address 12:11:11:11:11:11 vlan 1 interface aggregate-ethernet <lag> storm-control <mode> pps Users can set storm control mode for a specified port. set interface aggregate-ethernet <lag> storm-control <mode> pps <value> delete interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48) <mode> packets forwarding mode broadcast Storm control for broadcast traffic <lag> storm-control broadcast pps 64

65 multicast Storm control for multicast traffic unicast Storm control for unicast traffic <value> Packets per second, [ ] This example set broadcast storm control for ae1: XorPlus# set interface aggregate-ethernet ae1 storm-control broadcast pps 1000 interface bpdu-tunneling destination-mac You can set the destination-mac of BPDU set interface bpdu-tunneling destination-mac <macaddr> <macaddr> The destination MAC address rewritten, e.g. xx:xx:xx:xx:xx:xx This example sets the destination-mac of BPDU 01:0E:00:00:00:01 XorPlus# set interface bpdu-tunneling destination-mac 01:0E:00:00:00:01 interface cut-through-mode By default, the switch forwards the packets in cut-through switching mode. You can configure the switch to store and-forward mode. set interface cut-through-mode <bool> delete interface cut-through-mode <bool> forwarding mode identifier true the default value,interface is in cut-through mode false interface is in store and forward mode This example is to configure the interface in store and forward mode 65

66 XorPlus# set interface cut-through-mode false Merging the configuration. Commit OK. Save done. XorPlus# interface ecmp hash-mapping field ingress-interface disable In the default setting, all fields are hashed by"ip-source," "port-destination," "port-source," and "vlan." You can also enable additional fields like ingress-interface. set interface ecmp hash-mapping field ingress-interface disable <bool> delete interface ecmp hash-mapping field ingress-interface disable <bool> disable including the field true disable ingress-interface false enable ingress-interface This example is to enable ingress interface: XorPlus# set interface ecmp hash-mapping field ingress-interface disable false interface ecmp hash-mapping field ip-destination disable In the default setting, all fields are hashed by"ip-source," "port-destination," "port-source," and "vlan." You can also enable additional fields like ip-destination. set interface ecmp hash-mapping field ip-destination disable <bool> delete interface ecmp hash-mapping field ip-destination disable <bool> disable including the field true disable ip-destination false enable ip-destination This example is to enable ip-destination: XorPlus# set interface ecmp hash-mapping field ip-destination disable false 66

67 interface ecmp hash-mapping field ip-protocol disable In the default setting, all fields are hashed by"ip-source," "port-destination," "port-source," and "vlan." You can also enable additional fields like ip-protocol. set interface ecmp hash-mapping field ip-protocol disable <bool> delete interface ecmp hash-mapping field ip-protocol disable <bool> disable including the field true disable ip-protocol false enable ip-protocol This example is to enable ip-protocol: XorPlus# set interface ecmp hash-mapping field ip-protocol disable false interface ecmp hash-mapping field ip-source disable In the default setting, all fields are hashed by"ip-source," "port-destination," "port-source," and "vlan." You can also enable additional fields like ip-source set interface ecmp hash-mapping field ip-source disable <bool> delete interface ecmp hash-mapping field ip-source disable <bool> disable including the field true disable ip-source false enable ip-source This example is to enable ip-source: XorPlus# set interface ecmp hash-mapping field ip-source disable false interface ecmp hash-mapping field port-destination disable In the default setting, all fields are hashed by"ip-source," "port-destination," "port-source," and "vlan." You can also enable additional fields like port-destination 67

68 set interface ecmp hash-mapping field port-destination disable <bool> delete interface ecmp hash-mapping field port-destination disable <bool> disable including the field true disable port-destination false enable port-destination This example is to enable port-destination: XorPlus# set interface ecmp hash-mapping field port-destination disable false interface ecmp hash-mapping field port-source disable In the default setting, all fields are hashed by"ip-source," "port-destination," "port-source," and "vlan." You can also enable additional fields like port-source set interface ecmp hash-mapping field port-source disable <bool> delete interface ecmp hash-mapping field port-source disable <bool> disable including the field true disable port-source false enable port-source This example is to enable port-source: XorPlus# set interface ecmp hash-mapping field port-source disable false interface ecmp hash-mapping field vlan disable In the default setting, all fields are hashed by"ip-source," "port-destination," "port-source," and "vlan." You can also enable additional fields like vlan set interface ecmp hash-mapping field vlan disable <bool> delete interface ecmp hash-mapping field vlan disable <bool> disable including the field true disable vlan 68

69 false enable vlan This example is to enable vlan: XorPlus# set interface ecmp hash-mapping field vlan disable false interface ecmp max-path This command is to set max counter of ecmp path. set interface ecmp max-path <value> delete interface ecmp max-path <value> Max of ecmp path This example is to set max of ecmp path 2: XorPlus# set interface ecmp max-path 2 interface ethernet-switching-options analyzer <text> <in/out> <traffic-interface mode> Users can configure one (1) mirror to analyze traffic set interface ethernet-switching-options analyzer <text> <in/out> <traffic-interface mode> <port> delete interface ethernet-switching-options analyzer <text> <in/out> <traffic-interface mode> <port> <text> Port mirroring, shall consist of letters and numerals <in/out> analyzer mode input The definition of traffic to be mirrored output Destination interface (e.g. ge-1/1/1, ge-1/1/2) <traffic-interface mode> traffic-interface mode identifier 69

70 egress Exiting traffic interface (e.g. ge-1/1/1, ge-1/1/2) ingress Entering traffic interface(e.g. ge-1/1/1, ge-1/1/2) <port> ethernet switching port identifier,the valid ports range This example is to set analyzer: XorPlus# set interface ethernet-switching-options analyzer 111 input ingress ge-1/1/3 interface ethernet-switching-options buffer queue-limit interface ethernet-switching-options buffer queue-limit You can set the limit value of queue buffer. set interface ethernet-switching-options buffer queue-limit <value> delete interface ethernet-switching-options buffer queue-limit <value> the queue-limit values indentifier,ranges from 0 to This example is to configure the buffer queue limit: XorPlus# set interface ethernet-switching-options buffer queue-limit 0 XorPlus# delete interface ethernet-switching-options buffer queue-limit XorPlus#commit interface ethernet-switching-options mac-table-aging-time Users can configure the aging time of mac table set interface ethernet-switching-options mac-table-aging-time <value> Delete interface ethernet-switching-options mac-table-aging-time <value> Aging time in seconds, the range is [ ]. This example is to configure the aging time (60)of mac table : 70

71 XorPlus# set interface ethernet-switching-options mac-table-aging-time 60 Interface ethernet-switching-options port-error-discard timeout Users can set the time of port recover from error-discard state automatically set interface ethernet-switching-options port-error-discard timeout <value> delete interface ethernet-switching-options port-error-discard timeout <value> Time(in seconds) of port recover from error-discard state automatically.the range is [ ],default is 20 This example is to set the 10 as the time of port-error-discard : XorPlus# set interface ethernet-switching-options port-error-discard timeout 10 XorPlus#commit XorPlus# delete interface ethernet-switching-options port-error-discard timeout XorPlus#commit interface gigabit-ethernet <port> backup-port delay You can set backup port delay time to a port. set interface gigabit-ethernet <port> backup-port delay <seconds> <port> ethernet switching port identifier,the valid ports range <seconds> preemption delay in seconds,range is [0..300] This example is to set the delay time to 20s: XorPlus# set interface gigabit-ethernet ge-1/1/3 backup-port delay 20 interface gigabit-ethernet <port> backup-port interface You can configure two physical ports or two LAGs as Flex Links, or one physical port and one LAG as Flex Links. 71

72 set interface gigabit-ethernet delete interface gigabit-ethernet <port> backup-port interface <port> backup-port interface <text> <port> ethernet switching port identifier,the valid ports range <text> Set backup port of an interface, which will disable rstp/mstp This example is to set Flex links between a physical port and a LAG : XorPlus# set interface gigabit-ethernet ge-1/1/1 backup-port interface ae1 interface gigabit-ethernet <port> backup-port mode You can set preemption mode of a port. set interface gigabit-ethernet delete interface gigabit-ethernet <port> backup-port mode <port> backup-port mode <mode> <port> ethernet switching port identifier,the valid ports range <mode> Set preemption mode. bandwidth higher bandwidth interface preferred forced active interface preferred,the default mode Off turn off preemption This example is to set the port preemption mode to bandwidth: XorPlus# set interface gigabit-ethernet ge-1/1/3 backup-port mode bandwidth interface gigabit-ethernet <port> crossflow enable You can configure a specified port in crossflow mode or not. set interface gigabit-ethernet delete interface gigabit-ethernet <port> a physical port or a LAG <bool> Enable crossflow true enable crossflow <port> crossflow enable <port> crossflow enable <bool> 72

73 false disable crossflow This example is to configure ge-1/1/3 port in croosflow port: XorPlus# set interface gigabit-ethernet ge-1/1/3 crossflow enable true XorPlus#commit interface gigabit-ethernet <port> crossflow local-control You can configure a crossflow port in local-control mode or not. set interface gigabit-ethernet delete interface gigabit-ethernet <port> a physical port or a LAG <bool> set local control <port> crossflow local-control true enable local control, default mode false disable local control <port> crossflow local-control <bool> This example is to configure a croosflow port ge-1/1/3 not in local control: XorPlus# set interface gigabit-ethernet ge-1/1/3 crossflow local-control false interface gigabit-ethernet <port> description Users can add a description to a port. set interface gigabit-ethernet delete interface gigabit-ethernet <port> description <port> description <text> <port> ethernet switching port identifier,the valid ports range 1-52 <text> Add a human-readable description of the interface This example is to add description "hello" to ge-1/1/3. XorPlus# set interface gigabit-ethernet ge-1/1/3 description hello 73

74 interface gigabit-ethernet <port> disable You can enable or disable an interface. set interface gigabit-ethernet delete interface gigabit-ethernet <bool> up/down an interface true disable an interface false enable an interface <port> disable <port> disable This example is to disable ge-1/1/3 interface: <bool> XorPlus# set interface gigabit-ethernet ge-1/1/3 disable true interface gigabit-ethernet <port> ether-options 802.3ad Users can add a specified port to a LAG. set interface gigabit-ethernet delete interface gigabit-ethernet <port> ether-options 802.3ad <port> ether-options 802.3ad <lag> <port> ethernet switching port identifier,the valid ports range 1-52 <lag> Join an aggregated Ethernet interface LAG,range is [ae1 to ae48] This example is to add ge-1/1/3 to ae1: XorPlus# set interface gigabit-ethernet ge-1/1/3 ether-options 802.3ad ae1 XorPlus#commit interface gigabit-ethernet <port> ether-options flow-control Users can configure a specified port in flow control. set interface gigabit-ethernet delete interface gigabit-ethernet <port> ether-options flow-control <port> ether-options flow-control <bool> <port> ethernet switching port identifier,the valid ports range 1-52 <bool> enable flow control true enable flow control 74

75 false disable flow control This example is to configure ge-1/1/3 port in flow control: XorPlus# set interface gigabit-ethernet ge-1/1/3 ether-options flow-control true interface gigabit-ethernet <port> family ethernet-switching bpdu-tunneling protocol This command is to configure Layer 2 protocol to be tunneled on a bpdu tunneling to a port on the interface. set interface gigabit-ethernet <port> family ethernet-switching bpdu-tunneling protocol <port> ethernet switching port identifier,the valid ports range <stp> Spanning Tree Protocol This example is to configure bpdu tunnel protocol: <stp> XorPlus# set interface gigabit-ethernet ge-1/1/4 family ethernet-switching bpdu-tunneling protocol stp XorPlus# interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling egress Users can configure/delete a Q-in-Q tunnel for exiting traffic on a port. set interface gigabit-ethernet delete interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling egress <port> family ethernet-switching dot1q-tunneling egress <port> ethernet switching port identifier,the valid ports range < text> Tunneling for existing traffic This example is to configure a Q-in-Q tunnel for existing traffic: <text> <text> XorPlus# set interface gigabit-ethernet ge-1/1/4 family ethernet-switching dot1q-tunneling egress t2 75

76 interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling ether-type Users can set/delete a Ethertype value on Q-in-Q tunnel for a port. set interface gigabit-ethernet delete interface gigabit-ethernet <value> <port> family ethernet-switching dot1q-tunneling ether-type <port> family ethernet-switching dot1q-tunneling ether-type <port> ethernet switching port identifier,the valid ports range <value> Ethertype value 0x8100 0x88a8 0x9100 0x9200 This example is to select a Ethertype value on Q-in-Q tunnel for ge-1/1/3 port: <value> XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching dot1q-tunneling ether-type 0x8100 interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling ingress Users can configure/delete a Q-in-Q tunnel for entering traffic on a port. set interface gigabit-ethernet delete interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling ingress <port> family ethernet-switching dot1q-tunneling ingress <port> ethernet switching port identifier,the valid ports range < text> Tunneling for entering traffic This example is to configure a Q-in-Q tunnel for entering traffic: <text> <text> XorPlus# set interface gigabit-ethernet ge-1/1/4 family ethernet-switching dot1q-tunneling ingress t2 76

77 interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling mode Users can configure a Q-in-Q tunnel mode for a port. By default, the mode is NONE. set interface gigabit-ethernet <port> family ethernet-switching dot1q-tunneling mode <port> ethernet switching port identifier,the valid ports range [mode] Q-in-Q tunnel mode. internal Flexible QinQ: service provider internal mode external Basic QinQ: customer to service provider mode none Disable tunneling mode,the default mode This example is to set Q-in-Q tunnel mode for ge-1/1/3 port: [mode] XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching dot1q-tunneling mode internal interface gigabit-ethernet <port> family ethernet-switching native-vlan-id The native VLANID is the ID of the default VLAN (usually vlan-id 1) in which the the port belongs. User can change the native VLANID for port. set interface gigabit-ethernet <port> family ethernet-switching native-vlan-id < vlan-id> delete interface gigabit-ethernet <port> family ethernet-switching native-vlan-id < vlan-id> < port> Gigabit Ethernet IEEE 802.3z or 802.3ae. e.g. ge-1/1/1. < vlan_id> The native-vlan-id,vlan identifier to associate with untagged packets.the valid VLAN numbers range This example creates VLAN 3 and puts ge-1/1/3 port on this VLAN: XorPlus# set vlans vlan-id 3 XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching native-vlan-id 3 77

78 interface gigabit-ethernet <port> family ethernet-switching port-mode By default the port mode is access, user can configure trunk ports belong to more than one VLAN including the native VLAN. set interface gigabit-ethernet delete interface gigabit-ethernet <port> family ethernet-switching port-mode <port> family ethernet-switching port-mode <port> ethernet switching port identifier,the valid ports range <port-mode> <port-mode> Configure port as access or trunk port mode. Required select include: access access port mode, the default mode trunk trunk port mode This example sets ge-1/1/3 port mode to trunk: XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching port-mode trunk interface gigabit-ethernet <port> family ethernet-switching vlan members This command is to adding a trunk port to a VLAN, vlan members range from 1to 4094 set interface gigabit-ethernet delete interface gigabit-ethernet <port> family ethernet-switching vlan members <port> family ethernet-switching vlan members <port> ethernet switching port identifier,the valid ports range <members> <members> Configure the VLANs for which the interface can carry traffic,eg:2,3... This example is adding a trunk port(ge-1/1/3) to a vlan: <members> XorPlus# set interface gigabit-ethernet ge-1/1/3 family ethernet-switching vlan members 5 interface gigabit-ethernet <port> mtu Users can set maximum transmit packet size for a specified port. 78

79 set interface gigabit-ethernet delete interface gigabit-ethernet <port> mtu <port> mtu <value> <port> ethernet switching port identifier,the valid ports range 1-52 <value> maximum transmit packet size identifier(in octets),value is between [ ] This example sets MTU 1024 for ge-1/1/3: XorPlus# set interface gigabit-ethernet ge-1/1/3 mtu 1024 interface gigabit-ethernet <port> port-security block Port security can be configured to take one of five block actions. set interface gigabit-ethernet delete interface gigabit-ethernet <port> port-security block <port> port-security block <action> <port> ethernet switching port identifier,the valid ports range 1-52 <action> Disable forwarding unknow uni/multi cast addresses all Block broadcast and unknow addresses broadcast Block broadcast address multicast Block unknow multicast addresses uni-multi-cast Block unknow uni/multi cast addresses unicast Block unknow unicast addresses This example configure ge-1/1/1 in block broadcast mode: XorPlus# set interface gigabit-ethernet ge-1/1/1 port-security block broadcast interface gigabit-ethernet <port> port-security mac-address Users can use port security with static MAC addresses to restrict a port's ingress traffic by limiting the MAC addresses that are allowed to send traffic into the port. set interface gigabit-ethernet delete interface gigabit-ethernet <port> port-security mac-address <port> port-security mac-address <madaddr> <madaddr> 79

80 <port> ethernet switching port identifier,the valid ports range 1-52 <madaddr> secure mac address identifier(eg:22:00:00:00:00:00) This example configure MAC address for ge-1/1/2 : XorPlus# set interface gigabit-ethernet ge-1/1/2 port-security mac-address 22:00:00:00:00:00 vlan 1 XorPlus#commit interface gigabit-ethernet <port> port-security mac-limit Users can use port security with static MAC addresses to restrict a port's ingress traffic by limiting the MAC addresses that are allowed to send traffic into the port. set interface gigabit-ethernet delete interface gigabit-ethernet <port> port-security mac-limit <port> port-security mac-limit <value> <port> ethernet switching port identifier,the valid ports range 1-52 <value> The maximum number of dynamic mac address on this port, [ ] This example configure the maximum number of dynamic mac address as 10 for ge-1/1/1: XorPlus# set interface gigabit-ethernet ge-1/1/1 port-security mac-limit 10 interface gigabit-ethernet <port> port-security sticky Port security with sticky MAC addresses retains dynamically learned MAC addresses when the link is down, and restores the MAC addresses when the link ups. set interface gigabit-ethernet delete interface gigabit-ethernet <port> port-security sticky <port> port-security sticky <bool> <port> ethernet switching port identifier,the valid ports range 1-52 <bool> Sticky mac address true enable sticky mac address false disable sticky mac address This example configure sticky MAC address for ge-1/1/2 80

81 XorPlus# set interface gigabit-ethernet ge-1/1/2 port-security sticky true interface gigabit-ethernet <port> port-security violation Users can configuring Port Security Violation Mode on a Port. set interface gigabit-ethernet delete interface gigabit-ethernet <port> port-security violation <port> port-security violation <action> <port> ethernet switching port identifier,the valid ports range 1-52 <action> the violation action identifier. protect Drop packets with unknown source addresses restrict Drop packets with unknown source addresses and log violation shutdown Disable interface shutdown-temp Disable interface temporarily(20 seconds for the default) This example configures the violation mode for ge-1/1/1 XorPlus# set interface gigabit-ethernet ge-1/1/1 port-security violation restrict interface gigabit-ethernet <port> power-preemphasis-level Users can set. power-preemphasis-level for a port. set interface gigabit-ethernet delete interface gigabit-ethernet <port> power-preemphasis-level <port> power-preemphasis-level <port> ethernet switching port identifier,the valid ports range 1-52 <value> the level identifier, [0..15] This example set preemphasis-level 3 for ge-1/1/1: <value> XorPlus# set interface gigabit-ethernet ge-1/1/1 power-preemphasis-level 3 XorPlus# 81

82 interface gigabit-ethernet <port> rate-limiting <ingress/egress> kilobits Users can limit rate of a ingress/egress port. set interface gigabit-ethernet <port> rate-limiting <ingress/egress> kilobits < kilobits-ps> delete interface gigabit-ethernet <port> rate-limiting egress kilobits <port> ethernet switching port identifier,the valid ports range 1-52 <ingress/egress> port mode ingress port mode for input traffic egress port mode for output traffic < kilobits-ps> kilobits per second, [ ]maximum of for ge-1/1/1...48, for te-1/1/ This example configure 1000 kilobits for an egress port ge-1/1/4: XorPlus# set interface gigabit-ethernet ge-1/1/4 rate-limiting egress kilobits 1000 interface gigabit-ethernet <port> snmp-trap Users can eable or disable snmp trap when necessary. set interface gigabit-ethernet delete interface gigabit-ethernet <port> snmp-trap <port> snmp-trap <bool> <port> ethernet switching port identifier,the valid ports range 1-52 <bool> Snmp trap when port link up and down true enable snmp-trap false disable snmp-trap This example enable snmp-trap for ge-1/1/1: XorPlus# set interface gigabit-ethernet ge-1/1/1 snmp-trap true 82

83 interface gigabit-ethernet <port> speed You can set port speed according your own needs. set interface gigabit-ethernet delete interface gigabit-ethernet <port> speed <port> speed <speed-value> <port> ethernet switching port identifier,the valid ports range 1-52 <speed-value> port speed identifier,values are as follows: 10 10M speed M speed G speed G speed auto auto negotiation This example configure ge-1/1/4 speed to 1000: XorPlus# set interface gigabit-ethernet ge-1/1/4 speed 100 interface gigabit-ethernet <port> static-ethernet-switching mac-address <macaddr> vlan Users can add static mac address for a specific interface. set interface gigabit-ethernet <port> static-ethernet-switching mac-address <macaddr> vlan <vlan-id> delete interface gigabit-ethernet <port> static-ethernet-switching mac-address <macaddr> vlan <vlan-id> <port> ethernet switching port identifier,the valid ports range 1-52 <macaddr> static mac address identifier <vlan-id> vlan id identifier,[ ] This example adds static mac address 12:11:11:11:11:11 for ge-1/1/1 XorPlus# set interface gigabit-ethernet ge-1/1/1 static-ethernet-switching mac-address 12:11:11:11:11:11 83

84 interface gigabit-ethernet <port> storm-control <mode> pps Users can set storm control mode for a specified port. set interface gigabit-ethernet <port> storm-control <mode> pps <value> delete interface gigabit-ethernet <port> storm-control broadcast pps <port> ethernet switching port identifier,the valid ports range 1-52 <mode> packets forwarding mode broadcast Storm control for broadcast traffic multicast Storm control for multicast traffic unicast Storm control for unicast traffic <value> Packets per second, [ ] This example set broadcast storm control for ge-1/1/1: XorPlus# set interface gigabit-ethernet ge-1/1/1 storm-control broadcast pps 1000 interface gigabit-ethernet <port> wred queue <value> drop_probability You can set drop_probability. set interface gigabit-ethernet <port> wred queue <value> drop_probability <int> delete interface gigabit-ethernet <port> wred queue <value> drop_probability <port> ethernet switching port identifier,the valid ports range 1-52 <value> The queue number,[0..7] <int> The probability identifier,[ ] This example sets wred queue drop probability for ge-1/1/3: XorPlus# set interface gigabit-ethernet ge-1/1/3 wred queue 2 drop_probability 10 84

85 interface gigabit-ethernet <port> wred queue <value> ecn_thresh You can set ecn_thresh. set interface gigabit-ethernet <port> wred queue <value> ecn_thresh <int> delete interface gigabit-ethernet <port> wred queue 2 ecn_thresh <port> ethernet switching port identifier,the valid ports range 1-52 <value> The queue number,[0..7] <int> The threshold identifier,[0..1] This example sets ecn_thresh for ge-1/1/3: XorPlus# set interface gigabit-ethernet ge-1/1/3 wred queue 2 ecn_thresh 0 interface gigabit-ethernet <port> wred queue <value> enable Users can set wred queue when necessary. set interface gigabit-ethernet <port> wred queue <value> enable <bool> delete interface gigabit-ethernet <port> wred queue <value> enable <port> ethernet switching port identifier,the valid ports range 1-52 <value> The queue number,[0..7] <bool> Set enable true enable wred false disable wred This example sets wred queue for ge-1/1/3: XorPlus# set interface gigabit-ethernet ge-1/1/3 wred queue 2 enable true interface gigabit-ethernet <port> wred queue <value> max_thresh You can set max thresh. 85

86 set interface gigabit-ethernet <port> wred queue <value> max_thresh <int> delete interface gigabit-ethernet <port> wred queue <value> max_thresh <port> ethernet switching port identifier,the valid ports range 1-52 <value> The queue number,[0..7] <int> The threshold identifier,[ ] This example sets max thresh for ge-1/1/3: XorPlus# set interface gigabit-ethernet ge-1/1/3 wred queue 2 max_thresh 100 interface gigabit-ethernet <port> wred queue <value> min_thresh You can set max thresh. set interface gigabit-ethernet <port> wred queue <value> min_thresh <int> delete interface gigabit-ethernet <port> wred queue <value> min_thresh <port> ethernet switching port identifier,the valid ports range 1-52 <value> The queue number,[0..7] <int> The threshold identifier,[ ] This example sets max thresh for ge-1/1/3: XorPlus# set interface gigabit-ethernet ge-1/1/3 wred queue 2 min_thresh 1 interface management-ethernet eth0 address Configure your management interface eth0 with a static IP address or DHCP set interface management-ethernet eth0 address <text> delete interface management-ethernet eth0 address <text> IPv4 address or negotiated via DHCP, e.g /24 or dhcp. Default address on eth0: DHCP This example is to configure management-ethernet eth0 address to /24: 86

87 XorPlus# set interface management-ethernet eth0 address /24 interface management-ethernet eth0 gateway Configure your management interface eth0 with a static IP address or DHCP set interface management-ethernet eth0 gateway <IPV4> delete interface management-ethernet eth0 gateway <IPV4> Configure the gateway e.g or dhcp. This example is to configure management-ethernet eth0 address to : XorPlus# set interface management-ethernet eth0 gateway interface management-ethernet eth1 address Configure your management interface eth1 with a static IP address set interface management-ethernet eth1 address <text> delete interface management-ethernet eth1 address <text> IPv4 address or negotiated via DHCP, e.g /24 or dhcp. This example is to configure management-ethernet eth0 address to /24: XorPlus# set interface management-ethernet eth1 address /24 interface management-ethernet eth1 gateway Configure your management interface eth1 with a static IP address or DHCP set interface management-ethernet eth1 gateway <IPV4> delete interface management-ethernet eth1 gateway <IPV4> Configure the gateway e.g

88 This example is to configure management-ethernet eth0 address to : XorPlus# set interface management-ethernet eth0 gateway interface max-acl-rule-limit <egress/ingress> This command is to set max acl rule counter. set interface max-acl-rule-limit delete interface max-acl-rule-limit egress delete interface max-acl-rule-limit ingress <egress/ingress> the in/out mode of a port egress Set max egress acl rule count ingress Set max ingress acl rule count <egress/ingress> <acl-counter> <acl-counter> max egress or ingress acl counter identifier. Egress:,the counter is [0..256].ingress:[0..896] This example is to max ingress ACL counter is 400 XorPlus# set interface max-acl-rule-limit ingress 400 interface max-route-limit This command is to set max route count. set interface max-route-limit <counter> delete interface max-route-limit <counter> Max Route Counter,range is [ ] This example is to set max route counter 12 and delete it: XorPlus# set interface max-route-limit 12 XorPlus# delete interface max-route-limit 88

89 interface qe-interface-mode This command is to changing the qe-interface-mode. After change the mode, user should reboot the system to make it work. set interface qe-interface-mode <SFP QSFP> To remove the configuration enter: delete interface qe-interface-mode SFP-- 4*10G SFP cable QSFP--40G QSFP cable This example enables qe-interface on SFP mode: XorPlus# set interface qe-interface-mode SFP XorPlus# com Merging the configuration. Commit OK. Save done. Qe interface mode changes, please reboot system to make it effect! XorPlus# show interface aggregate-ethernet <lag> This command is to show information about the specified aggregate-ethernet interface run show interface aggregate-ethernet <lag> [text] <lag> Name of LAG interface (ae1..ae48) [ text] The special information. Options include: brief Show brief information detail Show detail information This example is to show information of ae1: XorPlus# run show interface aggregate-ethernet ae1 Physical interface: ae1, Enabled, error-discard False, Physical link is Down Interface index: 53 Description: Link-level type: Ethernet, MTU: 1514, Speed: Auto, Duplex: Auto Source filtering: Disabled, Flow control: Disabled, Auto-negotiation: Enabled Interface flags: Hardware-Down SNMP-Traps Internal: 0x0 Current address: 08:9e:01:a8:00:49, Hardware address: 08:9e:01:a8:00:49 Traffic statistics: 5 sec input rate 0 bits/sec, 0 packets/sec 5 sec output rate 0 bits/sec, 0 packets/sec 89

90 Input Packets...0 Output Packets...0 Input Octets...0 Output Octets...0 Aggregated link protocol: STATIC Minimum number of selected ports: 1 Members Status Port Speed show interface aggregate-ethernet <lag> dot1q-tunneling This command is to show dot1q-tunneling on a specified lag. run show interface aggregate-ethernet <lag> Name of LAG interface (ae1..ae48) This example is to show bpdu tunneling: <lag> dot1q-tunneling XorPlus# run show interface aggregate-ethernet ae1 dot1q-tunneling Dot1q Tunneling Mode: internal, Ether Type: 0x8100 show interface bpdu-tunneling This command is to show bpdu tunneling on all interface. run show interface bpdu-tunneling This example is to show bpdu tunneling: XorPlus# run show interface bpdu-tunneling Destination Mac: 1:e:0:0:0:1 show interface brief This command show interface brief information,this information includes Interface, Management,Status, Flow Control, Duplex,Speed,Description. run show interface brief This example is to show brief information of interface : XorPlus# run show interface brief Interface Management Status Flow Control Duplex Speed Description 90

91 ge-1/1/1 Enabled Up Disabled Full 100Mb/s ge-1/1/2 Enabled Up Disabled Full 100Mb/s ge-1/1/3 Enabled Down Disabled Full Auto ge-1/1/4 Enabled Up Disabled Full 100Mb/s ge-1/1/5 Enabled Down Disabled Full Auto ge-1/1/6 Enabled Down Disabled Full Auto ge-1/1/7 Disabled Down Disabled Full Auto ge-1/1/8 Disabled Down Disabled Full Auto ge-1/1/9 Disabled Down Disabled Full Auto ge-1/1/10 Disabled Down Disabled Full Auto ge-1/1/11 Disabled Down Disabled Full Auto -Moreshow interface detail This command show interface detail information. run show interface detail This example is to show detail information of interface : XorPlus# run show interface detail Physical interface: ge-1/1/1, Enabled, error-discard False, Physical link is Up Interface index: 1, SFP type: Unknown Description: Link-level type: Ethernet, MTU: 1514, Speed: 100Mb/s, Duplex: Full Source filtering: Disabled, Flow control: Disabled, Auto-negotiation: Enabled Interface flags: Hardware-Down SNMP-Traps Internal: 0x0 Interface rate limit ingress:100, egress:100 Current address: 08:9e:01:a8:00:49, Hardware address: 08:9e:01:a8:00:49 Traffic statistics: 5 sec input rate 0 bits/sec, 0 packets/sec 5 sec output rate 392 bits/sec, 0 packets/sec Input Packets Output Packets Input Octets Output Octets Transmit: Unicast packets...0 Multicast packets Broadcast packets...0 Packets 64 Octets...0 Packets Octets Packets Octets Packets Octets...0 Packets Octets...0 Packets Octets...0 Oversize Packets...0 Total Packets Without Errors Discarded Packets...0 Total Packets With Errors...0 Single Collision Frames...0 Multiple Collision Frames...0 Deferred Frames

92 Late Collisions...0 Excessive Collisions...0 Pause Frames...0 Receive: Unicast packets Moreshow interface diagnostics optics all This command is to show diagnostics informations of all interface or a specified interface. run show interface diagnostics optics all This example is to show diagnostics informations of all interface: XorPlus# run show interface diagnostics optics all Interface Temp(C) Voltage(V) Bias(mA) Tx Power(dBm) Rx Power(dBm) Module Type show interface flexlink This command is to show flexlink information. run show interface flexlink This example is to show flexlink on all interfaces: XorPlus# run show interface flexlink Active Interface Backup Interface Mode Delay(seconds) ge-1/1/1(up) ge-1/1/2(standby) off 0 show interface gigabit-ethernet This command is to show information about the specified gigabit-ethernet interface run show interface gigabit-ethernet <interface> <interfce> a specified interface identifier,[ge-1/1/1...ge-1/1/48],[te-1/1/49...te-1/1/52] This example is to show information of ge-1/1/1: 92

93 XorPlus# run show interface gigabit-ethernet ge-1/1/1 Physical interface: ge-1/1/1, Enabled, error-discard False, Physical link is Up Interface index: 1, SFP type: Unknown Description: Link-level type: Ethernet, MTU: 1514, Speed: 100Mb/s, Duplex: Full Source filtering: Disabled, Flow control: Disabled, Auto-negotiation: Enabled Interface flags: Hardware-Down SNMP-Traps Internal: 0x0 Interface rate limit ingress:100, egress:100 Current address: 08:9e:01:a8:00:49, Hardware address: 08:9e:01:a8:00:49 Traffic statistics: 5 sec input rate 0 bits/sec, 0 packets/sec 5 sec output rate 0 bits/sec, 0 packets/sec Input Packets Output Packets Input Octets Output Octets show interface gigabit-ethernet <interface> This command is to show brief,detail or dot1q-tunneling information of a specified port. run show interface gigabit-ethernet <interface> [text] <interfce> a specified interface identifier,[ge-1/1/1...ge-1/1/48],[te-1/1/49...te-1/1/52] [text] The special information. brief Show interface brief information detail Show interface detail information dot1q-tunneling Show dot1q tunneling information about the specified interface This example is to show detail information on ge-1/1/3: XorPlus# run show interface gigabit-ethernet ge-1/1/3 detail Physical interface: ge-1/1/3, Enabled, error-discard False, Physical link is Up Interface index: 3, SFP type: Unknown Description: Link-level type: Ethernet, MTU: 1514, Speed: 100Mb/s, Duplex: Full Source filtering: Disabled, Flow control: Disabled, Auto-negotiation: Enabled Interface flags: Hardware-Down SNMP-Traps Internal: 0x0 Interface rate limit ingress:0, egress:0 Current address: 08:9e:01:a8:00:49, Hardware address: 08:9e:01:a8:00:49 Traffic statistics: 5 sec input rate 0 bits/sec, 0 packets/sec 5 sec output rate 392 bits/sec, 0 packets/sec Input Packets Output Packets Input Octets Output Octets Transmit: Unicast packets Multicast packets Broadcast packets

94 Packets 64 Octets Packets Octets Packets Octets...2 Packets Octets...0 Packets Octets...0 Packets Octets...0 Oversize Packets...0 Total Packets Without Errors Discarded Packets...0 Total Packets With Errors...0 Single Collision Frames...0 Multiple Collision Frames...0 Deferred Frames...0 Late Collisions...0 Excessive Collisions...0 Pause Frames...0 Receive: Unicast packets Multicast packets...0 Broadcast packets...0 Packets 64 Octets Packets Octets...0 Packets Octets...0 Packets Octets...0 Packets Octets...0 Packets Octets...0 Oversize Packets...0 Total Packets Without Errors Discarded Packets...0 Total Packets With Errors...0 Alignment Errors...0 FCS Errors...0 Collisions...0 Pause Frames...0 show interface management-ethernet eth0 This command is to show information about the management interfaces. run show interface management-ethernet eth0 This example is to show information of management interface eth0 : XorPlus# run show interface management-ethernet eth0 <[Enter]> Execute this command Pipe through a command XorPlus# run show interface management-ethernet eth0 eth0 Hwaddr: 08:9e:01:a8:00:4a State: UP Gateway : Inet addr: /24 fe80::a9e:1ff:fea8:4a/64 Traffic statistics Input Packets Input Bytes Output Packets Output Bytes

95 95

96 VLAN Configuration Commands This section contains descriptions of the CLI commands that this chapter references. run clear vlan-interface statistics loopback show vlan-interface show vlan-interface interface show vlans vlan-interface interface <bozo> router-advertisement disable vlan-interface interface <bozo> vif <bozo> address <ip-address> prefix-length vlan-interface interface <bozo> vif <bozo> description vlans dot1q-tunneling egress <bozo> from <vlan-mode> vlans dot1q-tunneling egress <bozo> then action vlans dot1q-tunneling egress <bozo> then service-vlan vlans dot1q-tunneling ingress <bozo> from double-tag service-vlan vlans dot1q-tunneling ingress <bozo> from one-tag customer-vlan-list vlans dot1q-tunneling ingress <bozo> from untag enabled vlans dot1q-tunneling ingress <bozo> then <vlan-mode> vlans-interface loopback address <ip-address> prefix-length vlans vlan-id vlans vlan-id <vlan-id> description vlans vlan-id <vlan-id> l3-interface vlans vlan-id <vlan-id> vlan-name run clear vlan-interface statistics loopback Thecommand clear the statistic information of loopback interface run clear vlan-interface statistics loopback show vlan-interface The command displays information about all vlan interfaces. run show vlan-interface <text> < text> The special information. Options include: 96

97 brief Show all vlan-interface briefly default: none: Show all vlan-interface This example shows vlan-interface briefly: XorPlus# run show vlan-interface brief Interface Vlan ID Status loopback 4095 UP vlan2 2 UP showvlan-interface: XorPlus# run show vlan-interface loopback Hwaddr 08:9E:01:A8:00:49, Vlan:4095, State:UP Inet addr: /32 ::1/128 fe80::a9e:1ff:1a8:49/64 Traffic statistics: 5 sec input rate IPv4 0 packets/sec, IPv6 0 packets/sec 5 sec forwarding rate IPv4 0 packets/sec, IPv6 0 packets/sec IPv4 Input Packets...0 IPv4 Forwarding Packets...0 IPv6 Input Packets...0 IPv6 Forwarding Packets...0 vlan2 Hwaddr 08:9E:01:A8:00:49, Vlan:2, State:DOWN Inet addr: / / / :1:1:1::/ :2:2:2::/64 fe80::a9e:1ff:2a8:49/64 Traffic statistics: 5 sec input rate IPv4 0 packets/sec, IPv6 0 packets/sec 5 sec forwarding rate IPv4 0 packets/sec, IPv6 0 packets/sec IPv4 Input Packets...0 IPv4 Forwarding Packets...0 IPv6 Input Packets...0 IPv6 Forwarding Packets...0 show vlan-interface interface Thecommand displays information about vlan-interface, user can display the loopback interface or special vlan-interface information. run show vlan-interface interface <text> <text> The special information. Options include: loopback Show loopback interface information <bozo> The description of vlan-id, show special vlan-interface information This example shows loopback interface: 97

98 XorPlus# run show vlan-interface interface loopback loopback Hwaddr 08:9E:01:A8:00:49, Vlan:4095, State:UP Inet addr: /32 ::1/128 fe80::a9e:1ff:1a8:49/64 Traffic statistics: 5 sec input rate IPv4 0 packets/sec, IPv6 0 packets/sec 5 sec forwarding rate IPv4 0 packets/sec, IPv6 0 packets/sec IPv4 Input Packets...0 IPv4 Forwarding Packets...0 IPv6 Input Packets...0 IPv6 Forwarding Packets...0 Show vlan2 interface XorPlus# run show vlan-interface interface vlan2 vlan2 Hwaddr 08:9E:01:A8:00:49, Vlan:2, State:UP Inet addr: / / / :1:1:1::/ :2:2:2::/64 fe80::a9e:1ff:2a8:49/64 Traffic statistics: 5 sec input rate IPv4 0 packets/sec, IPv6 0 packets/sec 5 sec forwarding rate IPv4 0 packets/sec, IPv6 0 packets/sec IPv4 Input Packets...0 IPv4 Forwarding Packets...0 IPv6 Input Packets...0 IPv6 Forwarding Packets...0 show vlans The show vlans command displays information about VLANs configured on switch. The command display VLANID, Tag and Interface by default, user can display the brief, detail or special VLANID information. run show vlans <text> < text> The special information. Options include: brief Show vlan brief information detail Show vlan detail information vlan-id <vlan-id> Show special vlan detail information This example shows VLAN 10: XorPlus# run show vlans VlanID Tag Interfaces untagged ge-1/1/2, ge-1/1/3, ge-1/1/4, ge-1/1/5, ge-1/1/6 ge-1/1/7, ge-1/1/8, ge-1/1/9, ge-1/1/10, ge-1/1/11 ge-1/1/12, ge-1/1/13, ge-1/1/14, ge-1/1/15, ge-1/1/16 ge-1/1/17, ge-1/1/18, ge-1/1/19, ge-1/1/20, ge-1/1/21 98

99 ge-1/1/22, ge-1/1/23, ge-1/1/24, ge-1/1/25, ge-1/1/26 ge-1/1/27, ge-1/1/28, ge-1/1/29, ge-1/1/30, ge-1/1/31 ge-1/1/32, ge-1/1/33, ge-1/1/34, ge-1/1/35, ge-1/1/36 ge-1/1/37, ge-1/1/38, ge-1/1/39, ge-1/1/40, ge-1/1/41 ge-1/1/42, ge-1/1/43, ge-1/1/44, ge-1/1/45, ge-1/1/46 ge-1/1/47, ge-1/1/48, te-1/1/49, te-1/1/50, te-1/1/51 te-1/1/52 tagged 10 untagged ge-1/1/1 tagged XorPlus# run show vlans vlan-id 10 VLAN ID: 10 VLAN Name: aaa Description: myvlan vlan-interface: Number of member ports: 0 Untagged port: None Tagged port: None vlan-interface interface <bozo> router-advertisement disable User can manuallyenable IPv6 routeradvertisement messages. set vlan-interface interface <bozo> router-advertisement disable <bozo> Tunneling description for existing traffic. <bool> <bool> Configure whether to enable the IPv6 routeradvertisement messages. Required select include: true False This example configure manually enable IPv6 router advertisement messages. XorPlus# set vlan-interface interface vlan2 router-advertisement disable false vlan-interface interface <bozo> vif <bozo> address <ip-address> prefix-length User can configure the IP address for the L3 interface set vlan-interface interface <bozo> vif <bozo> address <ip-address> prefix-length <int> delete vlan-interface interface <bozo> 99

100 <bozo> Vlan description. <ip-address> ipv4 or ipv6 address. <int> the network prefix length,the ipv4 range 4-32,ipv6 range This example configure the ipv4 address for thevlan-2 l3-interface: XorPlus# set vlan-interface interface vlan-2 vif vlan-2 address prefix-length 24 This example configure the ipv6 address for thevlan-3 l3-interface: XorPlus#set vlan-interface interface vlan-3 vif vlan-3 address 2001:1:1:1:: prefix-length 64 XorPlus# deletevlan-interface interface vlan-2 vlan-interface interface <bozo> vif <bozo> description User can add description for vlan-interface if special need. set vlan-interface interface <bozo> vif <bozo> description <bozo> delete vlan-interface interface <bozo> vif <bozo> description <bozo> Vlan description. This example configure decription for vlan-interface: XorPlus# set vlan-interface interface vlan-2 vif vlan-2 description zzz XorPlus# delete vlan-interface interface vlan-2 vif vlan-2 description vlans dot1q-tunneling egress <bozo> from <vlan-mode> User can configure the tunneling for the existing traffic, If the packet's customer vlan or service-vlan tag frame is specified, it can pass the port. set vlans dot1q-tunneling egress <bozo> then <bozo> Tunneling description for existing traffic. <vlan-mode> <int> <vlan-mode> Mapping the tagged frames for the packets. Required select include: customer-vlan 100

101 service-vlan <int> Vlan-id This example configure the tunneling t4,if the packet's customer tag frame is10 and service tag frame is 100, it can pass the port XorPlus# set vlans dot1q-tunneling egress t4from customer-vlan 10 XorPlus# set vlans dot1q-tunneling egress t4from service-vlan 100 vlans dot1q-tunneling egress <bozo> then action User can configure the tunneling for the existing traffic.if the packet can pass the port, it need to be changed by the action. set vlans dot1q-tunneling egress <bozo> then action <bozo> Tunneling description for existing traffic. <change-mode> <change- mode> Configure the antion for the packets. Required select include: none the packet do not need to be changed one the outside service tag frame of the packet need to be removed two the service and customer tag frame of the packet need to be removed change the packet need to be changed This example configure the tunneling t5.if the packet can pass the port, the packet do not need to be changed XorPlus# set vlans dot1q-tunneling egress t5 then action none the outside service tag frame of the packet need to be removed XorPlus# set vlans dot1q-tunneling egress t5 then action one the service and customer tag frame of the packet need to be removed XorPlus# set vlans dot1q-tunneling egress t5 then action two the service tag frame of the packet need to be replaced by 200 XorPlus# set vlans dot1q-tunneling egress t5 then action change XorPlus#set vlans dot1q-tunneling egress t5 then service-vlan 200 vlans dot1q-tunneling egress <bozo> then service-vlan User can configure the tunneling for the existing traffic.if the packet can pass the port, the service tag frame of the packet to be changed. set vlans dot1q-tunneling egress <bozo> then service-vlan <int> 101

102 <bozo> Tunneling description for existing traffic. <int> Vlan-id This example configure the tunneling t5.if the packet can pass the port, the service tag frame of the packet need to be replaced by 300 XorPlus# set vlans dot1q-tunneling egress t5 then action change XorPlus#set vlans dot1q-tunneling egress t5 then service-vlan 300 vlans dot1q-tunneling ingress <bozo> from double-tag service-vlan User can configure the tunneling for the entering traffic received by the port. If the packet has double-tag frame and service-vlan is specified, it can pass the port. set vlans dot1q-tunneling ingress <bozo> Tunneling description for entering traffic. <int> Vlan-id <bozo> from double-tag service-vlan <int> This example configure the tunneling t2 for the entering traffic. If the packet has double-tag frame and service-vlan is 100, it can pass the port. XorPlus# set vlans dot1q-tunneling ingress t2 from double-tag service-vlan 100 vlans dot1q-tunneling ingress <bozo> from one-tag customer-vlan-list User can configure the tunneling for the entering traffic received by the port. If the packet has one-tag frame and customer -vlan is specified, it can pass the port. set vlans dot1q-tunneling ingress <bozo> Tunneling for entering traffic. <int> Vlan-id <bozo> from one-tag customer-vlan-list <int> This example configure the tunneling t1 for the entering traffic. If the packet has one-tag frame and customer -vlan is 10, it can pass the port. 102

103 XorPlus# set vlans dot1q-tunneling ingress t1 from one-tag customer-vlan-list 10 vlans dot1q-tunneling ingress <bozo> from untag enabled User can configure thetunneling for the entering traffic received by the port, which has untagg frame. set vlans dot1q-tunneling ingress <bozo> from untag enabled <bozo> Tunneling descriptionfor entering traffic. <bool> <bool> Configure the untagged framesreceived or not by the port. Required select include: true False This example configure the untagged framesreceived or not by the port XorPlus# set vlans dot1q-tunneling ingress t1 from untag enabled true XorPlus# set vlans dot1q-tunneling ingress t1 from untag enabled false vlans dot1q-tunneling ingress <bozo> then <vlan-mode> User can configure the tunneling for the entering traffic received by the port,then add customer or service tag frame for the packets. set vlans dot1q-tunneling ingress <bozo> Tunneling descriptionfor entering traffic. <bozo> then<vlan-mode><int> <vlan-mode> Configure the tag framesfor the packets. Required select include: customer-vlan service-vlan <int> Vlan-id This example configure the tunneling t3,it add customer tag frame 10 and service tag frame 100 for the packets. 103

104 XorPlus# set vlans dot1q-tunneling ingress t3 then customer-vlan 10 XorPlus# set vlans dot1q-tunneling ingress t3 then service-vlan 100 vlans-interface loopback address <ip-address> prefix-length User can configure one or more address for the logical interface set vlan-interface loopback address <ip-address> prefix-length delete vlan-interface loopback address <ip-address> <ip-address> Ipv4 or Ipv6 address. Ipv4 default value: Ipv6 default value: ::1 <int> the ipv4 network prefix length is 32. the ipv6 network prefix length is 128 This example configure the lookback ipv4 and ipv6 address : <int> XorPlus# set vlan-interface loopback address prefix-length 32 XorPlus# set vlan-interface loopback address 2201:00:: prefix-length 128 XorPlus# delete vlan-interface loopback address XorPlus# delete vlan-interface loopback address 2201:00:: vlans vlan-id Vlan-id 1 exist by default, user can add a new vlan-id and delete it. set vlans vlan-id < vlan-id> delete vlans vlan-id < vlan-id> < vlan_id> VLAN tag identifier, the valid VLAN numbers range , can create specify a range of VLAN numbers, e.g. 2,3, This example creates VLAN 10: XorPlus# set vlans vlan-id 10 vlans vlan-id <vlan-id> description User can add description for vlan if special need. 104

105 set vlans vlan-id < vlan-id> description < bozo> delete vlans vlan-id < vlan-id> description < vlan_id> VLAN tag identifier, the valid VLAN numbers range , can create specify a range of VLAN numbers, e.g. 2,3,5-100 < bozo> Vlan description. Default value: None This example creates description for VLAN 10: XorPlus# set vlans vlan-id 10 description myvlan vlans vlan-id <vlan-id> l3-interface User can configure the Layer3 interface for the VLANinterface set vlans vlan-id < vlan_id> l3-interface <bozo> delete vlans vlan-id < vlan_id> l3-interface < vlan_id> VLAN tag identifier, the valid VLAN numbers range , can create specify a range of VLAN numbers, e.g. 2,3,5-100 <bozo> Vlan description. This example configure l3-interface for VLAN 10: XorPlus# set vlans vlan-id 10 l3-interface vlan-1 XorPlus# delete vlans vlan-id 10 l3-interface vlans vlan-id <vlan-id> vlan-name User can configure vlan-name for a special vlan, and the name is optionally implemented. set vlans vlan-id < vlan-id> vlan-name< bozo> delete vlans vlan-id < vlan-id> vlan-name < vlan_id>vlan tag identifier, the valid VLAN numbers range , can create specify a range of VLAN numbers, e.g. 2,3, < bozo>vlan name, up to 32 alphanumeric characters in length. Default value: None 105

106 This example creates vlan-name for VLAN 10: XorPlus# set vlans vlan-id 10 vlan-name aaa 106

107 Firewall Configuration Commands This section contains descriptions of the ACL commands that this chapter references. firewall filter <bozo> description firewall filter <bozo> input interface firewall filter <bozo> input vlan-interface firewall filter <bozo> output interface firewall filter <bozo> output vlan-interface firewall filter <bozo> sequence <int> description firewall filter <bozo> sequence <int> from destination-address-ipv4 firewall filter <bozo> sequence <int> from destination-address-ipv6 firewall filter <bozo> sequence <int> from destination-mac-address firewall filter <bozo> sequence <int> from destination-port firewall filter <bozo> sequence <int> from ether-type firewall filter <bozo> sequence <int> from iptrust-mode firewallfilter <bozo> sequence <int> from ip value firewall filter <bozo> sequence <int> from protocol icmp firewall filter <bozo> sequence <int> from protocol igmp firewall filter <bozo> sequence <int> from protocol ip firewall filter <bozo> sequence <int> from protocol ospf firewall filter <bozo> sequence <int> from protocol others firewall filter <bozo> sequence <int> from protocol tcp firewall filter <bozo> sequence <int> from protocol tcp flags firewall filter <bozo> sequence <int> from protocol udp firewall filter <bozo> sequence <int> from source-address-ipv4 firewall filter <bozo> sequence <int> from source-address-ipv6 firewall filter <bozo> sequence <int> from source-mac-address firewall filter <bozo> sequence <int> from source-port firewall filter <bozo> sequence <int> from vlan firewall filter <bozo> sequence <int> log interval firewall filter <bozo> sequence <int> then action firewall system-output disable show filter 107

108 firewall filter <bozo> description User can configure the filter description. set firewall filter <bozo>description<filter-d> delete firewall filter <bozo>description <bozo>filter name <filter-d>filter description This example configure the filter f4 description myfilter: XorPlus# set firewall filter f4 description myfilter XorPlus# delete firewall filter f4description firewall filter <bozo> input interface User can configure the filter to filter the input packets of the interface. set firewall filter delete firewall filter <bozo> filter name <bozo> input interface <port> interface description <bozo> input interface <port> <port> This example configure the filter f1 to filter the input packets of the interface ge-1/1/1: XorPlus# set firewall filter f1 input interface ge-1/1/1 XorPlus# delete firewall filter f1 input interface ge-1/1/1 firewall filter <bozo> input vlan-interface User can configure the filter to filter the input packets of the vlan-interface. set firewall filter delete firewall filter <bozo> input vlan-interface <bozo> input vlan-interface <l3-port> <l3-port> 108

109 <bozo> filter name <l3-port> l3-interface description This example configure the filter f2 to filter the input packets of the vlan-interface vlan2: XorPlus# set firewall filter f2 input vlan-interface vlan2 XorPlus# delete firewall filter f2 input vlan-interface vlan2 firewall filter <bozo> output interface User can configure the filter to filter the output packets of the interface. set firewall filter delete firewall filter <bozo> filter name <bozo> output interface <port> interface description <bozo> output interface <port> <port> This example configure the filter f3 to filter the output packets of the interface ge-1/1/2: XorPlus# set firewall filter f3 output interface ge-1/1/2 XorPlus# delete firewall filter f3 output interface ge-1/1/2 firewall filter <bozo> output vlan-interface User can configure the filter to filter the output packets of the vlan-interface. set firewall filter delete firewall filter <bozo> filter name <bozo> output vlan-interface <bozo> output vlan-interface <l3-port> l 3-interface description <l3-port> <l3-port> This example configure the filter f4 to filter the output packets of the vlan-interface vlan2: XorPlus# set firewall filter f4output vlan-interface vlan2 XorPlus# delete firewall filter f4output vlan-interface vlan2 109

110 firewall filter <bozo> sequence <int> description User can configure the filter sequence description. set firewall filter <bozo> sequence <int> description <sequence-d> delete firewall filter <bozo> sequence <int> description <bozo> filter name <int> sequence number range <sequence-d> filter sequence description This example configure the filter f4 sequence 10 description mysequence XorPlus# set firewall filter f4sequence 10 description mysequence XorPlus# delete firewall filter f4sequence 10 description firewall filter <bozo> sequence <int> from destination-address-ipv4 User can configure the filter sequence to filter the packets, which destination-address is ipv4-address and specified. set firewall filter <bozo> sequence <int> from destination-address-ipv4 <ipv4-address/netmask> delete firewall filter <bozo> sequence <int> from destination-address-ipv4 <bozo> filter name <int> sequence number range <ipv4-address/netmask> ipv4 address/prefix-length This example configure the filter f1 sequence1to filter the packets which destination addressis /32: XorPlus# set firewall filter f1 sequence 1 from destination-address-ipv /32 XorPlus# delete firewall filter f1 sequence 1 from destination-address-ipv4 firewall filter <bozo> sequence <int> from destination-address-ipv6 User can configure the filter sequence to filter the packets, which destination-address is ipv6-address and specified. 110

111 set firewall filter <bozo> sequence <int> from destination-address-ipv6 <ipv6-address/netmask> delete firewall filter <bozo> sequence <int> from destination-address-ipv6 <bozo> filter name <int> sequence number range <ipv6-address/netmask> ipv6 address/prefix-length This example configure the filter f2 sequence2 to filter the packets,which destination address is 2001:1::/32: XorPlus# set firewall filter f2 sequence 2 from destination-address-ipv62001:1::/32 XorPlus# delete firewall filter f2 sequence 2from destination-address-ipv6 firewall filter <bozo> sequence <int> from destination-mac-address User can configure the filter sequence to filter the packets, which destination-mac-address is specified. set firewall filter <bozo> sequence <int> from destination-mac-address <mac-address> delete firewall filter <bozo> sequence <int> from destination-mac-address <bozo> filter name <int> sequence number range <mac-address> destination-mac-address This example configure the filter f2 sequence2 to filter the packets which destination-mac-address is 44:44:44:44:44:44: XorPlus# set firewall filter f2 sequence 2 from destination-mac-address 44:44:44:44:44:44 XorPlus#set firewall filter f2 sequence 2 then action discard XorPlus# delete firewall filter f2 sequence 2 from destination-mac-address firewall filter <bozo> sequence <int> from destination-port User can configure the filter sequence to filter the packets, which destination-port is specified. set firewall filter <bozo> sequence <int> from destination-port <port-number> delete firewall filter <bozo> sequence <int> from destination-port 111

112 <bozo> filter name <int> sequence number range <port-number> destination-port number range This example configure the filter f1 sequence2 to filter the packets which destination-port range : XorPlus# set firewall filter f1 sequence 2 from destination-port XorPlus#delete firewall filter f1 sequence 2 from destination-port firewall filter <bozo> sequence <int> from ether-type User can configure the filter sequence to filter the packets, which ether-type data field is specified. set firewall filter <bozo> sequence <int> from ether-type <type> delete firewall filter <bozo> sequence <int> from ether-type <bozo> filter name <int> sequence number range <type> ether-type range This example configure the filter f1 sequence2 to filter the packets which ether-type data fieldis 0x0800: XorPlus# set firewall filter f1 sequence 2 from ether-type 2048 XorPlus# delete firewall filter f1 sequence 2 from ether-type firewall filter <bozo> sequence <int> from iptrust-mode User can configure the filter sequence to filter the packets, which ip-priority-mod is specified. set firewall filter <bozo> sequence <int> from ip trust-mode<mode> delete firewall filter <bozo> sequence <int> from ip <bozo> filter name <int> sequence number range <mode> ip-priority-mod dscp inet-precedence 112

113 This example configure the filter f1 sequence2 to filter the packets which ip-priority-mod is dscp or innet-precedence: XorPlus# set firewall filter f1 sequence 2 from ip trust-mode dscp XorPlus# set firewall filter f1 sequence 2 from ip value 2 XorPlus# set firewall filter f1 sequence 2 from ip trust-mode inet-precedence XorPlus# delete firewall filter f1 sequence 2 from ip firewallfilter <bozo> sequence <int> from ip value User can configure the filter sequence to filter the packets, which ip-priority-value is specified. set firewall filter <bozo> sequence <int> from ipvalue <ip-value> delete firewall filter <bozo> sequence <int> from ip <bozo> filter name <int> sequence number range <ip-value> ip-priority-value 0-7 for innet-precedence 0-63 for dscp This example configure the filter f1 sequence2 to filter the packets which ip-priority-value is 2: XorPlus# set firewall filter f1 sequence 2 from ip trust-mode dscp XorPlus# set firewall filter f1 sequence 2 from ip value 2 XorPlus# delete firewall filter f1 sequence 2 from ip firewall filter <bozo> sequence <int> from protocol icmp User can configure the filter sequence to filter the packets, which use the icmp protocol as the L4 protocol. The icmp-code and icmp-type can be specified. set firewall filter <bozo> sequence <int> from protocol icmp [text] [value] delete firewall filter <bozo> sequence <int> from protocol icmp <text> delete firewall filter <bozo> sequence <int> from protocolicmp <bozo> filter name <int> sequence number range [text] theattribute of the icmp protocol 113

114 Default value:none code type [value] the value of the icmp-code or icmp-type for icmpcode for icmptype This example configure the filter f1 sequence 10 to filter the packets which ipmp-code is 0 and icmp-type is 24: XorPlus# set firewall filter f1 sequence 10 from protocol icmp XorPlus# set firewall filter f1 sequence 10 from protocol icmp code 0 XorPlus# set firewall filter f1 sequence 10 from protocol icmp type 24 XorPlus# delete firewall filter f1 sequence 10 from protocol icmp code XorPlus# delete firewall filter f1 sequence 10 from protocol icmp type XorPlus# delete firewall filter f1 sequence 10 from protocol firewall filter <bozo> sequence <int> from protocol igmp User can configure the filter sequence to filter the packets, which use the igmp protocol as the L4 protocol. set firewall filter <bozo> sequence <int> from protocol igmp delete firewall filter <bozo> sequence <int> from protocol <bozo> filter name <int> sequence number range This example configure the filter f1 sequence 10 to filter the packets which use the igmp protocol as the L4 protocol. XorPlus# set firewall filter f1 sequence 10 from protocol igmp XorPlus# delete firewall filter f1 sequence 10 from protocol firewall filter <bozo> sequence <int> from protocol ip User can configure the filter sequence to filter the packets, which use the ip protocol as the L4 protocol. set firewall filter <bozo> sequence <int> from protocol ip delete firewall filter <bozo> sequence <int> from protocol 114

115 <bozo> filter name <int> sequence number range This example configure the filter f1 sequence 10 to filter the packets which use the ip protocol as the L4 protocol. XorPlus# set firewall filter f1 sequence 10 from protocol ip XorPlus# delete firewall filter f1 sequence 10 from protocol firewall filter <bozo> sequence <int> from protocol ospf User can configure the filter sequence to filter the packets, which use the ospf protocol as the L4 protocol. set firewall filter <bozo> sequence <int> from protocol ospf delete firewall filter <bozo> sequence <int> from protocol <bozo> filter name <int> sequence number range This example configure the filter f1 sequence 10 to filter the packets,whichuse the ospf protocol as the L4 protocol. XorPlus# set firewall filter f1 sequence 10 from protocol ospf XorPlus# delete firewall filter f1 sequence 10 from protocol firewall filter <bozo> sequence <int> from protocol others User can configure the filter sequence to filter the packets, whose L4 protocol number is specified. set firewall filter <bozo> sequence <int> from protocol others <value> delete firewall filter <bozo> sequence <int> from protocol <bozo> filter name <int> sequence number range <value> the protocol number range This example configure the filter f1 sequence 10 to filter the packets,whose L4 protocol number is

116 XorPlus# set firewall filter f1 sequence 10 from protocol others 21 XorPlus# delete firewall filter f1 sequence 10 from protocol firewall filter <bozo> sequence <int> from protocol tcp User can configure the filter sequence to filter the packets,which use the tcp protocol as the L4 protocol. set firewall filter <bozo> sequence <int> from protocol tcp delete firewall filter <bozo> sequence <int> from protocol <bozo> filter name <int> sequence number range This example configure the filter f1 sequence 10 to filter the packets, which use the tcp protocol as the L4 protocol. XorPlus# set firewall filter f1 sequence 10 from protocol tcp XorPlus# delete firewall filter f1 sequence 10 from protocol firewall filter <bozo> sequence <int> from protocol tcp flags User can configure the filter sequence to filter the packets, whose L4 protocol number is tcp protocol and tcp flags is specified. set firewall filter <bozo> sequence <int> from protocol tcp flags<type><value> delete firewall filter <bozo> sequence <int> from protocoltcp flags <type> delete firewall filter <bozo> sequence <int> from protocol <bozo> filter name <int> sequence number range <type> tcp flag type ack The Acknowledgment field fin The FIN field psh The Push field rst The Reset connection field syn The Synchronize sequence field tcp-established The Established field tcp-initial The Initial field 116

117 urg The Urgent pointer field <bool> the value of the flag field true false This example configure the filter f1 sequence 10 to filter the packets, whose L4 protocol is tcp andsome tcp flags is specified. XorPlus# set firewall filter f1 sequence 10 from protocol tcp flags ack true XorPlus# set firewall filter f1 sequence 10 from protocol tcp flags psh false XorPlus# delete firewall filter f1 sequence 10 from protocol tcp flags ack XorPlus# delete firewall filter f1 sequence 10 from protocol tcp flags psh XorPlus# delete firewall filter f1 sequence 10 from protocol firewall filter <bozo> sequence <int> from protocol udp User can configure the filter sequence to filter the packets, which use the udp protocol as the L4 protocol. set firewall filter <bozo> sequence <int> from protocol udp delete firewall filter <bozo> sequence <int> from protocol <bozo> filter name <int> sequence number range This example configure the filter f1 sequence 10 to filter the packets which use the udp protocol as the L4 protocol. XorPlus# set firewall filter f1 sequence 10 from protocol udp XorPlus# delete firewall filter f1 sequence 10 from protocol firewall filter <bozo> sequence <int> from source-address-ipv4 User can configure the filter sequence to filter the packets, which source-address is ipv4 and specified. set firewall filter <bozo> sequence <int> from source-address-ipv4 <ipv4-address/netmask> delete firewall filter <bozo> sequence <int> from source-address-ipv4 117

118 <bozo> filter name <int> sequence number range <ipv4-address/netmask> ipv4 address/prefix-length This example configure the filter f1 sequence1 to filter the packets, which source address is /32: XorPlus# set firewall filter f1 sequence 1 from source-address-ipv /32 XorPlus# delete firewall filter f1 sequence 1 from source-address-ipv4 firewall filter <bozo> sequence <int> from source-address-ipv6 User can configure the filter sequence to filter the packets, which destination-address is ipv6 and specified. set firewall filter <bozo> sequence <int> from source-address-ipv6 <ipv6-address/netmask> delete firewall filter <bozo> sequence <int> from source-address-ipv6 <bozo> filter name <int> sequence number range <ipv6-address/netmask> ipv6 address/prefix-length This example configure the filter f2 sequence2 to filter the packets,which source address is 2001:1::/32: XorPlus# set firewall filter f2 sequence 2 from source-address-ipv62001:1::/32 XorPlus# delete firewall filter f2 sequence 20 from source-address-ipv6 firewall filter <bozo> sequence <int> from source-mac-address User can configure the filter sequence to filter the packets, which source-mac-address is specified. set firewall filter <bozo> sequence <int> from source-mac-address <mac-address> delete firewall filter <bozo> sequence <int> from source-mac-address <bozo> filter name <int> sequence number range <mac-address> source-mac-address 118

119 This example configure the filter f2 sequence2 to filter the packets, which source-mac-address is 22:22:11:11:44:22: XorPlus# set firewall filter f1 sequence 2 from source-mac-address 22:22:11:11:44:22 XorPlus#set firewall filter f1 sequence 2 then action discard XorPlus# delete firewall filter f1 sequence 2 from source-mac-address firewall filter <bozo> sequence <int> from source-port User can configure the filter sequence to filter the packets, which source-port is specified. set firewall filter <bozo> sequence <int> from source-port <port-number> delete firewall filter <bozo> sequence <int> from source-port <bozo> filter name <int> sequence number range <port-number> source-port number range This example configure the filter f1 sequence2 to filter the packets which source-port range : XorPlus# set firewall filter f1 sequence 2 from source-port XorPlus#delete firewall filter f1 sequence 2 from source-port firewall filter <bozo> sequence <int> from vlan User can configure the filter sequence to filter the packets, which vlan data field is specified. set firewall filter <bozo> sequence <int> from vlan <vlan-id> delete firewall filter <bozo> sequence <int> from vlan <bozo> filter name <int> sequence number range <vlan-id> thevlan ID range This example configure the filter f1 sequence2 to filter the packets which vlan-id is 3: 119

120 XorPlus# set firewall filter f1 sequence 2 from vlan 3 XorPlus#delete firewall filter f1 sequence 2 from vlan firewall filter <bozo> sequence <int> log interval User can configure the filter sequence to record the log at set intervals and the time is specified. set firewall filter <bozo> sequence <int> log interval <time> delete firewall filter <bozo> filter name <bozo> sequence <int> sequence number range <time> time interval and in seconds <int> log This example configure the filter f4 sequence 10 to record the log every 10 seconds. XorPlus# set firewall filter f4sequence 10 log interval 10 XorPlus# delete firewall filter f4sequence 10 log firewall filter <bozo> sequence <int> then action User can configure the next action of the filter sequence when the match packets arrive. set firewall filter <bozo> sequence <int> then action <action-type> <bozo> filter name <int> sequence number range <action-type> the next step to execute forward Discard This example configure the filter f4 sequence 10,the match packets can pass when the match packets arrive. The filter f4 sequence 100,the packets need to be discarded when the match packets arrive. XorPlus# set firewall filter f4sequence 10 then action forward XorPlus# set firewall filter f4sequence 100then action discard 120

121 firewall system-output disable User can configure the firewall to control the switch whether to filter the L3 protocol packets. set firewall system-out disable <bool> <bool> switch value true disable to apply output filters to traffic from the system self False enable to apply output filters to traffic from the system self This example configure the firewall to open the switch to filter the L3 protocol packets. XorPlus# set firewall system-out disabled true show filter The command displays information about all filter runshow vlans[text] [text] The special information. Options include: <bozo>filter discription Default value: none This example shows all filter information: XorPlus# run show filter Filter: f1 Description: asa Input interface: ge-1/1/1 Filter: f2 Description: Input interface: vlan2 Filter: f3 Description: Output interface: ge-1/1/2 Filter: f4 Description: Output interface: vlan2 Show filter f1 121

122 XorPlus# run show filter f1 Filter: f1 Description: asa Input interface: ge-1/1/1 122

123 QoS Configuration Commands This section contains descriptions of the Layer2 and Layer3 QoS configuration commands that this chapter references. class-of-service classifier <classifier-name> class-of-service classifier <classifier-name> forwarding-class <forwarding-class-name> code-point <code-point> class-of-service classifier <classifier-name> forwarding-class <forwarding-class-name> schedule <schedule-name> class-of-service classifier <classifier-name> trust-mode <trust-mode> class-of-service forwarding-class <forwarding-class-name> local-priority <local-priority> class-of-service interface <port> classifier <classifier-name> class-of-service schedule <schedule-name> guaranteed-rate <guaranteed-rate> class-of-service schedule <schedule-name> mode SP class-of-service schedule <schedule-name> mode WFQ class-of-service schedule <schedule-name> mode WRR class-of-service schedule <schedule-name> weight <weight-id> interface gigabit-ethernet <port> static-ethernet-switching mac-address <mac-address> vlan <vlan-id> show class-of-service <text> class-of-service classifier <classifier-name> User can configure classifier-neme for a classifier, and the name is optionally implemented. set class-of service classifier < classifier-name> delete class-of service classifier c1 < classifier-name > Classifier configuration,it is optionally implemented. This example creates classifier c1: XorPlus# set class-of-service classifier c1 123

124 class-of-service classifier <classifier-name> forwarding-class <forwarding-class-name> code-point <code-point> User can configure a code-point for a special forwarding-class.the name of the classifier and the forwarding-class is optionally implemented. set class-of service classifier < classifier-name> forwarding-class < forwarding-class-name> code-point < int> delete class-of service classifier c1 forwarding-class f1 code-point 6 < classifier-name > Classifier configuration,it is optionally implemented. < forwarding-class- name> Name of forwarding class. This example creates a forwarding class f1with the code-point 6 and f2 with the code-point 62. XorPlus# set class-of-service classifier c1 forwarding-class f1 code-point 6 XorPlus# set class-of-service classifier c2 forwarding-class f2 code-point 62 class-of-service classifier <classifier-name> forwarding-class <forwarding-class-name> schedule <schedule-name> User can configure a queue schedule and a forwarding class for a special classifier. set class-of service classifier < classifier-name> forwarding-class < forwarding-class-name> schedule < schedule-name> delete class-of service classifier c1 forwarding-class f1 schedule < classifier-name > Classifier configuration,it is optionally implemented. < forwarding-class- name> Name of forwarding class. < schedule-name> Queue schedule configuration. This example creates a classifier c1 with the forwarding-class f1 and the schedule s1. XorPlus# set class-of-service classifier c1 forwarding-class f1 schedule s1 124

125 class-of-service classifier <classifier-name> trust-mode <trust-mode> User can configure classifier-neme for a classifier, and the name is optionally implemented. The value of trust-mode can be DSCP,IEEE 802.1p or inet-precedence. set class-of service classifier < classifier-name> trust-mode < trust-mode> delete class-of service classifier c1 trust-mode < classifier-name > Classifier configuration,it is optionally implemented. < trust-mode > Priority based,the value of trust-mode can be DSCP,IEEE 802.1p or inet-precedence. This example creates classifier c1 based on the trust-mode of DSCP: XorPlus# set class-of-service classifier c1 trust-mode dscp This example creates classifier c2 based on the trust-mode of IEEE 802.1p: XorPlus# set class-of-service classifier c2 trust-mode ieee 802.1p This example creates classifier c3 based on the trust-mode of inet-precedence: XorPlus# set class-of-service classifier c3 trust-mode inet-precedence class-of-service forwarding-class <forwarding-class-name> local-priority <local-priority> User can configure the local-priority for a special forwarding-class,the name of forwarding-class is optionally implemented. set class-of service forwarding-class < forwarding-class- name> local-priority < int> delete class-of service forwarding-class f1 local-priority delete class-of-service forwarding-class f1 < forwarding-class- name> Name of forwarding class. < int> Local priority,the valid local priority numbers range 0-7. Default value: 0 This example creates a forwarding-class f1and the local priority is 1. XorPlus# set class-of-service forwarding-class f1 local-priority 1 125

126 class-of-service interface <port> classifier <classifier-name> User can configure a classifier for port. set class-of service interface < port> classifier < classifier-name> delete class-of service interface ge-1/1/1 < port> GigabitEthernet IEEE 802.3z or 802.3ae. e.g. ge-1/1/1. < classifier-name> Classifier configuration,it is optionally implemented. This example creates classifier for port ge-1/1/1. XorPlus# set class-of-service interface ge-1/1/1 classifier c1 class-of-service schedule <schedule-name> guaranteed-rate <guaranteed-rate> User can configure the minimum guaranteed bandwith for WFQ queue. set class-of service schedule < schedule-name> guaranteed-rate < guaranteed-rate> delete class-of service schedule s1 guaranteed-rate < schedule-name> Queue schedule configuration,it is optionally implemented. < guaranteed-rate> The minimum guaranteed bandwidth, only for WFQ. the valid guaranteed-rate range This example creates schedule s1 with the minimum guaranteed bandwitdth 100. XorPlus# set class-of-service schedule s1 guaranteed-rate 100 class-of-service schedule <schedule-name> mode SP User can configure a schedule with SP queue. set class-of service schedule < schedule-name> mode SP delete class-of service schedule s1 < schedule-name> Queue schedule configuration,it is optionally implemented. 126

127 This example creates schedule s1 with SP queue. XorPlus# set class-of-service schedule s1 mode SP class-of-service schedule <schedule-name> mode WFQ User can configure the scheduling mode of associated queues a schedule with WFQ queue. set class-of service schedule < schedule-name> mode WFQ delete class-of service schedule s1 < schedule-name> Queue schedule configuration,it is optionally implemented. This example creates schedule s1 with WFQ queue. XorPlus# set class-of-service schedule s1 mode WFQ class-of-service schedule <schedule-name> mode WRR User can configure a schedule with WRR queue. set class-of service schedule < schedule-name> mode WRR delete class-of service schedule s1 < schedule-name> Queue schedule configuration,it is optionally implemented. This example creates schedule s1 with WRR queue. XorPlus# set class-of-service schedule s1 mode WRR class-of-service schedule <schedule-name> weight <weight-id> User can configure a scheduling weight of associated queues. set class-of service schedule < schedule-name> weight < weight-id> delete class-of service schedule s1 weight 127

128 < schedule-name> Queue schedule configuration,it is optionally implemented. < weight-id> The scheduling weight of associated queues, the valid weight numbers range This example creates a scheduling weight of associated queues. XorPlus# set class-of-service schedule s1 weight 3 interface gigabit-ethernet <port> static-ethernet-switching mac-address <mac-address> vlan <vlan-id> User can configure a mac address for port belong to more than one vlan. set interface gigabit-ethernet < port> static-ethernet-switching mac-address < mac-address> vlan < vlan-id> < port> GigabitEthernet IEEE 802.3z or 802.3ae. e.g. ge-1/1/1. < mac-address> Add static mac address for a specific interface. < vlan-id> VLAN tag identifier, the valid VLAN numbers range , can create specify a range of VLAN numbers, e.g. 2,3, This example configure a mac address for port belong to vlan 1. XorPlus# set interface gigabit-ethernet ge-1/1/1 static-ethernet-switching mac-address 22:11:11:11:11:11 vlan 1 show class-of-service <text> The show class-of-service command displays information about QoS configured on switch. User can display the interface,trust-mode,local-priority,queue-schedule and the code-point information.the default queue-schedule is SP. run show class-of-service <text> < text> The special information. Options include: Interface: Show class of service on specified interface This example shows class-of-service: 128

129 XorPlus# run show class-of-service Interface Trust-mode Local-priority Queue-Schedule Code-points ge-1/1/1 ieee WRR,5 3 ge-1/1/2 ieee SP 7 129

130 multicast_interface Configuration Commands multicast-interface interface <text> vif <text> disable show multicast interface multicast-interface interface <text> vif <text> disable Users can enable or disable multicast_interface. You should enable the multicast interface before enabling the IGMP interface. set multicast-interface interface <text_n> vif <text_v> disable <bool> delete multicast-interface interface <text_n> vif <text_v> disable <text_n> Configure IPv4 MFEA on a network interface. <text_v> Configure IPv4 MFEA on a virtual interface <bool> Disable or enable IPv4 multicast-interface on an interface true disable multicast_interface false enable multicast_interface This example is to enable multicast interface:: XorPlus# set vlans vlan-id 2 l3-interface vlan2 XorPlus# set vlans vlan-id 3 l3-interface vlan3 XorPlus# set interface gigabit-ethernet ge-1/1/1 family ethernet-switching native-vlan-id 2 XorPlus# set interface gigabit-ethernet ge-1/1/2 family ethernet-switching native-vlan-id 3 XorPlus# set vlan-interface interface vlan2 vif vlan2 address prefix-length 24 XorPlus# set vlan-interface interface vlan3 vif vlan3 address prefix-length 24 XorPlus# set multicast-interface interface vlan2 vif vlan2disable false XorPlus# set multicast-interface interface vlan3 vif vlan2 disable false show multicast interface run show multicast interface [addr] [addr] Display information about addresses of multicast IPv4 interfaces 130

131 This example is to show multicast interface address: XorPlus# run show multicast interface address Interface Addr Subnet Broadcast P2Paddr loopback / vlan / vlan / XorPlus# XorPlus# run show multicast interface Interface State Vif/PifIndex Addr Flags vlan4 UP 3/ MULTICAST BROADCAST KERN_UP vlan5 UP 4/ MULTICAST BROADCAST KERN_UP 131

132 Protocol Configuration Commands protocols arp aging-time protocols arp interface <interface> address <ipv4-addr> mac-address protocols arp interface <interface> inspection disable protocols arp interface <interface> proxy disable protocols bfd interface <interface> detect-multiplier protocols bfd interface <interface> disable protocols bfd interface <interface> min-echo-receive-interval protocols bfd interface <interface> min-receive-interval protocols bfd interface <interface> min-transmit-interval protocols bfd mode protocols bgp aggregate <network> <IPV?net> suppress-detail protocols bgp aggregate network4 <IPV4net> brief-mode protocols bgp auto-summary protocols bgp bgp-id protocols bgp confederation disable protocols bgp confederation identifier protocols bgp damping disable protocols bgp damping half-life protocols bgp damping max-suppress protocols bgp damping reuse protocols bgp damping suppress protocols bgp enable-4byte-as-numbers protocols bgp export protocols bgp fast-external-fallover disable protocols bgp import protocols bgp local-as protocols bgp local-preference protocols bgp med protocols bgp multipath disable protocols bgp multipath path-relax protocols bgp network4 <IPv4Net> 132

133 protocols bgp network6 <ipv6net> protocols bgp peer <text> advertise community disable protocols bgp peer <text> advertise community-ext disable protocols bgp peer <text> allow-as-loop protocols bgp peer <text> as protocols bgp peer <text> bfd disable protocols bgp peer <text> client protocols bgp peer <text> confederation-member protocols bgp peer <text> default-route-advertise disable protocols bgp peer <text> delay-open-time protocols bgp peer <text> disable protocols bgp peer <text> export protocols bgp peer <text> holdtime protocols bgp peer <text> import protocols bgp peer <text> ipv4-multicast protocols bgp peer <text> ipv4-unicast protocols bgp peer <text> ipv6-multicast protocols bgp peer <text> ipv6-unicast protocols bgp peer <text> local-ip protocols bgp peer <text> md5-password protocols bgp peer <text> next-hop-self protocols bgp peer <text> prefix-limit maximum protocols bgp peer <text> public-as-only protocols bgp route-reflector cluster-id protocols bgp route-reflector disable protocols bgp synchronization protocols dhcp option82 disable protocols dhcp relay port <bozo> circuit-id protocols dhcp relay vlan-interface <bozo> dhcp-server-address <numbere> protocols dhcp relay vlan-interface <bozo> disable protocols dhcp snooping binding file protocols dhcp snooping binding timeout protocols dhcp snooping disable protocols dhcp snooping port <bozo> trust 133

134 protocols igmp disable protocols igmp interface <text> vif <text> disable protocols igmp interface <text> vif <text> enable-ip-router-alert-option-check protocols igmp interface <text> vif <text> query-interval protocols igmp interface <text> vif <text> query-last-member-interval protocols igmp interface <text> vif <text> query-response-interval protocols igmp interface <text> vif <text> robust-count protocols igmp interface <text> vif <text> version protocols igmp-snooping enable protocols igmp-snooping last-member-query-count protocols igmp-snooping last-member-query-interval protocols igmp-snooping max-response-time protocols igmp-snooping query-interval protocols igmp-snooping report-suppression protocols igmp-snooping robustness-variable protocols igmp-snooping vlan-id <id> enable protocols igmp-snooping vlan-id <id> fast-leave protocols igmp-snooping vlan-id <id> mrouter interface protocols igmp-snooping vlan-id <id> querier address protocols igmp-snooping vlan-id <id> querier enable protocols igmp-snooping vlan-id <id> querier other-querier-timer protocols igmp-snooping vlan-id <id> querier version protocols igmp-snooping vlan-id <id> static group <IPv4> interface protocols lacp interface <interface> priority protocols lacp priority protocols ospf4 area <area-id1> interface <bozo> vif <bozo> address <ip-address1> neighbor <ip-address2> router-id protocols ospf4 area <area-id1> virtual-link <router-id> transmit-area protocols ospf4 area <area-id> area-range <ip-address/netmask> advertise protocols ospf4 area <area-id> area-type protocols ospf4 area <area-id> default-lsa disable protocols ospf4 area <area-id> default-lsa metric protocols ospf4 area <area-id> interface <bozo> link-type protocols ospf4 area <area-id> interface <bozo> vif <bozo> address 134

135 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> end-time protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> max-time-drift protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> password protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> simple-password protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> bfd disable protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> disable protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> hello-interval protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> interface-cost protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> passive disable protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> priority protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> retransmit-interval protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> router-dead-interval protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> transmit-delay protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address authentication md5 <int> start-time protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address passive host protocols ospf4 area <area-id> summaries disable protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> end-time protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> max-time-drift protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> password protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> simple-password protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> start-time protocols ospf4 area <area-id> virtual-link <router-id> hello-interval protocols ospf4 area <area-id> virtual-link <router-id> retransmit-interval 135

136 protocols ospf4 area <area-id> virtual-link <router-id> router-dead-interval protocols ospf4 area <area-id> virtual-link <router-id> transmit-delay protocols ospf4 export protocols ospf4 import protocols ospf4 ip-router-alert protocols ospf4 rfc1583-compatibility protocols ospf4 router-id protocols ospf6 area <area-id1> interface <bozo> vif <bozo> neighbor <ip-address> router-id protocols ospf6 area <area-id1> virtual-link <router-id> transmit-area protocols ospf6 area <area-id> area-range <ip-address/netmask> advertise protocols ospf6 area <area-id> area-type protocols ospf6 area <area-id> default-lsa disable protocols ospf6 area <area-id> default-lsa metric protocols ospf6 area <area-id> interface <bozo> link-type protocols ospf6 area <area-id> interface <bozo> vif <bozo> address <ip-address> disable protocols ospf6 area <area-id> interface <bozo> vif <bozo> bfd disable protocols ospf6 area <area-id> interface <bozo> vif <bozo> disable protocols ospf6 area <area-id> interface <bozo> vif <bozo> hello-interval protocols ospf6 area <area-id> interface <bozo> vif <bozo> interface-cost protocols ospf6 area <area-id> interface <bozo> vif <bozo> passive protocols ospf6 area <area-id> interface <bozo> vif <bozo> priority protocols ospf6 area <area-id> interface <bozo> vif <bozo> retransmit-interval protocols ospf6 area <area-id> interface <bozo> vif <bozo> router-dead-interval protocols ospf6 area <area-id> interface <bozo> vif <bozo> transmit-delay protocols ospf6 area <area-id> summaries disable protocols ospf6 area <area-id> virtual-link <router-id> hello-interval protocols ospf6 area <area-id> virtual-link <router-id> retransmit-interval protocols ospf6 area <area-id> virtual-link <router-id> router-dead-interval protocols ospf6 area <area-id> virtual-link <router-id> transmit-delay protocols ospf6 export protocols ospf6 import protocols ospf6 instance-id protocols ospf6 ip-router-alert 136

137 protocols ospf6 router-id protocols rip export protocols rip import protocols rip interface <bozo> vif <bozo> address <ip-address> accept-default-route protocols rip interface <bozo> vif <bozo> address <ip-address> accept-non-rip-requests protocols rip interface <bozo> vif <bozo> address <ip-address> advertise-default-route protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> end-time protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> password protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> start-time protocols rip interface <bozo> vif <bozo> address <ip-address> authentication simple-password protocols rip interface <bozo> vif <bozo> address <ip-address> deletion-delay protocols rip interface <bozo> vif <bozo> address <ip-address> disable protocols rip interface <bozo> vif <bozo> address <ip-address> horizon protocols rip interface <bozo> vif <bozo> address <ip-address> interpacket-delay protocols rip interface <bozo> vif <bozo> address <ip-address> metric protocols rip interface <bozo> vif <bozo> address <ip-address> passive protocols rip interface <bozo> vif <bozo> address <ip-address> request-interval protocols rip interface <bozo> vif <bozo> address <ip-address> route-timeout protocols rip interface <bozo> vif <bozo> address <ip-address> triggered-delay protocols rip interface <bozo> vif <bozo> address <ip-address> triggered-jitter protocols rip interface <bozo> vif <bozo> address <ip-address> update-interval protocols rip interface <bozo> vif <bozo> address <ip-address> update-jitter protocols sflow agent-id protocols sflow collector <IPv4> udp-port protocols sflow disable protocols sflow header-len protocols sflow interface <port> disable protocols sflow interface <port> header-len protocols sflow interface <port> polling-interval protocols sflow interface <port> sampling-rate egress protocols sflow interface <port> sampling-rate ingress 137

138 protocols sflow polling-interval protocols sflow sampling-rate egress protocols sflow sampling-rate ingress protocols sflow source-address protocols arp aging-time Users can set arp aging time.in the default setting, the ARP aging time is 1200 seconds. set protocols arp aging-time <seconds> delete protocols arp aging-time <seconds> Aging time in seconds,[ ] This example is to set arp aging time to 400: XorPlus# set protocols arp aging-time 400 protocols arp interface <interface> address <ipv4-addr> mac-address Users can set arp interface. set protocols arp interface <interface> address <ipv4-addr> mac-address <mac-addr> delete protocols arp interface vlan4 address <ipv4-addr> <interface> The vlan interface, e.g. vlan20 <ipv4-addr> The IPv4 address <mac-addr> The mac address This example is to set vlan4 address to ,mac-address to 22:11:11:11:11:11: XorPlus# set protocols arp interface vlan4 address mac-address 22:11:11:11:11:11 protocols arp interface <interface> inspection disable Users can enable or disable dynamic ARP Inspection(DAI). 138

139 set protocols arp interface <interface> inspection disable delete protocols arp interface <interface> inspection disable <interface> The vlan interface, e.g. vlan20 <bool> Disable dynamic arp inspection true disable DAI false enable DAI This example is to disable DAI for vlan4 : <bool> XorPlus# set protocols arp interface vlan4 inspection disable true protocols arp interface <interface> proxy disable Users can set arp interface proxy. set protocols arp interface delete protocols arp interface <interface> proxy disable <interface> proxy disable <interface> The vlan interface, e.g. vlan20 <bool> Disable proxy arp true disable proxy arp false enable proxy arp This example is to enable proxy arp for vlan4: <bool> XorPlus# set protocols arp interface vlan4 proxy disable false protocols bfd interface <interface> detect-multiplier You can configure detect-multiplier. set protocols bfd interface delete protocols bfd interface <interface> detect-multiplier <interface> The vlan interface, e.g. vlan20 <value> Detection time multiplier,[3..100] <interface> detect-multiplier <value> 139

140 This example configures bfd detect-multiplier for vlan4: XorPlus# set protocols bfd interface vlan4 detect-multiplier 5 protocols bfd interface <interface> disable You can disable or enable bfd interface. set protocols bfd interface <interface> disable <interface> The vlan interface, e.g. vlan20 <bool> Disable bfd interface. true disable bfd interface false enable bfd interface <bool> This example is to enable bfd detect-multiplier for vlan4: XorPlus# set protocols bfd interface vlan4 disable false protocols bfd interface <interface> min-echo-receive-interval You can set min-echo-receive-interval. set protocols bfd interface delete protocols bfd interface <interface> The vlan interface, e.g. vlan20 <uint> Required Mininum Echo RX Interval <interface> min-echo-receive-interval <interface> min-echo-receive-interval This example configures min-echo-receive-interval to 2 for vlan4: <uint> XorPlus# set protocols bfd interface vlan4 min-echo-receive-interval 2 protocols bfd interface <interface> min-receive-interval You can set min-receive-interval to a value between 500 and

141 set protocols bfd interface delete protocols bfd interface <interface> min-receive-interval <interface> The vlan interface, e.g. vlan20 <interface> min-receive-interval <value> Required Mininum RX Interval, ms,[ ] <value> This example configures min-receive-interval to 600 for vlan4: XorPlus# set protocols bfd interface vlan4 min-receive-interval 600 protocols bfd interface <interface> min-transmit-interval You can set min-transmit-interval to a value between 500 and set protocols bfd interface delete protocols bfd interface <interface> The vlan interface, e.g. vlan20 <interface> min-transmit-interval <interface> min-transmit-interval <value> Required Mininum TX Interval, ms,[ ] <value> This example configures min-transmit-interval to 1000 for vlan4: XorPlus# set protocols bfd interface vlan4 min-transmit-interval 1000 protocols bfd mode Users can configure the BFD mode. set protocols bfd mode <mode> delete protocols bfd mode <mode> BFD mode. active Send BFD Control packets, regardless of whether it has received any BFD packets passive Don't begin sending BFD packets until it has received a BFD packet This example configures bfd mode as active mode: 141

142 XorPlus# set protocols bfd mode active protocols bgp aggregate <network> <IPV?net> suppress-detail Users can configure the aggregate route to suppress-detail. set protocols bgp aggregate <network> network4 or network6 <IPV?net> Aggregate routes of ipv4 or ipv6 <network> <IPV?net> suppress-detail <bool> Do not generate AS_SETs for the aggregate route true enable suppress detail false disable suppress detail This example configures aggregate route to suppress-detail: <bool> XorPlus# set protocols bgp aggregate network /24 suppress-detail true protocols bgp aggregate network4 <IPV4net> brief-mode Users can configure the aggregate route to the brief mode. set protocols bgp aggregate network4 <IPV4net> Aggregate routes of ipv4 <IPV4net> brief-mode <bool> Do not generate AS_SETs for the aggregate route true enable brief mode false disable brief mode This example configures aggregate route to brief-mode: <bool> XorPlus# set protocols bgp aggregate network /24 brief-mode true 142

143 protocols bgp auto-summary BGP supports automatic route summarization and manual route summarization. Manual route summarization takes precedence over automatic route summarization.users can set automatic summarization of routes. set protocols bgp auto-summary <bool> <bool> Automatic summarization of routes true enable auto summary false disable auto summary This example configures aggregate route to auto summary: XorPlus# set protocols bgp auto-summary true protocols bgp bgp-id Users can configure the bgp-id for aggregate route. set protocols bgp bgp-id <IPv4> delete protocols bgp bgp-id <IPv4> Set the BGP identifier (must be an IPv4 address) This example configures bgp-id to for aggregate route : XorPlus# set protocols bgp bgp-id protocols bgp confederation disable Users can set bgp confederation. set protocols bgp confederation disable <bool> delete protocols bgp confederation disable <bool> disable confederations true disable confederations 143

144 false enable confederations This example is to disable confederations: XorPlus# set protocols bgp confederation disable true protocols bgp confederation identifier Users can set bgp confederation identifier. set protocols bgp confederation identifier <text> delete protocols bgp confederation identifier <text> AS number used to non confederation peers, <int> or <int>.<int> This example sets bgp confederation identifier to 1000: XorPlus# set protocols bgp confederation identifier 1000 protocols bgp damping disable Users can enable or disable bgp damping. set protocols bgp damping disable <bool> <bool> disable damping true disable damping false enable damping This example is to disable bgp damping: XorPlus# set protocols bgp damping disable true protocols bgp damping half-life Users can set half life time for bgp-damping. set protocols bgp damping half-life <time> 144

145 <time> Decay half-life in minutes,[1..45] This example is to set bgp-damping to 3: XorPlus# set protocols bgp damping half-life 3 protocols bgp damping max-suppress Users can set max-suppress time for bgp-damping. set protocols bgp damping max-suppress <time> delete protocols bgp damping max-suppress <time> Maximum hold-down time in minutes, [1..720] This example is to set max-suppress of bgp-damping to 10: XorPlus# set protocols bgp damping max-suppress 10 protocols bgp damping reuse Users can reuse bgp damping. set protocols bgp damping reuse <value> delete protocols bgp damping reuse <value> Reuse threshold,[ ] This example is to set reuse threshold to 1000: XorPlus# set protocols bgp damping reuse 1000 protocols bgp damping suppress Users can cut off (suppression) threshold. 145

146 set protocols bgp damping suppress <value> delete protocols bgp damping suppress <value> Cutoff threshold, [ ] This example is to cut off threshold to 1000: XorPlus# set protocols bgp damping suppress 1000 protocols bgp enable-4byte-as-numbers Users can enable extended AS numbers. set protocols bgp enable-4byte-as-numbers <bool> delete protocols bgp enable-4byte-as-numbers <bool> enable extended AS numbers true enable extended AS numbers false disable extended AS numbers This example is to enable extended AS numbers: XorPlus# set protocols bgp enable-4byte-as-numbers true protocols bgp export Users can export an policy. set protocols bgp export <text> delete protocols bgp export <text> policy identifier,export policy. This example is to export direct-to-top policy: XorPlus# set protocols bgp export direct-to-bgp 146

147 protocols bgp fast-external-fallover disable Users can set the ability that resetting the session of a external peer immediately after the link goes down. set protocols bgp fast-external-fallover disable <bool> <bool> Disable fast external fallover true disable fast external fallover false enable fast external fallover This example is to enable fast external fallover: XorPlus# set protocols bgp fast-external-fallover disable false protocols bgp import Users can import an policy. set protocols bgp import <text> delete protocols bgp import <text> policy identifier,import policy. This example is to import direct-to-top policy: XorPlus# set protocols bgp import direct-to-bgp protocols bgp local-as Users can set the Autonomous System (AS) number for this domain. set protocols bgp local-as <value> delete protocols bgp local-as <value> Set the Autonomous System (AS) number for this domain, <int> or <int>.<int> This example sets AS number as 5: 147

148 XorPlus# set protocols bgp local-as 5 protocols bgp local-preference Users can set bgp local preference value.. set protocols bgp local-preference <value> delete protocols bgp local-preference <value> Local preference value,[ ] This example sets bgp local preference value as 0: XorPlus# set protocols bgp local-preference 0 protocols bgp med The multi-exit discriminator (MED) helps determine the optimal route for the incoming traffic of an AS, and is similar to the metric used in IGP. When a BGP device obtains multiple routes to the same destination address but with different next hops from EBGP peers, the BGP device selects the route with the smallest MED value as the optimal route. set protocols bgp med <value> delete protocols bgp med <value> Med value,[ ] This example sets bgp med value as 1: XorPlus# set protocols bgp med 1 protocols bgp multipath disable Users can make this router supports the ECMP(Equal-CostMultipathRouting). set protocols bgp multipath disable <bool> delete protocols bgp multipath disable 148

149 <bool> Disable the ECMP true Disable the ECMP false enable the ECMP This example enable ECMP: XorPlus# set protocols bgp multipath disable false protocols bgp multipath path-relax BGP will not load balance across multiple paths by default. This is acceptable if you are multi-homed to a single AS, but what if you are multi-homed to different AS path? In that case, you cannot load balance across theoretically equal paths.so the multipath-relax path is needed. set protocols bgp multipath path-relax <bool> delete protocols bgp multipath path-relax <bool> enable or disable the multipath-relax true enable the multipath-relax false disable the multipath-relax This example is to enable multipath-relax: XorPlus# set protocols bgp multipath path-relax true protocols bgp network4 <IPv4Net> You can set network of BGP. set protocols bgp network4 <ipv4net> delete protocols bgp network4 <ipv4net> < ipv4net> Advertise IPv4 route This example is to set IPV4 net as /.24: 149

150 XorPlus# set protocols bgp network /24 protocols bgp network6 <ipv6net> You can set network of BGP. set protocols bgp network6 <ipv6net> delete protocols bgp network6 <ipv6net> < ipv6net> Advertise IPv6 route This example is to set IPV6 net as 2001::0/64 XorPlus# set protocols bgp network6 2001::0/64 XorPlus# co Merging the configuration. Commit OK. Save done. protocols bgp peer <text> advertise community disable Users can advertise known community or not. set protocols bgp peer delete protocols bgp peer <text> advertise community disable <text> router identifier,(eg: ) <text> advertise community disable <bool> Disable to advertise known community true disable to advertise known community false enable to advertise known community This example is to enable to advertise known community: <bool> XorPlus# set protocols bgp peer advertise community disable false protocols bgp peer <text> advertise community-ext disable Users can advertise unknown community or not. 150

151 set protocols bgp peer delete protocols bgp peer <text> router identifier,(eg: ) <text> advertise community-ext disable <text> advertise community-ext disable <bool> Disable to advertise unknown community true disable to advertise unknown community false enable to advertise unknown community This example is to enable to advertise unknown community: <bool> XorPlus# set protocols bgp peer advertise community-ext disable false protocols bgp peer <text> allow-as-loop Users can configure the peer to ignore the loop of AS path. set protocols bgp peer delete protocols bgp peer <text> allow-as-loop <text> allow-as-loop <text> router identifier,(eg: ) <bool> Ignore the loop of as path true Ignore the loop of as path false Don't ignore the loop of as path This example is to ignore the loop of as path: <bool> XorPlus# set protocols bgp peer allow-as-loop true protocols bgp peer <text> as Users can configure a peering session with another router set protocols bgp peer delete protocols bgp peer <text> as <text> as <value> <text> router identifier,(eg: ) <value> AS number identifier,set the AS number of this peer, <int> or <int>.<int> 151

152 This example is to configure session with that router ( )and this router belongs to AS 200: XorPlus# set protocols bgp peer as 200 protocols bgp peer <text> bfd disable You can enable or disable bfd on the peer. set protocols bgp peer delete protocols bgp peer <text> bfd disable <text> bfd disable <text> router identifier,(eg: ) <bool> disable or enable bfd on the peer true disable bfd on the peer false enable bfd on the peer <bool> This example is to disable bfd on the peer : XorPlus# set protocols bgp peer bfd disable true protocols bgp peer <text> client You can treat peer as a route reflector client. set protocols bgp peer delete protocols bgp peer <text> client <text> client <bool> <text> router identifier,(eg: ) <bool> treat peer as a route reflector client or not true treat peer as a route reflector client false don't treat peer as a route reflector client This example is to treat peer( ) as a route reflector client: XorPlus# set protocols bgp peer client true 152

153 protocols bgp peer <text> confederation-member If the peer is a confederation member,you should set this parameter to true. set protocols bgp peer delete protocols bgp peer <text> confederation-member <text> router identifier,(eg: ) <text> confederation-member <bool> set peer to a confederation member or not true set peer to a confederation member false don't set peer to a confederation member <bool> This example is to treat peer( ) as a confederation member: XorPlus# set protocols bgp peer confederation-member true protocols bgp peer <text> default-route-advertise disable You can enable or disable to advertise default route to the peer. set protocols bgp peer delete protocols bgp peer <text> router identifier,(eg: ) <text> default-route-advertise disable <text> default-route-advertise disable <bool> advertise default route to the peer or not true don't advertise default route to the peer false advertise default route to the peer <bool> This example is to advertise default route to the peer( ) : XorPlus# set protocols bgp peer default-route-advertise disable false protocols bgp peer <text> delay-open-time Users can set the delay time to send open message. set protocols bgp peer delete protocols bgp peer <text> delay-open-time <text> delay-open-time <time> 153

154 <text> router identifier,(eg: ) <time> Delay time to send open message,[0..30] This example is to set delay time of sending open message to 15 for the peer( ) : XorPlus# set protocols bgp peer delay-open-time 15 protocols bgp peer <text> disable You can disable this peering. set protocols bgp peer delete protocols bgp peer <text> disable <text> disable <text> router identifier,(eg: ) <bool> enable or disable this peering true disable this peering false enable this peering This example is to disable this peering: <bool> XorPlus# set protocols bgp peer disable true protocols bgp peer <text> export You can export a policy to the peer. set protocols bgp peer delete protocols bgp peer <text> export <text> export <text> router identifier,(eg: ) <policy> <policy> policy identifier.name of a exported policy This example is to export the policy of send-network to peer : XorPlus# set protocols bgp peer export send-network 154

155 protocols bgp peer <text> holdtime You can set the time waiting for peer.when the time is 0,that means disabling the peer. set protocols bgp peer delete protocols bgp peer <text> holdtime <text> holdtime <text> router identifier,(eg: ) <time> Time to wait for peer,[ ] <time> This example is to set holdtime to 30 for peer : XorPlus# set protocols bgp peer holdtime 30 protocols bgp peer <text> import You can import a policy to the peer. set protocols bgp peer delete protocols bgp peer <text> import <text> import <text> router identifier,(eg: ) <policy> <policy> policy identifier.name of an imported policy This example is to import the policy of send-network to peer : XorPlus# set protocols bgp peer import send-network protocols bgp peer <text> ipv4-multicast Users can configure the peer to send ipv4-multicast route or not.when you set this parameter to true,the peer will send ipv4-multicast route. set protocols bgp peer delete protocols bgp peer <text> ipv4-multicast <text> ipv4-multicast <text> router identifier,(eg: ) <bool> send or don't send ipv4-multicast route true send ipv4-multicast route <bool> 155

156 false don't send ipv4-multicast route This example is to set peer to send ipv4-multicast route: XorPlus# set protocols bgp peer ipv4-multicast true protocols bgp peer <text> ipv4-unicast Users can configure the peer to send ipv4-unicast route or not.when you set this parameter to true,the peer will send ipv4-unicast route. set protocols bgp peer delete protocols bgp peer <text> ipv4-uniicast <text> ipv4-unicast <text> router identifier,(eg: ) <bool> send or don't send ipv4-unicast route true send ipv4-unicast route false don't send ipv4-unicast route <bool> This example is to set peer to send ipv4-unicast route: XorPlus# set protocols bgp peer ipv4-unicast true protocols bgp peer <text> ipv6-multicast Users can configure the peer to send ipv6-multicast route or not.when you set this parameter to true,the peer will send ipv6-multicast route. set protocols bgp peer <text> ipv6-multicast <bool> delete protocols bgp peer <text> ipv6-multicast <text> router identifier,(eg: ) <bool> send or don't send ipv6-multicastt route true send ipv6-multicast route false don't send ipv6-multicast route This example is to set peer to send ipv6-multicast route: XorPlus# set protocols bgp peer ipv6-multicast true 156

157 protocols bgp peer <text> ipv6-unicast Users can configure the peer to send ipv6-unicast route or not.when you set this parameter to true,the peer will send ipv6-unicast route. set protocols bgp peer <text> ipv6-unicast <bool> delete protocols bgp peer <text> ipv6-unicast <text> router identifier,(eg: ) <bool> send or don't send ipv6-unicast route true send ipv6-unicast route false don't send ipv6-unicast route This example is to set peer to send ipv6-unicast route: XorPlus# set protocols bgp peer ipv6-unicast true protocols bgp peer <text> local-ip Users can build a session between local router and peer,so setting ip address of local router is necessary. set protocols bgp peer delete protocols bgp peer <text> local-ip <text> local-ip <text> router identifier,(eg: ) <ip-addr> <ip-addr> ip address identifier,eg: ) This example is to set a session between and peer : XorPlus# set protocols bgp peer local-ip protocols bgp peer <text> md5-password Configure Message Digest5 (MD5) authentication on a TCP connection between two BGP peers. The two peers must have the same configured password to establish TCP connections. set protocols bgp peer delete protocols bgp peer <text> md5-password <text> md5-password <pwd> 157

158 <text> router identifier,(eg: ) <pwd> the identifier of md5-password,eg:pica8 This example is to set md5-password to pcia8: XorPlus# set protocols bgp peer md5-password pica8 protocols bgp peer <text> next-hop-self You can enable or disable next-hop-self to rewrite the nexthop as the local-self. set protocols bgp peer delete protocols bgp peer <text> next-hop-self <text> next-hop-self <text> router identifier,(eg: ) <bool> enable or disable next-hop-self true enable next-hop-self false disable next-hop-self <bool> This example is to enable next-hop-self on peer : XorPlus# set protocols bgp peer next-hop-self true protocols bgp peer <text> prefix-limit maximum You can set maximum number of prefixes that can be accepted. set protocols bgp peer delete protocols bgp peer <text> prefix-limit maximum <text> prefix-limit maximum <text> router identifier,(eg: ) <value> Maximum number of prefixes, [ ] <value> This example is to set maximum prefix to 1200 on peer : XorPlus# set protocols bgp peer prefix-limit maximum

159 protocols bgp peer <text> public-as-only Private autonomous system (AS) numbers that range from to are used to conserve globally unique AS numbers. BGP can remove private AS numbers from updates to a peer. set protocols bgp peer delete protocols bgp peer <text> public-as-only <text> public-as-only <text> router identifier,(eg: ) <bool> enable or disable public-as-only true enable public-as-only false public-as-only <bool> This example is to enable public-as-only on peer : XorPlus# set protocols bgp peer public-as-only true protocols bgp route-reflector cluster-id A cluster ID can help prevent routing loops between multiple RRs within a cluster, and between clusters. When a cluster has multiple RRs, the same cluster ID must be configured for all RRs within the cluster. set protocols bgp route-reflector cluster-id <IPv4> delete protocols bgp route-reflector cluster-id <IPv4> CLUSTER_ID for this route reflector This example is to set cluster_id for route-reflector: XorPlus# set protocols bgp route-reflector cluster-id protocols bgp route-reflector disable Users can enable or disable route reflector. set protocols bgp route-reflector disable <bool> delete protocols bgp route-reflector disable 159

160 <bool> disable this router reflector true Disable the router reflector false enable the router reflector This example is to enable route-reflector: XorPlus# set protocols bgp route-reflector disable false protocols bgp synchronization Users can enable synchronization. set protocols bgp synchronization <bool> delete protocols bgp synchronization <bool> enable synchronization true enable synchronization false disable synchronization This example is to enable synchronization: XorPlus# set protocols bgp synchronization true protocols dhcp option82 disable Option82 is a relay agent used to specify the DHCP client location information. The DHCP option82 is disabled by default. To enable option82, use the disable false option. set protocols dhcpoption82 disable <bool> <bool> Enable option82.required select include: true false This example enable the option82 option. 160

161 XorPlus# set protocolsdhcp option82 disable false protocols dhcp relay port <bozo> circuit-id Option82 is a relay agent used to specify the DHCP client location information. The DHCP option82 is disabled by default. To enable option82, use the disable false option,circuit-id command to set the DHCP portinformation. set protocols dhcp relay port <bozo> circuit-id <bozo> Configure port for DHCP snooping <c-id> Specify Circuit ID of the port. <c-id> This example configure the circuit-id v100 for the port ge-1/1/3. XorPlus# set protocols dhcp relay port ge-1/1/3 circuit-id v100 protocols dhcp relay vlan-interface <bozo> dhcp-server-address <numbere> You can configure the dhcp-server address for the dhcp vlan-interface. set protocols dhcp relay vlan-interface vlan100 dhcp-server-address <number> <ip-address> <number> DHCP servers' address number range from 1-4. <ip-address> DHCP servers' address This example configure dhcp server address for the vlan-interface vlan100. XorPlus# set protocols dhcp relay vlan-interface vlan100 dhcp-server-address protocols dhcp relay vlan-interface <bozo> disable You can enable the dhcp-relay service. set protocols dhcp relay vlan-interface <bozo> disable <bool> 161

162 <bozo> Vlan interface. <bool> Enable/Disable dhcp-relay service.required select include: true false This example enable the dhcp-relay service. XorPlus# set protocols dhcp relay vlan-interface vlan100 disable false protocols dhcp snooping binding file You can configure the DHCP snooping binding file. set protocols dhcp snooping binding file <file> <file> Specify a file to save the snooping bindings. This example configurethe dhcp snooping binding file. XorPlus# set protocols dhcp snooping binding file /tmp/run/dhcp_bind protocols dhcp snooping binding timeout You can configure the DHCP snooping binding file timeout. set protocols dhcp snooping binding timeout <time> <time> Specify a timeout value to save snooping bindings. This example configure the timeout 8. XorPlus# set protocols dhcp snooping binding timeout 8 protocols dhcp snooping disable DHCP snooping creates a mapping tablewhich includes the IP address, the MAC address, and the port number. DHCP snooping is disabled by default. You can enable the DHCP snooping. 162

163 set protocols dhcp snooping disable<bool> <bool> Enable/Disable dhcp-snooping service.required select include: true false This example enable the DHCP snooping. XorPlus# set protocols dhcp snooping disable false protocols dhcp snooping port <bozo> trust You can configure the dhcp snooping trust port(by default the port is untrusted). set protocols dhcp snooping port ge-1/1/2 trust <bool> <bool> Set the port as trusted or untrusted.required select include: true false This example configure the port ge-1/1/2 as trusted. XorPlus# set protocols dhcp snooping port ge-1/1/2 trust true protocols igmp disable Users can enable igmp protocol.but you should enable the multicast interface before enabling the IGMP interface. set protocols igmp disable <bool> delete protocols igmp disable <bool> enable or disable igmp protocol true disable igmp protocol false enable igmp protocol 163

164 This example is to enable igmp protocol: XorPlus# set protocols igmp disable false protocols igmp interface <text> vif <text> disable You can configure IGMP on a network interface. set protocols igmp interface <text> vif <text> disable <bool> delete protocols igmp interface <text> vif <text> disable <text> network interface or virtual interface <bool> enable or disable igmp protocol on a specified interface true disable igmp protocol on a specified interface false configure igmp protocol on a specified interface This example is to configure igmp protocol on vlan2: XorPlus# set protocols igmp interface vlan2 vif vlan2 disable false protocols igmp interface <text> vif <text> enable-ip-router-alert-option-check You can enable alert option check of the ip router on a specified interface which allow the igmp protocol. set protocols igmp interface <text> vif <text> enable-ip-router-alert-option-check <bool> delete protocols igmp interface <text> vif <text> enable-ip-router-alert-option-check <text> network interface or virtual interface <bool> enable or disable alert option check of the ip router true enable alert option check of the ip router false disable alert option check of the ip router This example is to configure igmp protocol on vlan2: 164

165 XorPlus#set protocols igmp interface vlan2 vif vlan2 enable-ip-router-alert-option-check true protocols igmp interface <text> vif <text> query-interval Users can set the time interval for querying. set protocols igmp interface <text> vif <text> query-interval <value> d elete protocols igmp interface <text> vif <text> query-interval <text> network interface or virtual interface <value> The query interval (in seconds),[ ] This example is to set query interval to 4 on vlan2: XorPlus# set protocols igmp interface vlan2 vif vlan2 query-interval 4 protocols igmp interface <text> vif <text> query-last-member-interval Users can set the time interval for querying last member. set protocols igmp interface <text> vif <text> query-last-member-interval <value> delete protocols igmp interface <text> vif <text> query-last-member-interval <text> network interface or virtual interface <value> The last member query interval (in seconds),[ ] This example is to set query interval to 10 on vlan2: XorPlus# set protocols igmp interface vlan2 vif vlan2 query-last-member-interval 10 protocols igmp interface <text> vif <text> query-response-interval Users can set query response interval for a specified interface. 165

166 set protocols igmp interface <text> vif <text> query-response-interval <value> delete protocols igmp interface <text> vif <text> query-response-interval <text> network interface or virtual interface <value> The query response interval (in seconds),[ ] This example is to set query response interval to 3 on vlan2: XorPlus# set protocols igmp interface vlan2 vif vlan2 query-response-interval 3 protocols igmp interface <text> vif <text> robust-count Users can set robustness variable count for a specified interface.by default, the value is 2. set protocols igmp interface <text> vif <text> robust-count <count> delete protocols igmp interface <text> vif <text> robust-count <text> network interface or virtual interface <count> robustness variable count,[2..10] This example is to set robustness variable count to 9 on vlan2: XorPlus# set protocols igmp interface vlan2 vif vlan2 robust-count 9 protocols igmp interface <text> vif <text> version You can configure protocol version for a specified interface. set protocols igmp interface <text> vif <text> version <number> delete protocols igmp interface <text> vif <text> version <text> network interface or virtual interface <number> The IGMP protocol version, [1..2] This example is to set IGMP protocol version to 2 on vlan2: XorPlus# set protocols igmp interface vlan2 vif vlan2 version 2 166

167 protocols igmp-snooping enable In the default setting, the switch disables IGMP snooping. You should globally enable IGMP per VLAN. set protocols igmp-snooping enable <bool> delete protocols igmp-snooping enable <bool> enable or disable igmp snooping true enable igmp snooping false disable igmp snooping This example is to enable IGMP snooping : XorPlus# set protocols igmp-snooping enable true protocols igmp-snooping last-member-query-count Users can query member count of interface belonging to this multicast group. set protocols igmp-snooping last-member-query-count <count> delete protocols igmp-snooping last-member-query-count <count> Last member query count,[1..7] This example is to configure last member query count to 3: XorPlus# set protocols igmp-snooping last-member-query-count 3 protocols igmp-snooping last-member-query-interval Users can set query-interval of last-member belonging to this multicast group. set protocols igmp-snooping last-member-query-interval <value> delete protocols igmp-snooping last-member-query-count <value> Interval (sec), [1..32] 167

168 This example is to configure last member query interval to 30: XorPlus# set protocols igmp-snooping last-member-query-interval 30 protocols igmp-snooping max-response-time You can set max response time that igmp router. set protocols igmp-snooping max-response-time <time> delete protocols igmp-snooping max-response-time <time> IGMP querier maximum response time (sec), [1..25] This example is to set maximum response time to 10: XorPlus# set protocols igmp-snooping max-response-time 9 protocols igmp-snooping query-interval You can set the interval of querying. set protocols igmp-snooping query-interval <time> delete protocols igmp-snooping query-interval <time> IGMP querier query interval (sec), [ ] This example is to set query interval time to 100: XorPlus# set protocols igmp-snooping query-interval 100 protocols igmp-snooping report-suppression You can enable report suppression to control.when you enabled IGMP report suppression function,only the report of first member which belongs to one multicast group will be forwared to the L3 device,instead of forwarding every report of other members belonging to the same multicast group. So,this can reduce the number of network packets. 168

169 set protocols igmp-snooping report-suppression <bool> delete protocols igmp-snooping report-suppression <bool> enable or disable report-suppression true enable report-suppression false disable report-suppression This example is to enable report-suppression: XorPlus# set protocols igmp-snooping report-suppression true protocols igmp-snooping robustness-variable Users can set robustness variable number to judge whether drop the report when host have no response over the time(time = robustness variable number * query interval). set protocols igmp-snooping robustness-variable <value> delete protocols igmp-snooping robustness-variable <value> Robustness Variable number,[2..4]. This example is to set robustness variable number to 3: XorPlus# set protocols igmp-snooping robustness-variable 3 protocols igmp-snooping vlan-id <id> enable You can enable igmp snooping in a VLAN. set protocols igmp-snooping vlan-id delete protocols igmp-snooping vlan-id <id> vlan-id identifier <id> enable <id> enable <bool> enable or disable igmp snooping in a VLAN true enable igmp snooping in a VLAN false disable igmp snooping in a VLAN <bool> 169

170 This example is to enable igmp snooping in vlan-id 2: XorPlus# set protocols igmp-snooping vlan-id 2 enable true protocols igmp-snooping vlan-id <id> fast-leave Users can enable fast leave function of a port.after you make this configuration,the switch will delete this port from forwarding table and not forward data to the port again when the switch receive query report of a certain group. set protocols igmp-snooping vlan-id delete protocols igmp-snooping vlan-id <id> vlan-id identifier <id> fast-leave <id> fast-leave <bool> enable or disable fast leave function in a VLAN true enable fast leave function in a VLAN false disable fast leave function in a VLAN <bool> This example is to enable fast leave function in vlan-id 2: XorPlus# set protocols igmp-snooping vlan-id 2 fast-leave true protocols igmp-snooping vlan-id <id> mrouter interface Users can set the interface which will be used to receive message of multicast source. set protocols igmp-snooping vlan-id delete protocols igmp-snooping vlan-id <id> vlan-id identifier <id> mrouter interface <id> mrouter interface <interface> Configure the mrouter port,(eg:ge-1/1/1) <interface> <interface> This example is to configure the mrouter port to ge-1/1/3 in vlan-id 2: XorPlus# set protocols igmp-snooping vlan-id 2 mrouter interface ge-1/1/3 170

171 protocols igmp-snooping vlan-id <id> querier address Users can set the address for query. set protocols igmp-snooping vlan-id delete protocols igmp-snooping vlan-id <id> vlan-id identifier <id> querier address <id> querier address <IPv4> Configure the IP address of the igmp-querier <IPv4> This example is to configure the IP address of the igmp-querier to in vlan-id 2: XorPlus# set protocols igmp-snooping vlan-id 2 querier address protocols igmp-snooping vlan-id <id> querier enable You can enable querier on a vlan port. set protocols igmp-snooping vlan-id <id> vlan-id identifier <bool> Enable or disable the igmp-querier true enable the igmp-querier false disable the igmp-querier <id> querier enable This example is to enable the igmp-querier on vlan-id 2: <bool> XorPlus# set protocols igmp-snooping vlan-id 2 querier enable true protocols igmp-snooping vlan-id <id> querier other-querier-timer Users can Configure the other-querier-timer. set protocols igmp-snooping vlan-id delete protocols igmp-snooping vlan-id <id> vlan-id identifier <id> querier other-querier-timer <id> querier other-querier-timer <time> IGMP querier other querier time out (sec), [ ] <time> 171

172 This example is to configure other querier timer to 12 on vlan-id 2: XorPlus# set protocols igmp-snooping vlan-id 2 querier other-querier-timer 12 protocols igmp-snooping vlan-id <id> querier version You can also set the IGMP version on a specified port which allows igmp-snooping. set protocols igmp-snooping vlan-id delete protocols igmp-snooping vlan-id <id> vlan-id identifier <number> the version number of IGMP,[1..2] <id> querier version <id> querier version This example is to configure IGMP version to 1 on vlan-id 2 : <number> XorPlus# set protocols igmp-snooping vlan-id 2 querier version 1 protocols igmp-snooping vlan-id <id> static group <IPv4> interface Users can configure a static igmp-snooping group. set protocols igmp-snooping vlan-id <id> static group <IPv4> interface <interface> delete protocols igmp-snooping vlan-id <id> static group <IPv4> interface <interface> <id> vlan-id identifier <IPv4> ipv4 address identifier <interface> interface identifier(eg:ge-1/1/3) This example is to configure a static igmp-snooping group to for ge-1/1/3 on vlan-id 2 XorPlus# set protocols igmp-snooping vlan-id 2 static group interface ge-1/1/3 172

173 protocols lacp interface <interface> priority Users can set link aggregation option of gigabit-ethernet interface. set protocols lacp interface delete protocols lacp interface <interface> priority <interface> priority <value> <interface> Link aggregation option of gigabit-ethernet interface (e.g. ge-1/1/1) <value> Priority value, [ ] This example is to set lacp priority of ge-1/1/1 to 3000 : XorPlus# set protocols lacp interface ge-1/1/1 priority 3000 protocols lacp priority Users can configure the lacp priority of system. set protocols lacp priority <value> delete protocols lacp priority <value> Priority value, [ ] This example is to set priorit of system to 1000: XorPlus# set protocols lacp priority 1000 protocols ospf4 area <area-id1> interface <bozo> vif <bozo> address <ip-address1> neighbor <ip-address2> router-id User can configurethe neighbor address of OSPF interface. set protocols ospf4 area <area-id1> interface <bozo> vif <bozo> address <ip-address1> neighbor <ip-address2> router-id <area-id2> 173

174 <area-id1> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address1> Address on vif used for OSPF <ip-address2> Neighbors address <area-id2> Neighbors router-id. This example configurethe neighbor address in the area XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address neighbor router-id protocols ospf4 area <area-id1> virtual-link <router-id> transmit-area Thesinglebackbone area (area ) cannot be disconnected,or certain areas of the Autonomous System will become unreachable. To establish and maintain connectivity of the backbone, virtual links can be configured through non-backbone areas. Virtual links serve to connect physically separate components of the backbone. set protocols ospf4 area <area-id1> virtual-link <router-id> transmit-area <area-id2> <area-id1> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <area-id2> Area through which to transmit. This example configurethe virtual link on the Area Border Router switch B( ) and Switch C( ), After this step, there will be aroute entry from the backbone area, , to area XorPlus# set protocols ospf4 area virtual-link transmit-area XorPlus# set protocols ospf4 area virtual-link transmit-area

175 protocols ospf4 area <area-id> area-range <ip-address/netmask> advertise OSPF should aggregate the route entriesfrom the backbone area into a non-backbone area, or from a nonbackbone area into the backbone area. You can use the advertisedisableparameter to restrain ABR route aggregation. set protocols ospf4 area <area-id> area-range <ip-address/network> advertise <bool> <area-id> The OSPF area to which the attached network belongs. <ip-address/netmask> Area range for generating summaries <bool> Advertise or DoNotAdvertise.Required select include: true false This example configure the area-range on ABR. XorPlus# set protocols ospf4 area area-range /24 advertise true protocols ospf4 area <area-id> area-type User can configure type of area which the switch in. set protocols ospf4 area <area-id > area-type <type> <area-id> The OSPF area to which the attached network belongs. <type> Type of area.required select include: normal OSPF normal area nssa OSPF not-so-stubby area stub OSPF stubby area This example configure the area type is normal. XorPlus# set protocols ospf4 area area-type normal 175

176 protocols ospf4 area <area-id> default-lsa disable User can configure the switch interface whether to originate the default routein stub or not-so-stubby areas. set protocols ospf4 area <area-id > default-lsa disable <bool> <area-id> The OSPF area to which the attached network belongs. <bool> Disable the origination of the default route.required select include: true false This example configure the switch interface to originate the default route. XorPlus# set protocols ospf4 area default-lsa diaable false protocols ospf4 area <area-id> default-lsa metric User can configure metric of default route of the switch interface. set protocols ospf4 area <area-id > default-lsa metric <uint> <area-id> The OSPF area to which the attached network belongs. <uint> Metric of default route This example configure the metric 6 of default route of the switch interface. XorPlus# set protocols ospf4 area default-lsa metric 6 protocols ospf4 area <area-id> interface <bozo> link-type User can configure the link-type of the OSPF interface in the area. set protocols ospf4 area <area-id > interface <bozo> link-type <type> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <type> Link type.required select include: 176

177 broadcast Broadcast link p2m Point-to-multipoint link p2p Point-to-point link This example configure the link-type p2p of the OSPF interface in the area. XorPlus# set protocols ospf4 area interface vlan2 link-type p2p protocols ospf4 area <area-id> interface <bozo> vif <bozo> address User can configure OSPF interfaces in the area.these interfaces will transmit and receive LSAs to calculate the route. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF This example configure the l3 interfaces vlan2 and vlan3 in the area XorPlus# set protocols ospf4 area interface vlan-2vif vlan-2 address XorPlus# set protocols ospf4 area interface vlan-3vif vlan-3 address protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> end-time User can configure the deadline of OSPF interface md5 ID authentication. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> end-time <time> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <int> The MD5 authentication key ID range <time> Authentication end time (YYYY-MM-DD.HH:MM) 177

178 This example configure the deadline of the OSPF interface md5 key ID authentication XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address authentication md5 12 end-time :24 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> max-time-drift User can configure the OSPF interface md5 authentication ID and the max time drift among all routers. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> max-time-drift <time> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <int> The MD5 authentication key ID range <time> Maximum time drift (in seconds) among all routers.required select include: The maximum time drift Unlimited time drift This example configure the max time drift20 seconds of the OSPF interface md5 key ID authentication XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address authentication md5 12 max-time-drift 20 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> password User can configure the password of OSPF interface md5 ID authentication. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> password <pw> 178

179 <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <int> The MD5 authentication key ID range <pw> Authentication password This example configure the password of the OSPF interface md5 key ID authentication XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address authentication md5 12 password pica8 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> simple-password User can configure the simple passwordkey of OSPF interface md5 ID authentication. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> simple-password <pd> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <int> The MD5 authentication key ID range <pd> Simple password authentication key This example configure the simple password key of the OSPF interface md5 key ID authentication XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address authentication md5 12 simple-password pica8 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> bfd disable User can configure bfd on the OSPF interface. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> bfd disable <bool> 179

180 <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <bool> Disable bfd on the interface.required select include: true false This example configure the bfd on the OSPF interface. XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address bfd disable false protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> disable User can configure OSPF on address. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> disable <bool> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <bool> Disable OSPF on address.required select include: true false This example configure the OSPF on address. XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address disable false protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> hello-interval User can configurethe interval time of OSPF interface sending hello packets. 180

181 set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> hello-interval <time> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <time> The Hello packets interval range This example configurethe interval time 20 seconds of OSPF interface sending hello packets. XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address hello-interval 20 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> interface-cost User can configurethe cost of this address of OSPF interface. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> interface-cost <cost> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <cost> The cost of this address range This example configurethe cost 3 address of OSPF interface. XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address interface-cost 3 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> passive disable User can configurethe OSPF interface do not run OSPF. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> passive disable <bool> 181

182 <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <bool> Disable passive.required select include: true false This example configurethe OSPF interface disable passive XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address passive disable true protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> priority User can configurethe OSPF interface priority used in DR election. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> priority <level> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <level> The priority used in DR election range This example configurethe OSPF interface the priority 8 in DR election. XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address priority 8 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> retransmit-interval User can configurethe interval time of OSPF interface retransmitting the OSPF route. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> retransmit-interval <time> 182

183 <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <time> The retransmit interval range This example configurethe interval time 20 seconds of OSPF interface retransmitting the OSPF route XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address retransmit-interval 20 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> router-dead-interval User can configurethe waiting interval time before OSPF interface considering a neighbor dead. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> router-dead-interval <time> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <time> The neighbor router dead interval range This example configurethe waiting interval time 20 seconds before OSPF interface considering a neighbor dead XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address router-dead-interval 20 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> transmit-delay User can configurethe time to transmit an LSA on this address of the OSPF interface. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> transmit-delay <time> 183

184 <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <time> The extra addition to age field of all transmitted LSAs range This example configurethe time 2 seconds to transmit an LSA on this address of the OSPF interface. XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address transmit-delay 2 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address authentication md5 <int> start-time User can configure the start time of OSPF interface md5 ID authentication. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> start-time <time> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <int> The MD5 authentication key ID range <time> Authentication start time (YYYY-MM-DD.HH:MM) This example configure the start time of the OSPF interface md5 key ID authentication XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address authentication md5 12 start-time :24 protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address passive host User can configurethe OSPF interface advertisehost route. set protocols ospf4 area <area-id> interface <bozo> vif <bozo> address <ip-address> passive host <bool> 184

185 <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on vif used for OSPF <bool> Advertise host route.required select include: true false This example configurethe OSPF interface advertise host route XorPlus# set protocols ospf4 area interface vlan2 vif vlan2 address passive host true protocols ospf4 area <area-id> summaries disable User can disable the summary function on ABR. set protocols ospf4 area <area-id > summaries disable <bool> <area-id> The OSPF area to which the attached network belongs. <bool> Disable summaries into stub or not-so-stubby areas.required select include: true false This example disable the summary function on area XorPlus# set protocols ospf4 area summaries disable true protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> end-time User can configure the deadline of virtual link OSPF interface md5 ID authentication. set protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> end-time <time> 185

186 <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <int> The MD5 authentication key ID range <time> Authentication end time (YYYY-MM-DD.HH:MM) This example configure the deadline of the virtual link OSPF interface md5 key ID authentication XorPlus# set protocols ospf4 area virtual-link authentication md5 23 end-time :21 protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> max-time-drift User can configure the virtual link OSPF interface md5 authentication ID and the max time drift among all routers. set protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> max-time-drift <time> <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <int> The MD5 authentication key ID range <time> Maximum time drift (in seconds) among all routers.required select include: The maximum time drift Unlimited time drift This example configure the max time drift 20 seconds of the virtual link OSPF interface md5 key ID 23 authentication XorPlus# set protocols ospf4 area virtual-link authentication md5 23 max-time-drift 20 protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> password User can configure the password of virtual link OSPF interface md5 ID authentication. set protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> password <pw> 186

187 <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <int> The MD5 authentication key ID range <pw> Authentication password This example configure the password of the virtual link OSPF interface md5 key ID authentication XorPlus# set protocols ospf4 area virtual-link authentication md5 23 password pica8 protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> simple-password User can configure the simple password key of virtual link OSPF interface md5 ID authentication. set protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> simple-password <pd> <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <int> The MD5 authentication key ID range <pd> Simple password authentication key. This example configure the simple password key of the virtual link OSPF interface md5 key ID authentication XorPlus# set protocols ospf4 area virtual-link authentication md5 23 simple-password pica8 protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> start-time User can configure the start time of virtual link OSPF interface md5 ID authentication. set protocols ospf4 area <area-id> virtual-link <router-id> authentication md5 <int> start-time <time> 187

188 <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <int> The MD5 authentication key ID range <time> Authentication start time (YYYY-MM-DD.HH:MM) This example configure the start time of the virtual link OSPF interface md5 key ID authentication XorPlus# set protocols ospf4 area virtual-link authentication md5 23 start-time :21 protocols ospf4 area <area-id> virtual-link <router-id> hello-interval User can configurethe interval time of virtual link OSPF interface sending hello packets. set protocols ospf4 area <area-id> virtual-link <router-id> hello-interval <time> <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <time> The Hello packets interval range This example configurethe interval time 20 seconds of virtual link OSPF interface sending hello packets. XorPlus# set protocols ospf4 area virtual-link hello-interval 20 protocols ospf4 area <area-id> virtual-link <router-id> retransmit-interval User can configurethe interval time of virtual link OSPF interface retransmitting the OSPF route. set protocols ospf4 area <area-id> virtual-link <router-id> retransmit-interval <time> <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <time> The retransmit interval range

189 This example configurethe interval time 20 seconds of virtual link OSPF interface retransmitting the OSPF route XorPlus# set protocols ospf4 area virtual-link retransmit-interval 20 protocols ospf4 area <area-id> virtual-link <router-id> router-dead-interval User can configurethe waiting interval time before virtual link OSPF interface considering a neighbor dead. set protocols ospf4 area <area-id> virtual-link <router-id> router-dead-interval <time> <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <time> The neighbor router dead interval range This example configurethe waiting interval time 20 seconds before virtual link OSPF interface considering a neighbor dead XorPlus# set protocols ospf4 area virtual-link router-dead-interval 20 protocols ospf4 area <area-id> virtual-link <router-id> transmit-delay User can configurethe time to transmit an LSA on this address of the virtual link OSPF interface. set protocols ospf4 area <area-id> virtual-link <router-id> transmit-delay <time> <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <time> The extra addition to age field of all transmitted LSAs range This example configurethe time 2 seconds to transmit an LSA on this address of the virtual link OSPF interface. 189

190 XorPlus# set protocols ospf4 area virtual-link transmit-delay 2 protocols ospf4 export User can configure the switch to export the policy to the neighbor switch. set protocols ospf export<text> <text> export policy name(s) This example configure the switch to export the policy "static" to the neighbor switch: XorPlus# set protocols static route /24 next-hop XorPlus# set policy policy-statement static term 1 from protocol static XorPlus# set policy policy-statement static then accept XorPlus# set protocols ospf4 export static protocols ospf4 import User can configure the switch to import the policy which is exported by the neighbor switch. set protocols ospfimport<text> <text> import policy name(s) This example configure the switch to import the policy "static" exported by the neighbor switch: XorPlus# set protocols rip import static protocols ospf4 ip-router-alert User can configure the switch whether to send the IP router alert option in packets. set protocols ospf4ip-router-alert <bool> <bool> Send the IP router alert option in packets.required select include: true false 190

191 This example configure the switch to send the IP router alert option in packets. XorPlus# set protocols ospf4ip-router-alert true protocols ospf4 rfc1583-compatibility User can configure the switch whether to use criteria for handling AS external routes. set protocols ospf4rfc1583-compatibility<bool> <bool> Criteria for handling AS external routesrequired select include: true false This example configure the switch to use criteria for handling AS external routes. XorPlus# set protocols ospf4rfc1583-compatibility true protocols ospf4 router-id The router ID should be configured first for the switch when you configure OSPF.The router ID is a string similar to the IP address, and should be unique in the OSPF domain. You should not changethe router IDafter completing the configuration. set protocols ospf4 router-id <router-id> <router-id>a unique 32-bit identifier within this AS. This example configure router ID for the switch. XorPlus# set protocols ospf4 router-id protocols ospf6 area <area-id1> interface <bozo> vif <bozo> neighbor <ip-address> router-id User can configurethe neighbor address of OSPF interface. set protocols ospf6 area <area-id1> interface <bozo> vif <bozo> neighbor <ip-address> router-id <area-id2> 191

192 <area-id1> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Neighbors address <area-id2> Neighbors router-id. This example configurethe neighbor address in the area XorPlus# set protocols ospf6 area interface vlan2 vif vlan2 neighbor 2001:1:: router-id protocols ospf6 area <area-id1> virtual-link <router-id> transmit-area Thesinglebackbone area (area ) cannot be disconnected,or certain areas of the Autonomous System will become unreachable. To establish and maintain connectivity of the backbone, virtual links can be configured through non-backbone areas. Virtual links serve to connect physically separate components of the backbone. set protocols ospf6 area <area-id1> virtual-link <router-id> transmit-area <area-id2> <area-id1> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <area-id2> Area through which to transmit. This example configurethe virtual link on the Area Border Router switch B( ) and Switch C( ), After this step, there will be aroute entry from the backbone area, , to area XorPlus# set protocols ospf6 area virtual-link transmit-area XorPlus# set protocols ospf6 area virtual-link transmit-area

193 protocols ospf6 area <area-id> area-range <ip-address/netmask> advertise OSPFv3 should aggregate the route entriesfrom the backbone area into a non-backbone area, or from a nonbackbone area into the backbone area. You can use the advertisedisableparameter to restrain ABR route aggregation. set protocols ospf6 area <area-id> area-range <ip-address/netmask> advertise <bool> <area-id> The OSPF area to which the attached network belongs. <ip-address/netmask> Area range for generating summaries <bool> Advertise or DoNotAdvertise.Required select include: true false This example configure the area-range on ABR. XorPlus# set protocols ospf6 area area-range 2001:1:1:1::/64 advertise true protocols ospf6 area <area-id> area-type User can configure type of area which the switch in. set protocols ospf6 area <area-id > area-type <type> <area-id> The OSPF area to which the attached network belongs. <type> Type of area.required select include: normal OSPF normal area nssa OSPF not-so-stubby area stub OSPF stubby area This example configure the area type is normal. protocols ospf6 area <area-id> default-lsa disable User can configure the switch interface whether to originate the default route in stub or not-so-stubby areas. 193

194 set protocols ospf6 area <area-id > default-lsa disable <bool> <area-id> The OSPF area to which the attached network belongs. <bool> Disable the origination of the default route.required select include: true false This example configure the switch interface to originate the default route. XorPlus# set protocols ospf6 area default-lsa diaable false protocols ospf6 area <area-id> default-lsa metric User can configure metric of default route of the switch interface. set protocols ospf6 area <area-id > default-lsa metric <uint> <area-id> The OSPF area to which the attached network belongs. <uint> Metric of default route This example configure the metric 6 of default route of the switch interface. XorPlus# set protocols ospf6 area default-lsa metric 6 protocols ospf6 area <area-id> interface <bozo> link-type User can configure the link-type of the OSPFv3 interface in the area. set protocols ospf6 area <area-id > interface <bozo> link-type <type> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <type> Link type.required select include: broadcast Broadcast link p2m Point-to-multipoint link p2p Point-to-point link 194

195 This example configure the link-type p2p of the OSPF interface in the area. XorPlus# set protocols ospf6 area interface vlan2 link-type p2p protocols ospf6 area <area-id> interface <bozo> vif <bozo> address <ip-address> disable User can configure OSPFv3 on address. set protocols ospf6 area <area-id> interface <bozo> vif <bozo> address <ip-address> disable <bool> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <ip-address> Address on interface or vif. <bool> Disable OSPF on interface or vif.required select include: true false This example configure the OSPF on address. XorPlus# set protocols ospf6 area interface vlan2 vif vlan2 address 2001::15 disable false protocols ospf6 area <area-id> interface <bozo> vif <bozo> bfd disable User can configure bfd on the OSPFv3 interface. set protocols ospf6 area <area-id> interface <bozo> vif <bozo> bfd disable <bool> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <bool> Disable bfd on the interface.required select include: true false 195

196 This example configure the bfd on the OSPFv3interface. XorPlus# set protocols ospf6 area interface vlan2 vif vlan2 bfd disable false protocols ospf6 area <area-id> interface <bozo> vif <bozo> disable User can configure OSPFv3 on address. set protocols ospf6 area <area-id> interface <bozo> vif <bozo> disable <bool> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <bool> Disable OSPF on interface/vif.required select include: true false This example configure the OSPF on address. XorPlus# set protocols ospf6 area interface vlan2 vif vlan2 disable false protocols ospf6 area <area-id> interface <bozo> vif <bozo> hello-interval User can configurethe interval time of OSPFv3 interface sending hello packets. set protocols ospf6 area <area-id> interface <bozo> vif <bozo> hello-interval <time> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <time> The Hello packets interval range This example configurethe interval time 20 seconds of OSPFv3 interface sending hello packets. 196

197 protocols ospf6 area <area-id> interface <bozo> vif <bozo> interface-cost User can configurethe cost of OSPF interface. set protocols ospf6 area <area-id> interface <bozo> vif <bozo> interface-cost <cost> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <cost> The cost of this address range This example configurethe cost 3 of OSPF interface vlan2. XorPlus# set protocols ospf6 area interface vlan2 vif vlan2 interface-cost 3 protocols ospf6 area <area-id> interface <bozo> vif <bozo> passive User can configurethe OSPFv3 interface do not run OSPFv3. set protocols ospf6 area <area-id> interface <bozo> vif <bozo> passive <bool> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <bool> Do not run OSPF, but advertise it.required select include: true false This example configurethe OSPF interface disable passive XorPlus# set protocols ospf6 area interface vlan2 vif vlan2 passive true protocols ospf6 area <area-id> interface <bozo> vif <bozo> priority User can configurethe OSPFv3 interface priority used in DR election. 197

198 set protocols ospf6 area <area-id> interface <bozo> vif <bozo> priority <level> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <level> The priority used in DR election range This example configurethe OSPFv3 interface the priority 8 in DR election. XorPlus# set protocols ospf6 area interface vlan2 vif vlan2 priority 8 protocols ospf6 area <area-id> interface <bozo> vif <bozo> retransmit-interval User can configurethe interval time of OSPFv3 interface retransmitting the OSPFv3 route. set protocols ospf6 area <area-id> interface <bozo> vif <bozo> retransmit-interval <time> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <time> The retransmit interval range This example configurethe interval time 20 seconds of OSPF interface retransmitting the OSPF route XorPlus# set protocols ospf6 area interface vlan2 vif vlan2 retransmit-interval 20 protocols ospf6 area <area-id> interface <bozo> vif <bozo> router-dead-interval User can configurethe waiting interval time before OSPF interface considering a neighbor dead. set protocols ospf6 area <area-id> interface <bozo> vif <bozo> router-dead-interval <time> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <time> The neighbor router dead interval range

199 This example configurethe waiting interval time 20 seconds before OSPF interface considering a neighbor dead XorPlus# set protocols ospf6 area interface vlan2 vif vlan2 router-dead-interval 20 protocols ospf6 area <area-id> interface <bozo> vif <bozo> transmit-delay User can configurethe time to transmit an LSA on this address of the OSPFv3 interface. set protocols ospf6 area <area-id> interface <bozo> vif <bozo> transmit-delay <time> <area-id> The OSPF area to which the attached network belongs. <bozo> VLAN name,include an interface in this area. <time> The extra addition to age field of all transmitted LSAs range This example configurethe time 2 seconds to transmit an LSA on this address of the OSPFv3 interface. XorPlus# set protocols ospf6 area interface vlan2 vif vlan2 transmit-delay 2 protocols ospf6 area <area-id> summaries disable User can disable the summary function on ABR. set protocols ospf6 area <area-id > summaries disable <bool> <area-id> The OSPF area to which the attached network belongs. <bool> Disable summaries into stub or not-so-stubby areas.required select include: true false This example disable the summary function on area XorPlus# set protocols ospf6 area summaries disable true 199

200 protocols ospf6 area <area-id> virtual-link <router-id> hello-interval User can configurethe interval time of virtual link OSPF interface sending hello packets. set protocols ospf6 area <area-id> virtual-link <router-id> hello-interval <time> <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <time> The Hello packets interval range This example configurethe interval time 20 seconds of virtual link OSPF interface sending hello packets. XorPlus# set protocols ospf6 area virtual-link hello-interval 20 protocols ospf6 area <area-id> virtual-link <router-id> retransmit-interval User can configurethe interval time of virtual link OSPF interface retransmitting the OSPF route. set protocols ospf6 area <area-id> virtual-link <router-id> retransmit-interval <time> <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <time> The retransmit interval range This example configurethe interval time 20 seconds of virtual link OSPF interface retransmitting the OSPF route XorPlus# set protocols ospf6 area virtual-link retransmit-interval 20 protocols ospf6 area <area-id> virtual-link <router-id> router-dead-interval User can configurethe waiting interval time before virtual link OSPF interface considering a neighbor dead. 200

201 set protocols ospf6 area <area-id> virtual-link <router-id> router-dead-interval <time> <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <time> The neighbor router dead interval range This example configurethe waiting interval time 20 seconds before virtual link OSPF interface considering a neighbor dead XorPlus# set protocols ospf6 area virtual-link router-dead-interval 20 protocols ospf6 area <area-id> virtual-link <router-id> transmit-delay User can configurethe time to transmit an LSA on this address of the virtual link OSPF interface. set protocols ospf6 area <area-id> virtual-link <router-id> transmit-delay <time> <area-id> The OSPF area to which the attached network belongs. <router-id> A unique 32-bit identifier within this AS. <time> The extra addition to age field of all transmitted LSAs range This example configurethe time 2 seconds to transmit an LSA on this address of the virtual link OSPF interface. XorPlus# set protocols ospf6 area virtual-link transmit-delay 2 protocols ospf6 export User can configure the switch to export the policy to the neighbor switch. set protocols ospf6 export<text> <text> export policy name(s) This example configure the switch to export the policy "static" to the neighbor switch: XorPlus# set protocols static route 2001:1::/32 next-hop 2002:2:: 201

202 XorPlus# set policy policy-statement static term 1 from protocol static XorPlus# set policy policy-statement static then accept XorPlus# set protocols ospf6 export static protocols ospf6 import User can configure the switch to import the policy which is exported by the neighbor switch. set protocols ospf6import<text> <text> import policy name(s) This example configure the switch to import the policy "static" exported by the neighbor switch: XorPlus# set protocols ospf6import static protocols ospf6 instance-id Every interface is assigned an Instance ID. This should default to 0. It is only necessary to assign a value other than 0 on those links that will contain multiple separate communities of OSPF routers. For example, suppose that there are two communities of routers on a given ethernet segment that you wish to keep separate. The first community is assigned an Instance ID of 0 and all the routers in the first community will be assigned 0 as the Instance ID for interfaces connected to the ethernet segment. An Instance ID of 1 is assigned to the other routers' interfaces connected to the ethernet segment. set protocols ospf6 instance-id <instance-id> <router-id>the instance ID. This example configure instance ID 1 for the switch. XorPlus# set protocols ospf6 instance-id1 protocols ospf6 ip-router-alert User can configure the switch whether to send the IP router alert option in packets. set protocols ospf6ip-router-alert <bool> <bool> Send the IP router alert option in packets.required select include: true false 202

203 This example configure the switch to send the IP router alert option in packets. XorPlus# set protocols ospf6ip-router-alert true protocols ospf6 router-id The router ID should be configured first for the switch when you configure OSPFv3.The router ID is a string similar to the IP address, and should be unique in the OSPFv3 domain. You should not changethe router IDafter completing the configuration. set protocols ospf6 router-id <router-id> <router-id>a unique 32-bit identifier within this AS. This example configure router ID for the switch. XorPlus# set protocols ospf6 router-id protocols rip export User can configure the switch to export the policy to the neighbor switch. set protocols rip export<text> <text> export policy name(s) This example configure the switch to export the policy "connected-to-rip" to the neighbor switch: XorPlus# set policy policy-statement connected-to-rip term export from protocol connected XorPlus# set policy policy-statement connected-to-rip term export then metric 0 XorPlus# set protocols rip export "connected-to-rip" protocols rip import User can configure the switch to import the policy which is exported by the neighbor switch. set protocols rip import<text> <text> import policy name(s) This example configure the switch to import the policy "connected-to-rip"exported by the neighbor switch: XorPlus# set protocols rip import "connected-to-rip" 203

204 protocols rip interface <bozo> vif <bozo> address <ip-address> accept-default-route User can configure the switch whether to accept default route from RIP neighbor set protocols rip interface <bozo> vif <bozo> address <ip-address> accept-default-route <bool> <bozo> VLAN name <ip-address> Address on interface used for RIP <bool> Configure the switch whether to accept default route from RIP neighbor.required select include: true false This example configure the switch to accept default route from RIP neighbor XorPlus# set protocols rip interface vlan2 vif vlan2 address accept-default-route true protocols rip interface <bozo> vif <bozo> address <ip-address> accept-non-rip-requests User can configure the switch whether to accept RIP requests from non-rip port set protocols rip interface <bozo> vif <bozo> address <ip-address> accept-non-rip-requests <bool> <bozo> VLAN name <ip-address> Address on interface used for RIP <bool> Configure the switch whether toaccept RIP requests from non-rip port.required select include: true false This example configure the switch to accept RIPrequests from non-rip port XorPlus# set protocols rip interface vlan2 vif vlan2 address accept-non-rip-requests true 204

205 protocols rip interface <bozo> vif <bozo> address <ip-address> advertise-default-route User can configure the switch whether to advertise default route to RIP neighbors set protocols rip interface <bozo> vif <bozo> address <ip-address> advertise-default-route <bool> <bozo> VLAN name <ip-address> Address on interface used for RIP <bool> Configure the switch whether to advertise default route to RIP neighbors.required select include: true false This example configure the switch to advertise default route to RIP neighbors XorPlus# set protocols rip interface vlan2 vif vlan2 address advertise-default-route true protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> end-time User can configure the deadline of the switch for RIP packets md5 key ID authentication set protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> end-time <time> <bozo> VLAN name <ip-address> Address on interface used for RIP <int> MD5 authentication key ID range <time> Authentication end time (YYYY-MM-DD.HH:MM) This example configure the deadline of the switch for RIP packets md5 key ID authentication XorPlus# set protocols rip interface vlan100 vif vlan100 address authentication md5 13 end-time :21 205

206 protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> password User can configure the password of the switch for RIP packets md5 key ID authentication set protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> password <pd> <bozo> VLAN name <ip-address> Address on interface used for RIP <int> MD5 authentication key ID range <pd> Authentication password This example configure the password of the switch for RIP packets md5 key ID authentication XorPlus# set protocols rip interface vlan100 vif vlan100 address authentication md5 13 password pica8 protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> start-time User can configure the start time of the switch for RIP packets md5 key ID authentication set protocols rip interface <bozo> vif <bozo> address <ip-address> authentication md5 <int> start-time <time> <bozo> VLAN name <ip-address> Address on interface used for RIP <int> MD5 authentication key ID range <time> Authentication start time (YYYY-MM-DD.HH:MM) This example configure the start time of the switch for RIP packets md5 key ID authentication XorPlus# set protocols rip interface vlan100 vif vlan100 address authentication md5 13 start-time :21 206

207 protocols rip interface <bozo> vif <bozo> address <ip-address> authentication simple-password User can configure the simple-password keyof the switch for RIP packets authentication set protocols rip interface <bozo> vif <bozo> address <ip-address> authentication simple-password <pd> <bozo> VLAN name <ip-address> Address on interface used for RIP <pd> Simple password authentication key This example configure the simple-password key of the switch for RIP packets authentication XorPlus# set protocols rip interface vlan100 vif vlan100 address authentication simple-passwordpica8 protocols rip interface <bozo> vif <bozo> address <ip-address> deletion-delay User can configure the delay time of deletion routefor the switch set protocols rip interface <bozo> vif <bozo> address <ip-address> deletion-delay <time> <bozo> VLAN name <ip-address> Address on interface used for RIP <time> Seconds of deletion route range This example configure the delay time 10 seconds for the switch to delete route protocols rip interface <bozo> vif <bozo> address <ip-address> disable User can configure the switch disable or enable RIP on address set protocols rip interface <bozo> vif <bozo> address <ip-address> disable <bool> 207

208 <bozo> VLAN name <ip-address> Address on interface used for RIP <bool> Disable RIP on address.required select include: true false This example configure the switch disable RIP on address XorPlus# set protocols rip interface vlan100 vif vlan100 address disable true protocols rip interface <bozo> vif <bozo> address <ip-address> horizon User can configure the switch horizon type applied to announced routes set protocols rip interface <bozo> vif <bozo> address <ip-address> horizon <type> <bozo> VLAN name <ip-address> Address on interface used for RIP <type> Horizon type.required select include: none No horizon type split-horizon Split horizon split-horizon-poison-reverse Split horizon with poisoned reverse This example configure the switch none horizon type applied to announced routes XorPlus# set protocols rip interface vlan100 vif vlan100 address horizon none protocols rip interface <bozo> vif <bozo> address <ip-address> interpacket-delay User can configure the minimum delay between outbound RIP packets for the switch set protocols rip interface <bozo> vif <bozo> address <ip-address> interpacket-delay <time> 208

209 <bozo> VLAN name <ip-address> Address on interface used for RIP <time> Minimum delay between outbound RIP packets (msec) This example configure the minimum delay time 10 secondsbetween outbound RIP packets for the switch XorPlus# set protocols rip interface vlan100 vif vlan100 address nterpacket-delay10 protocols rip interface <bozo> vif <bozo> address <ip-address> metric User can configure the cost metric added to routes received on address for the switch set protocols rip interface <bozo> vif <bozo> address <ip-address> metric <cost> <bozo> VLAN name <ip-address> Address on interface used for RIP <cost> Cost metric added to routes received on address range 0-16 This example configure the cost metric 1added to routes received on address for the switch XorPlus# set protocols rip interface vlan100 vif vlan100 address metric 1 protocols rip interface <bozo> vif <bozo> address <ip-address> passive User can configure the switch whether or not to transmit RIP packets set protocols rip interface <bozo> vif <bozo> address <ip-address> passive <bool> <bozo> VLAN name <ip-address> Address on interface used for RIP <bool> Whether or not to transmit RIP packets.required select include: true false 209

210 This example configure the switch to transmit RIP packets. XorPlus# set protocols rip interface vlan100 vif vlan100 address passive true protocols rip interface <bozo> vif <bozo> address <ip-address> request-interval User can configure the RIP request interval when the switch has no known neighbors. set protocols rip interface <bozo> vif <bozo> address <ip-address> request-interval <time> <bozo> VLAN name <ip-address> Address on interface used for RIP <time> Whether or not to transmit RIP packets.required select include: 0 Disable periodic RIP requests RIP request interval when no known neighbors This example configure the 10 seconds RIP request interval when the switch has no known neighbors. XorPlus# set protocols rip interface vlan100 vif vlan100 address request-interval 10 protocols rip interface <bozo> vif <bozo> address <ip-address> route-timeout User can configure theroute expiration timeof the switch. set protocols rip interface <bozo> vif <bozo> address <ip-address> route-timeout <time> <bozo> VLAN name <ip-address> Address on interface used for RIP <time> Seconds of route-timeout range This example configure the route expiration time 80 secondsof the switch. 210

211 XorPlus# set protocols rip interface vlan100 vif vlan100 address route-timeout80 protocols rip interface <bozo> vif <bozo> address <ip-address> triggered-delay User can configure thedelay time before sending repeated triggered updatefor the switch. set protocols rip interface <bozo> vif <bozo> address <ip-address> triggered-delay <time> <bozo> VLAN name <ip-address> Address on interface used for RIP <time> Seconds of trigger delay range This example configure the delay time10 before sending repeated triggered update. XorPlus# set protocols rip interface vlan100 vif vlan100 address triggered-delay 10 protocols rip interface <bozo> vif <bozo> address <ip-address> triggered-jitter User can configure the jitter of repeated triggered update delay for the switch. set protocols rip interface <bozo> vif <bozo> address <ip -address> triggered-jitter <percent> <bozo> VLAN name <ip-address> Address on interface used for RIP <percent> Jitter as percents of 'triggered-delay' range This example configure the jitter of repeated triggered update delayis the 10% of the.triggered-delay. XorPlus# set protocols rip interface vlan100 vif vlan100 address triggered-jitter10 211

212 protocols rip interface <bozo> vif <bozo> address <ip-address> update-interval User can configure the interval between regular route updates for the switch. set protocols rip interface <bozo> vif <bozo> address <ip-address> update-interval <time> <bozo> VLAN name <ip-address> Address on interface used for RIP <time> Seconds of update-interval range This example configure the interval 10 seconds between regular route updates for the switch. XorPlus# set protocols rip interface vlan100 vif vlan100 address update-interval 10 protocols rip interface <bozo> vif <bozo> address <ip-address> update-jitter User can configure the jitter of regular route update interval for the switch. set protocols rip interface <bozo> vif <bozo> address <ip -address> update-jitter <percent> <bozo> VLAN name <ip-address> Address on interface used for RIP <percent> Jitter as percents of 'update-interval' range This example configure the jitter of regular route update interval is the 10% of the. update-interval. XorPlus# set protocols rip interface vlan100 vif vlan100 address update-jitter 10 protocols sflow agent-id Users can set agent-id for sflow interface. set protocols sflow agent-id <IPv4> 212

213 <IPv4> A unique 32-bit identifier of the agent This example is to set agent-id to : XorPlus# set protocols sflow agent-id protocols sflow collector <IPv4> udp-port Users can set collector IPv4 id. set protocols sflow collector <IPv4> udp-port delete protocols sflow collector <IPv4> <IPv4> Configure the collector <port> <port> The udp port of the collector, 6343 by default This example is to configure the collector as ,udp-port is 6343: XorPlus# set protocols sflow collector udp-port 6343 XorPlus#commit protocols sflow disable By default, sflow is disabled. You can enable sflow and configure its'parameters. set protocols sflow disable <bool> delete protocols sflow disable <bool> Disable sflow on all interfaces by default true Disable sflow false enable sflow This example is to enable sflow on all interface: XorPlus# set protocols sflow disable false 213

214 protocols sflow header-len Users can set the length of sampled packet in bytes. set protocols sflow header-len <len> delete protocols sflow header-len <len> the Length of sampled packet in bytes This example is to set length of sampled packet to 1024: XorPlus# set protocols sflow header-len 1024 protocols sflow interface <port> disable Users can configure a specified interface to sflow protocol. set protocols sflow interface delete protocols sflow interface <port> disable <port> disable <bool> <port> ethernet switching port identifier,the valid ports range 1-52 <bool> Disable or enable sflow on a specified interface true Disable sflow on a specified interface false enable sflow on a specified interface This example is to enable sflow on ge-1/1/3: XorPlus# set protocols sflow interface ge-1/1/3 disable false protocols sflow interface <port> header-len Users can set the Length of sampled packet in bytes. set protocols sflow interface delete protocols sflow interface <port> header-len <port> header-len <value> <port> ethernet switching port identifier,the valid ports range 1-52 <value> The length identifier, [ ] 214

215 This example is to set header length sampled packets to 15 on ge-1/1/3: XorPlus# set protocols sflow interface ge-1/1/3 header-len 15 XorPlus# protocols sflow interface <port> polling-interval Users can set the polling interval for a specified interface. set protocols sflow interface <port> polling-interval d elete protocols sflow interface <port> polling-interval <seconds> <port> ethernet switching port identifier,the valid ports range 1-52 <seconds> Number of seconds, [ ] This example is to set polling interval to 300 on ge-1/1/3: XorPlus# set protocols sflow interface ge-1/1/3 polling-interval 300 protocols sflow interface <port> sampling-rate egress Users can set the sampling rate of sflow agent. set protocols sflow interface delete protocols sflow interface <port> sampling-rate egress <port> sampling-rate egress <value> <value> the rate at which exiting packets must be sampled, 2000 by default,[ ] This example is to set sampling rate of egress to 1000: XorPlus# set protocols sflow interface ge-1/1/3 sampling-rate egress 1000 protocols sflow interface <port> sampling-rate ingress Users can set the sampling rate of sflow agent. set protocols sflow interface delete protocols sflow interface <port> sampling-rate ingress <port> sampling-rate ingress <value> 215

216 <value> the rate at which exiting packets must be sampled, 2000 by default,[ ] This example is to set sampling rate of ingress to 1000: XorPlus# set protocols sflow interface ge-1/1/3 sampling-rate ingress 1000 protocols sflow polling-interval Users can set polling interval the sflow agent polls interfaces in seconds. set protocols sflow polling-interval <time> <time> Number of seconds, how often the sflow agent polls interfaces in seconds, 30 by default This example is to set polling interval to 60: XorPlus# set protocols sflow polling-interval 60 protocols sflow sampling-rate egress Users can set the sampling rate of sflow agent. set protocols sflow sampling-rate egress <value> delete protocols sflow sampling-rate egress <value> the rate at which exiting packets must be sampled, 2000 by default,[ ] This example is to set sampling rate of egress to 1000: XorPlus#set protocols sflow sampling-rate egress 1000 protocols sflow sampling-rate ingress Users can set the sampling rate of sflow agent. set protocols sflow sampling-rate ingress <value> delete protocols sflow sampling-rate ingress 216

217 <value> the rate at which exiting packets must be sampled, 2000 by default,[ ] This example is to set sampling rate of ingress to 1000: XorPlus#set protocols sflow sampling-rate ingress 1000 protocols sflow source-address Users can set the source address as the source in packets transmitted to collectors. set protocols sflow source-address <IPv4> <IPv4> source address as the source in packets transmitted to collectors This example is to set source-address to : XorPlus# set protocols sflow source-address

218 Open-Flow Configuration Command open-flow open-flow allowed-versions open-flow allowed-versions <version> disable open-flow controller open-flow controller <text> address open-flow controller <text> port open-flow controller <text> protocol open-flow flow open-flow flow <text1> action ecmp output-interface open-flow flow <text1> action ecmp output-interface <text2> next-hop open-flow flow <text1> action ecmp output-interface <text2> src-mac open-flow flow <text1> action ecmp output-interface <text2> vlan-id open-flow flow <text1> action output interface open-flow flow <text1> action output virtual-interface open-flow flow <text1> match-field ingress-port open-flow flow <text> action group open-flow flow <text> action modify ethernet-destination-address open-flow flow <text> action modify ethernet-source-address open-flow flow <text> action modify ip-tos open-flow flow <text> action modify mpls ethernet-type open-flow flow <text> action modify mpls inner-label open-flow flow <text> action modify mpls outmost-label open-flow flow <text> action modify mpls type open-flow flow <text> action modify vlan-id open-flow flow <text> action modify vlan-priority open-flow flow <text> action output controller open-flow flow <text> action output controller max-length open-flow flow <text> hard-timeout open-flow flow <text> idle-timeout open-flow flow <text> match-field destination-port open-flow flow <text> match-field ethernet-destination-address 218

219 open-flow flow <text> match-field ethernet-destination-mask open-flow flow <text> match-field ethernet-source-address open-flow flow <text> match-field ethernet-source-mask open-flow flow <text> match-field ethernet-type open-flow flow <text> match-field ip-destination-address open-flow flow <text> match-field ip-dst-addr-mask open-flow flow <text> match-field ip-protocol open-flow flow <text> match-field ip-source-address open-flow flow <text> match-field ip-src-addr-mask open-flow flow <text> match-field ip-tos open-flow flow <text> match-field ipv6-destination-address open-flow flow <text> match-field ipv6-source-address open-flow flow <text> match-field source-port open-flow flow <text> match-field vlan-id open-flow flow <text> match-field vlan-priority open-flow flow <text> priority open-flow groups group-id <group-id> bucket-id <bucket-id> action modify eth-dst-address open-flow groups group-id <group-id> bucket-id <bucket-id> action modify eth-src-address open-flow groups group-id <group-id> bucket-id <bucket-id> action modify ip-tos open-flow groups group-id <group-id> bucket-id <bucket-id> action modify vlan-id open-flow groups group-id <group-id> bucket-id <bucket-id> action modify vlan-priority open-flow groups group-id <group-id> bucket-id <bucket-id> action output-interface open-flow groups group-id <group-id> bucket-id <bucket-id> watch-port open-flow groups group-id <group-id> type open-flow local-port address open-flow local-port netmask open-flow working-mode show open-flow controller show open-flow controller detail show open-flow flow show open-flow flow-table show open-flow flow-table hardware show open-flow flow-table layer-2 show open-flow flow-table layer-3 219

220 show open-flow flow-table software show open-flow groups open-flow User can configure the open flow configuration or delete open flow configuration.by default, the switch enables OpenFlow v1.2. set open-flow delete open-flow This example configures the open flow configuration: XorPlus# set open-flow open-flow allowed-versions User can configure the switch's OpenFlow version or delete it.by default, the switch enables OpenFlow v1.2, and also supports OpenFlowv1.0, OpenFlow v 1.1, and OpenFlowv1.3. Your switch can negotiate with the controller and these four OpenFlow versions. set open-flow allowed-versions [ version] delete open-flow allowed-versions [ version] [ version]the allowed versions of OpenFlow.Required select include: openflow-v1.0 configure OpenFlow v1.0 openflow-v1.1 configure OpenFlow v1.1 openflow-v1.2 configure OpenFlow v1.2 openflow-v1.3 configure OpenFlow v1.3 This example configures that the version of openflow is openflow-v1.3: XorPlus# set open-flow allowed-versions openflow-v1.3 open-flow allowed-versions <version> disable User can configure the allowed versions of OpenFlow or delete open flow configuration used by hybrid ovs. 220

221 set open-flow allowed-versions < version> disable < bool> delete open-flow allowed-versions < version> disable < version>the allowed versions of OpenFlow.Required select include: openflow-v1.0 configure OpenFlow v1.0 openflow-v1.1 configure OpenFlow v1.1 openflow-v1.2 configure OpenFlow v1.2 openflow-v1.3 configure OpenFlow v1.3 < bool>therequired select include: true the version of the openflow is not allowed false the version of the openflow is allowed This example configures that the openflow-v1.3 is allowed: XorPlus# set open-flow allowed-versions openflow-v1.3 disable false open-flow controller User can configure the controller or delete it. set open-flow controller < text> delete open-flow controller < text> < text>the effective value is text,it is used to configure the controller. This example configures the name of controller: XorPlus# set open-flow controller contr-serv open-flow controller <text> address User can configure the controller's ip address or delete it.user can configure multiple controllers for the OpenFlow bridge (only one of them will be the active controller). set open-flow controller < text> address < IPV4> delete open-flow controller 221

222 < text>the effective value is text,it is used to configure the controller. < IPV4>The effective value is the ip address of the controller. This example configures the controller's ip address: XorPlus# set open-flow controller contr-serv address open-flow controller <text> port User can configure the layer 4 port used by the controller or delete it. set open-flow controller < text> port < int> delete open-flow controller < text> port < text>the effective value is text,it is used to configure the controller. < int>the effective value is range from 0 to This example configures the 6633 port used by the controller: XorPlus# set open-flow controller contr-serv port 6633 open-flow controller <text> protocol User can configure the IP protocol for communication with the controller or delete it. set open-flow controller < text> protocol <protocol> delete open-flow controller < text> protocol < text>the effective value is text,it is used to configure the controller. < protocol>the IP protocol for communication with the controller.required select include: ssl SSL tcp TCP This example configures the IP protocol for communication with the controller: XorPlus# set open-flow controller contr-serv protocol ssl 222

223 open-flow flow User can configure the flows or delete it. set open-flow flow< text> delete open-flow flow < text> < text>the effective value is text,it refers to the name of the flow. This example configures a flow f1: XorPlus# set open-flow flow f1 open-flow flow <text1> action ecmp output-interface In L2/L3 mode, user can add a ECMP static flow, which is stored in the routing table.user can configure a flow and the flow's output interface or delete it. set open-flow flow < text1> action ecmp output-interface < text2> delete open-flow flow < text1> action ecmp output-interface < text2> delete open-flow flow < text1> action ecmp delete open-flow flow < text1> < text1>the effective value is text,it refers to the name of the flow. < text2>the effective value is text,it refers to the output interface for packets(e.g. ge-1/1/1). This example configures a flow f1 and its output interface ge-1/1/1: XorPlus# set open-flow flow f1 action ecmp output-interface ge-1/1/1 open-flow flow <text1> action ecmp output-interface <text2> next-hop User can configure to modify the next hop mac address of the output packet. set open-flow flow < text1> action ecmp output-interface < text2> next-hop < macaddr> delete open-flow flow < text1> action ecmp output-interface < text2> next-hop delete open-flow flow < text1> action ecmp output-interface < text2> delete open-flow flow < text> action ecmp delete open-flow flow < text1> 223

224 < text1>the effective value is text,it refers to the name of the flow. < text2>the effective value is text,it refers to the output interface for packets(e.g. ge-1/1/1). < macaddr>the effective value is mac address.changing the next-hop mac address. This example configures to modify the next hop mac address of the output packet of the flow f1: XorPlus# set open-flow flow f1 action ecmp output-interface ge-1/1/1 next-hop 08:9e:01:39:1a:11 open-flow flow <text1> action ecmp output-interface <text2> src-mac User can configure to modify the source mac address in output packets. set open-flow flow < text1> action ecmp output-interface < text2> src-mac < macaddr> delete open-flow flow < text1> action ecmp output-interface < text2> src-mac delete open-flow flow < text1> action ecmp output-interface < text2> delete open-flow flow < text1> action ecmp delete open-flow flow < text1> < text1>the effective value is text,it refers to the name of the flow. < text1>the effective value is text,it refers source macaddress. < macaddr>the effective value is mac address.changing the source mac address. This example configures to modify the source mac address in the output packet of the flow f1: XorPlus# set open-flow flow f1 action ecmp output-interface ge-1/1/1 src-mac08:9e:01:39:1a:fe open-flow flow <text1> action ecmp output-interface <text2> vlan-id User can configure the vlanid of the output packets tag. set open-flow flow < text1> action ecmp output-interface < text2> vlan-id < vlan-id> delete open-flow flow < text1> action ecmp output-interface < text2> vlan-id delete open-flow flow < text1> action ecmp output-interface < text2> delete open-flow flow < text1> action ecmp delete open-flow flow < text1> 224

225 < text1>the effective value is text,it refers to the name of the flow. < text1>the effective value is text,it refers source mac address. < vlan-id>the effective value is vlan id,it ranges from 1 to This example configures the vlan id of the output packets tag: XorPlus# set open-flow flow f1 action ecmp output-interface ge-1/1/1 vlan-id 1 open-flow flow <text1> action output interface User can configure forward packets to gigabit interfaces and aggregate ones or delete it. set open-flow flow < text1> action output interface < text2> delete open-flow flow < text1> action output interface < text2> < text1>the effective value is text,it refers to the name of the flow. < text2>the effective value is gigabit interfaces and aggregate ones.when the text2's value is all,it means forwarding packets to all physical interfaces This example configuresforward packets to ge-1/1/1: XorPlus# set open-flow flow f1 action output interface ge-1/1/1 open-flow flow <text1> action output virtual-interface User can configure forward packets to virtual interfaces or delete it. set open-flow flow < text1> action output virtual-interface < text2> delete open-flow flow < text1> action output virtual-interface < text2> < text1>the effective value is text,it refers to the name of the flow. < text2>required select include: drop Discard packets all Forward packets to all physical interfaces local Forward packets to the switchs local networking stack This example configures forward packets to all physical interfaces: 225

226 XorPlus# set open-flow flow f1 action output virtual-interface all open-flow flow <text1> match-field ingress-port User can configureingress interface. set open-flow flow < text1> match-field ingress-port < text2> delete open-flow flow < text1> match-field ingress-port < text1>the effective value is text,it refers to the name of the flow. < text2> It is the ingress interface(e.g. ge-1/1/1, ge-1/1/2, ae1). This example configures ingress interface ge-1/1/1: XorPlus# set open-flow flow f1 match-field ingress-port ge-1/1/1 open-flow flow <text> action group User can set group for flow action or delete it. set open-flow flow < text> action group < int> delete open-flow flow < text> action group < int> < text>the effective value is text,it refers to the name of the flow. < text1>the effective value type is int,it ranges from 1 to 100. This example configures group of flow action: XorPlus# set open-flow flow f1 action group 1 open-flow flow <text> action modify ethernet-destination-address User can modify the ethernet destination address or delete it. set open-flow flow < text> action modify ethernet-destination-address < macaddr> delete open-flow flow < text> action modify ethernet-destination-address 226

227 < text>the effective value is text,it refers to the name of the flow. < macaddr>the effective valueis destination mac address. This example modifies the ethernet destination address: XorPlus# set open-flow flow f1 action modify ethernet-destination-address 22:22:22:33:33:33 open-flow flow <text> action modify ethernet-source-address User can modify the ethernet source address or delete it. set open-flow flow < text> action modify ethernet-source-address < macaddr> delete open-flow flow < text> action modify ethernet-source-address < text>the effective value is text,it refers to the name of the flow. < macaddr>the effective value is source mac address. This example modifies the ethernet source address: XorPlus# set open-flow flow f1 action modify ethernet-source-address 22:22:22:22:22:22 open-flow flow <text> action modify ip-tos User can modify the IP dscp or delete it. set open-flow flow < text> action modify ip-tos < int> delete open-flow flow < text> action modify ip-tos < text>the effective value is text,it refers to the name of the flow. < int>the effective value type is int,it refers to IP dscp value,it ranges from 0 to 63. This example modifies the IP dscp: XorPlus# set open-flow flow f1 action modify ip-tos 1 open-flow flow <text> action modify mpls ethernet-type User can modify the ethernet type of the mpls header or delete it. 227

228 set open-flow flow < text> action modify mpls ethernet-type < type> delete open-flow flow < text> action modify mpls ethernet-type < text>the effective value is text,it refers to the name of the flow. < type>the effective value type is the ethernet type.required select include: 0x0800Ethernet ipv4 protocol type 0x86dd Ethernet ipv6 protocol type 0x8847 Ethernet mpls protocol type This example modifies the ethernet type of the mpls header: XorPlus# set open-flow flow f1 action modify mpls ethernet-type ox0800 open-flow flow <text> action modify mpls inner-label User can modify the inner label value in the mpls header or delete it. set open-flow flow < text> action modify mpl sinner-label < type> delete open-flow flow < text> action modify mpls inner-label < text>the effective value is text,it refers to the name of the flow. < type>the effective value type is mpls inner label, means no inner label.it ranges from 0 to This example modifies the inner label value in the mpls header: XorPlus# set open-flow flow f1 action modify mpls inner-label 0 open-flow flow <text> action modify mpls outmost-label User can modify the outmost label value in the mpls header or delete it. set open-flow flow < text> action modify mpls outmost-label < type> delete open-flow flow < text> action modify mpls outmost-label < text>the effective value is text,it refers to the name of the flow. < type>the effective value type is mpls inner label.it ranges from 0 to

229 This example modifies the outmost label value in the mpls header: XorPlus# set open-flow flow f1 action modify mpls outmost-label 0 open-flow flow <text> action modify mpls type User can modify the action type of the mpls header or delete it. set open-flow flow < text> action modify mpls type < action-type> delete open-flow flow < text> action modify mpls type < text>the effective value is text,it refers to the name of the flow. < action-type>it refers to the action for the mpls header.required select include: pop Pop a mpls header push Push a mpls header swap Swap the mpls label This example configures pop action for a mpls header: XorPlus# set open-flow flow f1 action modify mpls type pop open-flow flow <text> action modify vlan-id User can modify the vlanid which the flow belongs to or delete it. set open-flow flow < text> action modify vlan-id < vlan-id> delete open-flow flow < text> action modify vlan-id < text>the effective value is text,it refers to the name of the flow. < vlan-id>it refers to the vlan id.it ranges from 1 to This example modifies the vlan id which the flow f1 belongs to: XorPlus# set open-flow flow f1 action modify vlan-id 2 229

230 open-flow flow <text> action modify vlan-priority User can modify the vlan priority or delete it. set open-flow flow < text> action modify vlan-priority <vlan-priority> delete open-flow flow < text> action modify vlan-priority < text>the effective value is text,it refers to the name of the flow. < vlan-priority>it refers to the vlan priority.it ranges from 0 to 7. This example modifies the vlan priority: XorPlus# set open-flow flow f1 action modify vlan-priority 2 open-flow flow <text> action output controller User can configure "controller" as the output port of a flow or delete it. set open-flow flow < text> action output controller delete open-flow flow < text> action output controller < text>the effective value is text,it refers to the name of the flow. This example configures "controller" as the output port of a flow: XorPlus# set open-flow flow f1 action output controller open-flow flow <text> action output controller max-length User can configure the maximum number of bytes that should be sent or delete it. set open-flow flow < text> action output controller max-length < max-length> delete open-flow flow < text> action output controller max-length < text>the effective value is text,it refers to the name of the flow. < max-length>the effective value is int,it refers to the maximum number of bytes that should be sent.it ranges from 0 to

231 This example configures the maximum number of bytes: XorPlus# set open-flow flow f1 action output controller max-length 900 open-flow flow <text> hard-timeout User can configure the expiring time regradless of activity in seconds. set open-flow flow <text> hard-timeout <value> delete open-flow flow <text> hard-timeout <text>the effective value is text,it refers to the name of the flow. <value>the value ranges from 0 to This example configures expiring time regradless of activity in 60 seconds.: XorPlus# set open-flow flow f1 hard-timeout 60 open-flow flow <text> idle-timeout User can configure expiring time due to inactivity in seconds. set open-flow flow < text> idle-timeout < value> delete open-flow flow < text> idle-timeout < text>the effective value is text,it refers to the name of the flow. < value>the value ranges from 0 to This example configures expiring time due to inactivity in 600 seconds: XorPlus# set open-flow flow f1 idle-timeout 600 open-flow flow <text> match-field destination-port User can configure UDP or TCP destination port. 231

232 set open-flow flow < text> match-field destination-port < ip-protocol-type> delete open-flow flow < text> match-field destination-port < text>the effective value is text,it refers to the name of the flow. < ip-protocol-type>the value ranges from 0 to 255. This example configures UDP or TCP destination port: XorPlus# set open-flow flow f1 match-field destination-port 4 open-flow flow <text> match-field ethernet-destination-address User can configure ethernet destination address. set open-flow flow < text> match-field ethernet-destination-address < macaddr> delete open-flow flow < text> match-field ethernet-destination-address < text>the effective value is text,it refers to the name of the flow. < macaddr>it is the destination mac address. This example configures ethernet destination address: XorPlus# set open-flow flow f1 match-field ethernet-destination-address 22:22:22:22:22:22 open-flow flow <text> match-field ethernet-destination-mask User can configure ethernet destination address mask. set open-flow flow < text> match-field ethernet-destination-mask < macaddr> delete open-flow flow < text> match-field ethernet-destination-mask < text>the effective value is text,it refers to the name of the flow. < macaddr>it is the destination mac address mask. This example configures ethernet destination address mask: 232

233 XorPlus# set open-flow flow f1 match-field ethernet-destination-mask fe:ff:ff:ff:ff:ff open-flow flow <text> match-field ethernet-source-address User can configure ethernet source address. set open-flow flow < text> match-field ethernet-source-address < macaddr> delete open-flow flow < text> match-field ethernet-source-address < text>the effective value is text,it refers to the name of the flow. < macaddr>it is the source mac address. This example configures ethernet source address: XorPlus# set open-flow flow f1 match-field ethernet-source-address 22:22:22:22:22:22 open-flow flow <text> match-field ethernet-source-mask User can configure ethernet source address mask. set open-flow flow < text> match-field ethernet-source-mask < macaddr> delete open-flow flow < text> match-field ethernet-source-mask < text>the effective value is text,it refers to the name of the flow. < macaddr>it is the source mac address mask. This example configures ethernet source address mask: XorPlus# set open-flow flow f1 match-field ethernet-source-mask fe:ff:ff:ff:ff:ff open-flow flow <text> match-field ethernet-type User can configureethernet protocol type. set open-flow flow < text> match-field ethernet-type < ethernet-protocol-type> delete open-flow flow < text> match-field ethernet-type 233

234 < text>the effective value is text,it refers to the name of the flow. < ethernet-protocol-type> It is the ethernet protocol type. This example configures ethernet protocol type 2048: XorPlus# set open-flow flow f1 match-field ethernet-type 2048 open-flow flow <text> match-field ip-destination-address User can configure IPv4 destination address. set open-flow flow < text> match-field ip-destination-address < IPV4> delete open-flow flow < text> match-field ip-destination-address < text>the effective value is text,it refers to the name of the flow. < IPV4>It is IPv4 destination address (e.g ). This example configures IPv4 destination address : XorPlus# set open-flow flow f1 match-field ip-destination-address open-flow flow <text> match-field ip-dst-addr-mask User can configure IPv4 destination address mask. set open-flow flow < text> match-field ip-dst-addr-mask < IPV4> delete open-flow flow < text> match-field ip-dst-addr-mask < text>the effective value is text,it refers to the name of the flow. < IPV4>It is IPv4 destination address mask (e.g ). This example configures IPv4 destination address mask : XorPlus# set open-flow flow f1 match-field ip-dst-addr-mask

235 open-flow flow <text> match-field ip-protocol User can configureip protocol type. set open-flow flow < text> match-field ip-protocol <ip-protocol -type> delete open-flow flow < text> match-field ip-protocol < text>the effective value is text,it refers to the name of the flow. <ip-protocol-type>it is IP protocol type.it ranges from 0 to 255. This example configures IP protocol type: XorPlus# set open-flow flow f1 match-field ip-protocol 254 open-flow flow <text> match-field ip-source-address User can configure IPv4 source address. set open-flow flow < text> match-field ip-source-address < IPV4> delete open-flow flow < text> match-field ip-source-address < text>the effective value is text,it refers to the name of the flow. < IPV4>It is IPv4 source address (e.g ). This example configures IPv4 source address : XorPlus# set open-flow flow f1 match-field ip-source-address open-flow flow <text> match-field ip-src-addr-mask User can configure IPv4 source address mask. set open-flow flow < text> match-field ip-src-addr-mask < IPV4> delete open-flow flow < text> match-field ip-src-addr-mask < text>the effective value is text,it refers to the name of the flow. < IPV4>It is IPv4 source address mask (e.g ). 235

236 This example configures IPv4 source address mask : XorPlus# set open-flow flow f1 match-field ip-src-addr-mask open-flow flow <text> match-field ip-tos User can configure IP ToS/DSCP. set open-flow flow < text> match-field ip-tos < ip-tos> delete open-flow flow < text> match-field ip-tos < text>the effective value is text,it refers to the name of the flow. < ip-tos>it ranges from 0 to 255. This example configures ip tos/dscp: XorPlus# set open-flow flow f1 match-field ip-tos 5 open-flow flow <text> match-field ipv6-destination-address User can configure IPv6 destination address and netmask. set open-flow flow < text> match-field ipv6-destination-address < IPv6Net> delete open-flow flow < text> match-field ipv6-destination-address < text>the effective value is text,it refers to the name of the flow. < IPv6Net>It is IPv6 destination address and netmask(e.g. 2001:db8:3c4d:1::/64). This example configures IPv6 destination address and netmask 2001:db8:3c4d:1::/64: XorPlus# set open-flow flow f1 match-field ipv6-destination-address 2001:db8:3c4d:1::/64 open-flow flow <text> match-field ipv6-source-address User can configure IPv6 source address and netmask. 236

237 set open-flow flow < text> match-field ipv6-source-address < IPv6Net> delete open-flow flow < text> match-field ipv6-source-address < text>the effective value is text,it refers to the name of the flow. < IPv6Net>It is IPv6 source address and netmask(e.g. 2001:db8:3c4d:1::/64). This example configures IPv6 source address and netmask 2001:db8:3c4d:1::/64: XorPlus# set open-flow flow f1 match-field ipv6-source-address 2001:db8:3c4d:1::/64 open-flow flow <text> match-field source-port User can configure UDP or TCP source port. set open-flow flow < text> match-field source-port < source-port> delete open-flow flow < text> match-field source-port < text>the effective value is text,it refers to the name of the flow. < source-port>it is UDP or TCP source port.it ranges from 0 to This example configures UDP or TCP source port 678: XorPlus# set open-flow flow f1 match-field source-port 678 open-flow flow <text> match-field vlan-id User can configure IEEE 802.1q Virtual LAN tag. set open-flow flow < text> match-field vlan-id < vlan-id> delete open-flow flow < text> match-field vlan-id < text>the effective value is text,it refers to the name of the flow. < vlan-id>it refers to the vlan id.it ranges from 1 to This example configures IEEE 802.1q Virtual LAN tag: XorPlus# set open-flow flow f1 match-field vlan-id 2 237

238 open-flow flow <text> match-field vlan-priority User can configure IEEE 802.1q Priority Code Point. set open-flow flow < text> match-field vlan-priority < pcp> delete open-flow flow < text> match-field vlan-priority < text>the effective value is text,it refers to the name of the flow. < pcp>it refers to Priority Code Point.It ranges from 0 to 7. This example configures IEEE 802.1q Priority Code Point: XorPlus# set open-flow flow f1 match-field vlan-priority 2 open-flow flow <text> priority User can configure the flow's priority in comparision to others, default set open-flow flow < text> priority < priority-value> delete open-flow flow < text> priority < text>the effective value is text,it refers to the name of the flow. < priority-value>it refers to the flow's priority in comparision to others, default It ranges from 0 to This example configures the flow's priority 2: XorPlus# set open-flow flow f1 priority 2 open-flow groups group-id <group-id> bucket-id <bucket-id> action modify eth-dst-address User can modify the ethernet destination address of bucket or delete it.the group needs one valid bucket at least. set open-flow groups group-id < group-id> bucket-id <bucket-id> action modify eth-dst-address < macaddr> delete open-flow group group-id < group-id> bucket-id <bucket-id> action modify eth-dst-address 238

239 < group-id>it refers to the group id,ranging from 1 to 100. < bucket-id>it ranges from 1 to 10. < macaddr>it refers to the ethernet destination address. This example modifies the ethernet destination address: XorPlus# set open-flow groups group-id 1 bucket-id 1 action modify eth-dst-address 22:22:22:22:22:22 open-flow groups group-id <group-id> bucket-id <bucket-id> action modify eth-src-address User can modify the ethernet source address of bucket or delete it.the group needs one valid bucket at least. set open-flow groups group-id < group-id> bucket-id <bucket-id> action modify eth-src-address < macaddr> delete open-flow group group-id < group-id> bucket-id <bucket-id> action modify eth-src-address < group-id>it refers to the group id,ranging from 1 to 100. < bucket-id>it ranges from 1 to 10. < macaddr>it refers to the ethernet source address. This example modifies the ethernet source address: XorPlus# set open-flow groups group-id 1 bucket-id 1 action modify eth-src-address 22:00:00:22:22:22 open-flow groups group-id <group-id> bucket-id <bucket-id> action modify ip-tos User can modify the ip dscp of bucket or delete it.the group needs one valid bucket at least. set open-flow groups group-id < group-id> bucket-id <bucket-id> action modify ip-tos < ip-tos> delete open-flow groups group-id < group-id> bucket-id <bucket-id> action modify ip-tos < group-id>it refers to the group id,ranging from 1 to 100. < bucket-id>it ranges from 1 to 10. < ip-tos>it refers to ip dscp value,ranging from 0 to

240 This example modifies the ip dscp of bucket: XorPlus# set open-flow groups group-id 1 bucket-id 1 action modify ip-tos 9 open-flow groups group-id <group-id> bucket-id <bucket-id> action modify vlan-id User can modify the ip dscp of bucket or delete it.the group needs one valid bucket at least. set open-flow groups group-id < group-id> bucket-id <bucket-id> action modify vlan-id < vlan-id> delete open-flow group group-id < group-id> bucket-id <bucket-id> action modify vlan-id < group-id>it refers to the group id,ranging from 1 to 100. < bucket-id>it ranges from 1 to 10. < vlan-id>it refers to vlanid,ranging from 1 to This example modifies the vlan id of bucket: XorPlus# set open-flow groups group-id 1 bucket-id 1 action modify vlan-id 2 open-flow groups group-id <group-id> bucket-id <bucket-id> action modify vlan-priority User can modify the vlan priority of one bucket or delete it.the group needs one valid bucket at least. set open-flow groups group-id < group-id> bucket-id <bucket-id> action modify vlan-priority < vlan-id > delete open-flow groups group-id < group-id> bucket-id <bucket-id> action modify vlan-priority < group-id>it refers to the group id,ranging from 1 to 100. < bucket-id>it ranges from 1 to 10. < vlan-priority>it refers to vlanpriority,ranging from 0 to 7. This example modifies the vlan id of bucket: XorPlus# set open-flow groups group-id 1 bucket-id 1 action modify vlan-priority 2 240

241 open-flow groups group-id <group-id> bucket-id <bucket-id> action output-interface User can configure forward packets to physical interface or delete it.the group needs one valid bucket at least. set open-flow groups group-id < group-id> bucket-id <bucket-id> action output-interface < text> delete open-flow group group-id < group-id> bucket-id <bucket-id> action output-interface < group-id>it refers to the group id,ranging from 1 to 100. < bucket-id>it ranges from 1 to 10. < text>it refers to physical interface(e.g. ge-1/1/1). This example configures forward packets to physical interface: XorPlus# set open-flow groups group-id 1 bucket-id 1 action output-interface ge-1/1/1 open-flow groups group-id <group-id> bucket-id <bucket-id> watch-port User can configure watch port of bucket for fast failover group or delete it.the group needs one valid bucket at least and the group is fast failover group. set open-flow groups group-id < group-id> bucket-id <bucket-id> watch-port < text> delete open-flow group group-id < group-id> bucket-id <bucket-id> watch-port < group-id>it refers to the group id,ranging from 1 to 100. < bucket-id>it ranges from 1 to 10. < text>it refers to watch port of bucket for fast failover group (e.g. ge-1/1/1). This example configures forward packets to physical interface: XorPlus# set open-flow groups group-id 1 bucket-id 1 watch-port ge-1/1/1 open-flow groups group-id <group-id> type User can configure type of a group table or delete it. 241

242 set open-flow groups group-id < group-id> type <group-type> delete open-flow group group-id type < group-id>it refers to the group id,ranging from 1 to 100. < group-type>it refers to the type of group,the default type is all.required select include: all All (multicast/broadcast) group,default type. ff Fast failover group indirect Indirect group select Select group This example configurestype of group tables: XorPlus# set open-flow groups group-id 1 type select open-flow local-port address User can configure the address of the local port or delete it. set open-flow local-port address < IPV4> delete open-flow local-port address < IPV4>It refers to IPV4 address(e.g ). This example configures the address of the local port: XorPlus# set open-flow local-port address open-flow local-port netmask User can configure the address's netmask of the local port or delete it. set open-flow local-port netmask < IPV4> delete open-flow local-port netmask < IPV4>It refers to IPV4 address's netmask(e.g ). This example configures the address's netmask of the local port: 242

243 XorPlus# set open-flow local-port netmask open-flow working-mode User can configure OpenFlow working mode or delete it. set open-flow working-mode < working-mode> delete open-flow working-mode < working-mode>required select include: l2/l3-mode Use L2/L3 table when adding flow tcam-mode Use TCAM when adding flow,default value. This example configures use L2/L3 table when adding flow: XorPlus# set open-flow working-mode l2/l3-mode show open-flow controller The show open-flow controller command shows the information of controller run show open-flow controller This example shows the information of controller: XorPlus# run show open-flow controller pica8 tcp: :6633 show open-flow controller detail The show open-flow controller detail command shows the detail information of controller runshow open-flow controller detail This example shows the detail information of the controller: XorPlus# run show open-flow controller detail Controller: tcp: :6633 Connected: False 243

244 Role: Other Band: Out-of-band Max Backoff: 8s Probe Interval: 5s Asynchronous Messages: Enabled Last Error: Connection refused State: BACKOFF show open-flow flow The show open-flow flow command shows the information of all flows run show open-flow flow < text> < text>the effective value is text,it refers to the name of the flow.the default value refers to show all flows. This example shows the information of all flows: XorPlus# run show open-flow flow f1dl_type=0x0800,dl_dst=22:22:22:22:22:22/fe:ff:ff:ff:ff:ff,nw_dst= / dl_type=0x0806,priority=32768,actions=output:1 f3 in_port=1,priority=32768,actions=drop This example shows the information of the f1 flow: XorPlus# run show open-flow flow f1 f1 dl_type=0x0800,dl_dst=22:22:22:22:22:22/fe:ff:ff:ff:ff:ff,nw_dst= / , show open-flow flow-table The show open-flow flow-table command shows the information of flow table. run show open-flow flow-table This example shows the flow table: XorPlus# run show open-flow flow-table cookie=0x0, duration= s, table=0, n_packets=0, n_bytes=0, priority=0,ip,dl_dst=22:22:22:22:22:22/fe:ff:ff:ff:ff:ff,nw_dst= /31,nw_tos=4 actions=controller:900,local cookie=0x0, duration= s, table=0, n_packets=0, n_bytes=0, in_port=1 actions=drop cookie=0x0, duration= s, table=0, n_packets= , n_bytes= , arp actions=output:1 244

245 show open-flow flow-table hardware The show open-flow flow-table hardware command shows the dump flows in linecard hardware table. run show open-flow flow-table hardware This example shows the dump flows in linecard hardware table: XorPlus# run show open-flow flow-table hardware T:id#9 in_port=1, actions:drop T:id#5 arp, actions:1 show open-flow flow-table layer-2 The show open-flow flow-table layer-2 command shows the dump linecard layer-2 table in l2/l3-mode. run show open-flow flow-table layer-2 This example shows the dump linecard layer-2 table in l2/l3-mode: XorPlus# run show open-flow flow-table layer-2 FlowID Vlan Destination MAC Output show open-flow flow-table layer-3 The show open-flow flow-table layer-3 command shows the dump linecard layer-2 table in l2/l3-mode. run show open-flow flow-table layer-3 This example shows the dump linecard layer-3 table in l2/l3-mode: XorPlus# run show open-flow flow-table layer-3 FlowID Destination NetMask NextHopMac Output

246 show open-flow flow-table software The show open-flow flow-table software command shows the dump flows in hybrid ovs software table. run show open-flow flow-table software This example shows the dump flows in hybrid ovs software table: XorPlus# run show open-flow flow-table software Total flow entries count: 3 =================================== arp, packets: , bytes: , used:1.025s, actions:1 in_port=1, packets:0, bytes:0, used: s, actions:drop priority=0,ip,dl_dst=22:22:22:22:22:22/fe:ff:ff:ff:ff:ff,nw_dst= /31,nw_tos=4, packets:0, bytes:0, used: s, actions:userspace(pid=0,slow_path(controller)) show open-flow groups The show open-flow groups command shows the dump OpenFlow groups. run show open-flow groups This example shows the dump OpenFlow groups: XorPlus# run show open-flow groups OFPST_GROUP_DESC reply (OF1.3) (xid=0x2): group-id=1, type=all bucket 1: actions=mod_vlan_vid:2,mod_vlan_pcp:0,mod_dl_src:22:00:00:22:22:22,mod_dl_dst:22:22:22:22 246

247 System Configuration Commands show system boot-messages show system connections show system core-dumps show system cpu-usage show system date show system fan show system memory-usage show system name show system ntp-status show system os show system processes brief show system processes detail show system rollback compare to show system rollback file show system rollback list show system rpsu show system serial-number show system temperature show system uptime show system users system aaa local disable system aaa radius accounting disable system aaa radius accounting server-ip system aaa radius accounting server-ip <IPV4> port system aaa radius accounting server-ip <IPV4> shared-key system aaa radius accounting server-ip <IPV4> timeout system aaa radius authorization disable system aaa radius authorization server-ip system aaa radius authorization server-ip <IPV4> port system aaa radius authorization server-ip <IPV4> shared-key system aaa radius authorization server-ip <IPV4> timeout 247

248 system aaa tacacs-plus accounting system aaa tacacs-plus authorization system aaa tacacs-plus auth-type system aaa tacacs-plus disable system aaa tacacs-plus key system aaa tacacs-plus port-number system aaa tacacs-plus server-ip system hostname system inband enable system login-acl network system login announcement system login user system login user <text> authentication plain-text-password system login user <text> class system login user admin authentication plain-text-password system login user admin class system ntp-server-ip system remote-config allow-client system services ssh connection-limit system services ssh disable system services ssh protocol-version v2 system services ssh rate-limit system services ssh root-login system services telnet connection-limit system services telnet disable system services telnet rate-limit system snmp-acl network system syslog host system syslog local-file system syslog port-number system syslog port-protocol system timezone 248

249 show system boot-messages The show system boot-message command displays information about boot time messages. The command display copyright,up time,revision,and using MPC85 xx CDS machine description and so on. run show system boot-messages This example show system boot-messages: XorPlus# run show system boot-messages Copyright (c) Pica8 Inc. All rights reserved. Up time: 13:03:50 revision: Using MPC85xx CDS machine description Memory CAM mapping: CAM0=256Mb, CAM1=256Mb, CAM2=0Mb residual: 0Mb Linux version (gcc version 4.2.2) #49 Fri Apr 25 11:19:13 CST 2014 Found legacy serial port 0 for /soc8541@e /serial@4500 mem=e , taddr=e , irq=0, clk= , speed=0 console [udbg0] enabled Found FSL PCI host bridge at 0x e Firmware bus number: 0->0 PCI host bridge /pci@e (primary) ranges: MEM 0x x fffffff -> 0x IO 0x e x e20fffff -> 0x Top of RAM: 0x , Total RAM: 0x Memory hole size: 0MB Zone PFN ranges: DMA 0x > 0x Normal 0x > 0x HighMem 0x > 0x Movable zone start PFN for each node early_node_map[1] active PFN ranges 0: 0x > 0x On node 0 totalpages: free_area_init_node: node 0, pgdat c03cc4d4, node_mem_map c DMA zone: pages, LIFO batch:31 Built 1 zonelists in Zone order, mobility grouping on. Total pages: Kernel command line: root=/dev/hda1 rw noinitrd console=ttys0, mpic: Setting up MPIC " OpenPIC " version 1.2 at e , max 1 CPUs mpic: ISU size: 56, shift: 6, mask: 3f mpic: Initializing for 56 sources PID hash table entries: 2048 (order: 11, 8192 bytes) time_init: decrementer frequency = MHz time_init: processor frequency = MHz clocksource: timebase mult[60f83e1] shift[22] registered clockevent: decrementer mult[a8f] shift[16] cpu[0] Console: colour dummy device 80x25 Dentry cache hash table entries: (order: 6, bytes) Inode-cache hash table entries: (order: 5, bytes) High memory: 0k Memory: k/524288k available (3764k kernel code, 8648k reserved, 132k data, 162k bss, 168k init) 249

250 SLUB: Genslabs=12, HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1 Calibrating delay loop BogoMIPS (lpj=164864) --More-- show system connections The show system connections command displays information about the system connection activity,it includes servers and established. The command display Proto,.Recv-q,Send-Q,Local Address,Foreign Address,State,User and Inode. run show system connections This example show system connections: XorPlus# run show system connections Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN

251 tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :* LISTEN tcp : :45862 ESTABLISHED tcp : :34260 ESTABLISHED tcp : :50206 ESTABLISHED tcp : :57354 ESTABLISHED tcp : :33787 ESTABLISHED tcp : :45845 ESTABLISHED tcp : :50436 ESTABLISHED tcp : :45854 ESTABLISHED tcp : :44086 ESTABLISHED tcp : :50206 ESTABLISHED tcp : :43938 ESTABLISHED tcp : :44162 ESTABLISHED tcp : :45879 ESTABLISHED tcp : :37210 ESTABLISHED tcp : :37210 ESTABLISHED tcp : :33197 ESTABLISHED tcp : :59983 ESTABLISHED tcp : :59503 ESTABLISHED tcp : :43906 ESTABLISHED tcp : :57027 ESTABLISHED tcp : :55264 ESTABLISHED tcp : :

252 ESTABLISHED tcp : :33197 ESTABLISHED tcp : :56441 ESTABLISHED tcp : :38841 ESTABLISHED tcp : :40818 ESTABLISHED tcp : :45889 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :33197 ESTABLISHED tcp : :45836 ESTABLISHED tcp : :50436 ESTABLISHED tcp : :45881 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :42946 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :45860 ESTABLISHED tcp : :42504 ESTABLISHED tcp : :43938 ESTABLISHED tcp : :59988 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :51222 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :57892 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :50206 ESTABLISHED tcp : :36455 ESTABLISHED tcp : :45837 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :39516 ESTABLISHED tcp : :42946 ESTABLISHED tcp : :53512 ESTABLISHED tcp : :45868 ESTABLISHED tcp : :57052 ESTABLISHED

253 tcp : :42946 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :36455 ESTABLISHED tcp : :45893 ESTABLISHED tcp : :44104 ESTABLISHED tcp : :43938 ESTABLISHED tcp : :57883 ESTABLISHED tcp : :50206 ESTABLISHED tcp : :47257 ESTABLISHED tcp : :45839 ESTABLISHED tcp : :48610 ESTABLISHED tcp : :35345 ESTABLISHED tcp : :42946 ESTABLISHED tcp : :59949 ESTABLISHED tcp : :45847 ESTABLISHED tcp : :38492 ESTABLISHED tcp : :52988 ESTABLISHED tcp : :51222 ESTABLISHED tcp : :43904 ESTABLISHED tcp : :53208 ESTABLISHED tcp : :57057 ESTABLISHED tcp : :45840 ESTABLISHED tcp : :50436 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :57019 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :53512 ESTABLISHED tcp : :39517 ESTABLISHED tcp : :55985 ESTABLISHED tcp : :

254 ESTABLISHED tcp : :57004 ESTABLISHED tcp : :34244 ESTABLISHED tcp : :50206 ESTABLISHED tcp : :45844 ESTABLISHED tcp : :45856 ESTABLISHED tcp : :36015 ESTABLISHED tcp : :36773 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :35369 ESTABLISHED tcp : :33775 ESTABLISHED tcp : :50436 ESTABLISHED tcp : :35340 ESTABLISHED tcp : :36359 ESTABLISHED tcp : :57037 ESTABLISHED tcp : :45861 ESTABLISHED tcp : :44992 ESTABLISHED tcp : :44251 ESTABLISHED tcp : :59528 ESTABLISHED tcp : :50206 ESTABLISHED tcp : :46496 ESTABLISHED tcp : :57012 ESTABLISHED tcp : :44239 ESTABLISHED tcp : :44118 ESTABLISHED tcp : :36916 ESTABLISHED tcp : :53208 ESTABLISHED tcp : :56564 ESTABLISHED tcp : :46164 ESTABLISHED tcp : :57039 ESTABLISHED tcp : :47143 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :53512 ESTABLISHED

255 tcp : :59990 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :48041 ESTABLISHED tcp : :50206 ESTABLISHED tcp : :36902 ESTABLISHED tcp : :50206 ESTABLISHED tcp : :42536 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :45863 ESTABLISHED tcp : :43938 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :38492 ESTABLISHED tcp : :45842 ESTABLISHED tcp : :39592 ESTABLISHED tcp : :33197 ESTABLISHED tcp : :53512 ESTABLISHED tcp : :41078 ESTABLISHED tcp : :57010 ESTABLISHED tcp : :44859 ESTABLISHED tcp : :55985 ESTABLISHED tcp : :45894 ESTABLISHED tcp : :33197 ESTABLISHED tcp : :44132 ESTABLISHED tcp : :34647 ESTABLISHED tcp : :44136 ESTABLISHED tcp : :54304 ESTABLISHED tcp : :55985 ESTABLISHED tcp : :50206 ESTABLISHED tcp : :35592 ESTABLISHED tcp : :50206 ESTABLISHED tcp : :42946 ESTABLISHED tcp : :

256 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :57895 ESTABLISHED tcp : :47252 ESTABLISHED tcp : :44705 ESTABLISHED tcp : :29595 ESTABLISHED tcp : :57008 ESTABLISHED tcp : :41248 ESTABLISHED tcp : :45846 ESTABLISHED tcp : :29595 ESTABLISHED More-- show system core-dumps The show system core-dumps command displays information about the system core files. run show system core-dumps This example show system core-dumps: XorPlus# run show system core-dumps total 0 show system cpu-usage The show system cpu-usage command displays information about the cpu usage. run show system cpu-usage This example show system connections: XorPlus# run show system cpu-usage CPU usage: 7% show system date The show system date command displays information about the system current date. 256

257 run show system date This example show system date: XorPlus# run show system date Thu Nov 10 23:55:38 UTC 2005 show system fan The show system fan command displays information about the system status of fan. run show system fan This example show system fan: XorPlus# run show system fan Sensor Temperature: Sensor 1 Temperature : 45 C / F Sensor 2 Temperature : 42 C / F Sensor 3 Temperature : 47 C / F Sensor 4 Temperature : 38 C / F Fan Status: Fan 1 speed = 9747 RPM, PWM = 59, Forward Fan 2 speed = 9836 RPM, PWM = 59, Forward Fan 3 speed = 9782 RPM, PWM = 59, Forward show system memory-usage The show system memory-usage command displays information about the memory usage. run show system memory-usage This example show system memory-usage: XorPlus# run show system memory-usage total used free shared buffers cached Mem: /+ buffers/cache: Swap: show system name The show system name command displays information about the host name. 257

258 run show system name This example show system name: XorPlus# run show system name XorPlus show system ntp-status The show system ntp-status command displays information about the switch NTP status. run show system ntp-status This example show system ntp-status: XorPlus# run show system ntp-status NTP Server information: server NTP Server Sync information: ntp_gettime() returns code 0 (OK) time d709f74e.9b Tue, Apr :02:54.606, ( ), maximum error 6016 us, estimated error 16 us, TAI offset 0 ntp_adjtime() returns code 0 (OK) modes 0x0 (), offset us, frequency ppm, interval 1 s, maximum error 6016 us, estimated error 16 us, status 0x1 (PLL), time constant 7, precision us, tolerance 500 ppm, remote refid st t when poll reach delay offset jitter ============================================================================== INIT. 16 u show system os The show system os command displays information about operating system details. run show system os This example show system os: XorPlus# run show system os Linux XorPlus #1 Mon Mar 3 20:40:05 CST 2014 ppc GNU/Linux 258

259 show system processes brief The show system processes brief command displays processes in a brief format. run show system processes brief This example show system processes brief: XorPlus# run show system processes brief PID TTY STAT TIME COMMAND 1? Ss 0:01 init [2] 2? S< 0:00 [kthreadd] 3? S< 0:01 [ksoftirqd/0] 4? S< 0:00 [watchdog/0] 5? S< 0:14 [events/0] 6? S< 0:00 [khelper] 48? S< 0:00 [kblockd/0] 55? S< 0:00 [ata/0] 56? S< 0:00 [ata_aux] 58? S< 0:00 [kseriod] 99? S 0:00 [pdflush] 100? S 0:00 [pdflush] 101? S< 0:00 [kswapd0] 147? S< 0:00 [aio/0] 156? S< 0:00 [nfsiod] 831? S< 0:00 [ftld] 853? S< 0:00 [rpciod/0] 857? S< 0:00 [kjournald] 2338? Ss 0:00 /usr/sbin/cron -L ? Ss 0:00 /usr/sbin/xinetd -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6 2483? S 0:18 pica_cardmgr 2485? S 6:14 pica_sif 2631? S 0:32 pica_lacp 2648? Sl 102:22 pica_lcmgr 2654? S 0:29 pica_login 3405? S 3:10 pica_mstp 3409? S 0:18 xorp_policy 3411? Ss 8:12 /pica/bin/xorp_rtrmgr -d -L local0.info -P /var/run/xorp_rtrmgr.pid 3450? S 0:57 pica_dhcp 3466? S 0:36 xorp_static_routes 3474? S 0:37 xorp_ospfv tty1 Ss+ 0:00 /sbin/getty tty tty2 Ss+ 0:00 /sbin/getty tty tty3 Ss+ 0:00 /sbin/getty tty3 3816? Ss 0:00 dhclient eth0 4880? Ss 0:00 in.telnetd: pts/0 Ss 0:00 login -h p 4882 pts/0 S+ 0:00 -bash 4891 pts/0 S+ 0:02 /pica/bin/pica_sh 9021 pts/0 R 0:00 ps ax 15109? Ss 0:00 in.telnetd: pts/1 Ss 0:00 login -h p pts/1 S+ 0:00 -bash pts/1 S+ 0:17 /pica/bin/pica_sh 15327? Ss 0:00 in.telnetd:

260 15328 pts/2 Ss 0:00 login -h p pts/2 S+ 0:00 -bash pts/2 S+ 0:26 /pica/bin/pica_sh ttys0 Ss 0:00 /bin/login ttys0 S+ 0:00 -bash ttys0 S+ 0:17 /pica/bin/pica_sh 21746? Ss 0:00 in.telnetd: pts/3 Ss 0:00 login -h p pts/3 S+ 0:00 -bash pts/3 S+ 0:10 /pica/bin/pica_sh 27523? Sl 0:00 /usr/sbin/rsyslogd -c ? S 0:00 radvd 31990? Ss 0:01 radvd show system processes detail The show system processes detail command displays processes in a detailed format. run show system processes detail This example show system processes detail: XorPlus# run show system processes detail USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root ? Ss Nov09 0:01 init [2] root ? S< Nov09 0:00 [kthreadd] root ? S< Nov09 0:01 [ksoftirqd/0] root ? S< Nov09 0:00 [watchdog/0] root ? S< Nov09 0:14 [events/0] root ? S< Nov09 0:00 [khelper] root ? S< Nov09 0:00 [kblockd/0] root ? S< Nov09 0:00 [ata/0] root ? S< Nov09 0:00 [ata_aux] root ? S< Nov09 0:00 [kseriod] root ? S Nov09 0:00 [pdflush] root ? S Nov09 0:00 [pdflush] root ? S< Nov09 0:00 [kswapd0] root ? S< Nov09 0:00 [aio/0] root ? S< Nov09 0:00 [nfsiod] root ? S< Nov09 0:00 [ftld] root ? S< Nov09 0:00 [rpciod/0] root ? S< Nov09 0:00 [kjournald] root ? Ss Nov09 0:00 /usr/sbin/cron -L 0 root ? Ss Nov09 0:00 /usr/sbin/xinetd -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6 root ? S Nov09 0:18 pica_cardmgr root ? S Nov09 6:16 pica_sif root ? S Nov09 0:32 pica_lacp root ? Sl Nov09 103:00 pica_lcmgr root ? S Nov09 0:30 pica_login root ? S Nov09 3:11 pica_mstp root ? S Nov09 0:18 xorp_policy 260

261 root ? Ss Nov09 8:16 /pica/bin/xorp_rtrmgr -d -L local0.info -P /var/run/xorp_rtrmgr.pid root ? S Nov09 0:58 pica_dhcp root ? S Nov09 0:36 xorp_static_routes root ? S Nov09 0:37 xorp_ospfv2 root tty1 Ss+ Nov09 0:00 /sbin/getty tty1 root tty2 Ss+ Nov09 0:00 /sbin/getty tty2 root tty3 Ss+ Nov09 0:00 /sbin/getty tty3 root ? Ss Nov09 0:00 dhclient eth0 root ? Ss Nov10 0:00 in.telnetd: root pts/0 Ss Nov10 0:00 login -h p admin pts/0 S+ Nov10 0:00 -bash admin pts/0 S+ Nov10 0:02 /pica/bin/pica_sh admin pts/0 R 00:31 0:00 ps aux root ? Ss Nov10 0:00 in.telnetd: root pts/1 Ss Nov10 0:00 login -h p admin pts/1 S+ Nov10 0:00 -bash admin pts/1 S+ Nov10 0:17 /pica/bin/pica_sh root ? Ss Nov10 0:00 in.telnetd: root pts/2 Ss Nov10 0:00 login -h p admin pts/2 S+ Nov10 0:00 -bash admin pts/2 S+ Nov10 0:27 /pica/bin/pica_sh root ttys0 Ss Nov10 0:00 /bin/login - admin ttys0 S+ Nov10 0:00 -bash admin ttys0 S+ Nov10 0:17 /pica/bin/pica_sh root ? Ss Nov10 0:00 in.telnetd: root pts/3 Ss Nov10 0:00 login -h p admin pts/3 S+ Nov10 0:00 -bash admin pts/3 S+ Nov10 0:10 /pica/bin/pica_sh root ? Sl Nov10 0:00 /usr/sbin/rsyslogd -c5 root ? S Nov10 0:00 radvd root ? Ss Nov10 0:01 radvd show system rollback compare to The show system rollback compare to command show the difference between tow rolled back configurations. 261

262 run show system rollback compare to <other-config> <other-config>show the difference between rolled back configuration [1-49] and current configuration. This example show system rollback compare to 02: XorPlus# run show system rollback compare to 02 3c3 < /*Last commit : Tue Apr 29 10:02: by admin*/ --- > /*Last commit : Tue Apr 29 09:38: by admin*/ 23c23 < code-point > code-point d1253 < ntp-server-ip show system rollback file The show system rollback file command show rolled back configuration file. run show system rollback file <rollback> <other-config>show rolled back configuration, range is [01, 02, 03,... 49]. This example show system rollback file 01: XorPlus# run show system rollback file 01 /*XORP Configuration File, v1.0*/ /* Copyright (C) Pica8, Inc.*/ /*Last commit : Fri Nov 11 15:17: by root*/ /*PicOS Version : 2.0.6*/ /*Version Checksum: 6165f4a04921d24410b9bf2780b0a960*/ interface { ecmp { max-path: 4 hash-mapping { field { ingress-interface { disable: true } vlan { disable: true } ip-protocol { disable: true } 262

263 ip-source { disable: false } ip-destination { disable: false } port-source { disable: false } port-destination { disable: false } } } } aggregate-balancing { hash-mapping { field { ingress-interface { disable: false } ethernet-source-address { disable: false } ethernet-destination-address { disable: false } ethernet-type { disable: false } vlan { disable: false } ip-protocol { disable: false } ip-source { disable: false } ip-destination { disable: false } port-source { disable: false } port-destination { disable: false } --More-- PicOS Routing and Switching Commands Reference Guide show system rollback list The show system rollback list command show rolled back file list. run show system rollback list This example show system rollback list: 263

264 XorPlus# run show system rollback list -rw-rw-r-- 1 admin xorp Nov 11 15:43 /pica/config/pica.conf -rw-rw-r-- 1 admin xorp Nov 11 15:42 /pica/config/pica.conf.01 -rw-rw-r-- 1 root xorp Nov 11 15:17 /pica/config/pica.conf.02 show system rpsu The show system rpsu command show the status of Redundant Power Supply Unit. run show system rpsu This example show system rpsu: XorPlus# run show system rpsu RPSU is not supported for Pronto3290 show system serial-number The show system serial-number command show the serial number of Motherboard, RPSU, SFP module. run show system serial-number This example show system serial-number: XorPlus# run show system serial-number MotherBoard Serial Number : QTFCA SFP te-1/1/49 : Vendor Name : AOI Serial Number : E0076 Module Type : SR/850nm Cable Length : 0m SFP te-1/1/50 : Vendor Name : AOI Serial Number : E0054 Module Type : SR/850nm Cable Length : 0m show system temperature The show system temperature command show the switch temperature. run show system temperature This example show system temperature: 264

265 XorPlus# run show system temperature Temperature: 41 C / 105 F show system uptime The show system uptime command show the time since system and processes started. run show system uptime This example show system uptime: XorPlus# run show system uptime 16:01:44 up 53 min, 3 users, load average: 0.09, 0.07, 0.09 show system users The show system users command show users who are currently logging in. run show system users This example show system users: XorPlus# run show system users admin pts/0 Nov 11 15:35 ( ) admin ttys0 Nov 11 15:18 admin pts/1 Nov 11 15:38 ( ) system aaa local disable User can configure the local log-in or delete it. Set system aaa local disable < bool> delete system aaa local disable < bool> The effective value is true/false. When the value is true,you cannot log in the switch with a local account. This example configures the local authentication: XorPlus# set system aaa local disable ture 265

266 system aaa radius accounting disable User can configure radius accounting disable or enable,and you also can delete it. set system aaa radius accounting disable < bool> delete system aaa radius accounting disable < bool> The effective value is true/false. When the value is true,the radius accounting is disable.when the value is false,the radius accounting is enable. This example configures the radius enable: XorPlus# set system aaa radius accounting disable false system aaa radius accounting server-ip User can configure radius accounting server IP and delete it. set system aaa radius accounting server-ip < IPV4> delete system aaa radius accounting server-ip < IPV4> < IPV4> The effective value is radius accounting server IP. This example configures the radius accounting server IP: XorPlus# set system aaa radius accounting server-ip system aaa radius accounting server-ip <IPV4> port User can configure radius accounting server IP and port. set system aaa radius accounting server-ip < IPV4> port < uint> delete system aaa radius accounting server-ip < IPV4> port < IPV4> The effective value is radius accounting server IP. < uint> The effective value is uint. This example configures the radius accounting IP and the radius server port: 266

267 XorPlus# set system aaa radius accounting server-ip port 2 system aaa radius accounting server-ip <IPV4> shared-key User can configure radius accounting server IP and the shared-key,you also can delete it. set system aaa radius accounting server-ip < IPV4> shared-key < text> delete system aaa radius accounting server-ip < IPV4> shared-key < IPV4> The effective value is radius accounting server IP. < text> The effective value is text,it stands for shared key. This example configures the radius accounting IP and the radius server shared key: XorPlus# set system aaa radius accounting server-ip shared-key test123 system aaa radius accounting server-ip <IPV4> timeout User can configure radius accounting IP and radius accounting server timeout or delete it. set system aaa radius accounting server-ip < IPV4> timeout < uint> delete system aaa radius accounting server-ip < IPV4> timeout < IPV4> The effective value is radius accounting server IP. < uint >The effective value is uint. This example configures the radius accounting IP and the radius server timeout: XorPlus# set system aaa radius accounting server-ip timeout 5 system aaa radius authorization disable User can disable/enable radius authorization,and you also can delete it. set system aaa radius authorization disable < bool> delete system aaa radius authorization disable 267

268 < bool>the effective value is true/false. When the value is true,the radius authorization is disable.when the value is false,the radius authorization is enable. This example enables the radius authorization: XorPlus# set system aaa radius authorization disable false system aaa radius authorization server-ip User can configure radius authorization server-ip or delete it. set system aaa radius authorization server-ip < IPV4> delete system aaa radius authorization server-ip < IPV4> < IPV4> The effective value is radius authorization server IP. This example sets the radius authorization server-ip as : XorPlus# set system aaa radius authorization server-ip system aaa radius authorization server-ip <IPV4> port User can configure radius authorization server IP and port or delete it. set system aaa radius authorization server-ip < IPV4> port < uint> delete system aaa radius authorization server-ip < IPV4> port < IPV4> The effective value is radius authorization server IP. < uint> The effective value is uint. This example configures the radius authorization IP and the radius server port: XorPlus# set system aaa radius authorization server-ip port 2 system aaa radius authorization server-ip <IPV4> shared-key User can configure radius authorization server IP and the shared-key or delete it. 268

269 set system aaa radius authorization server-ip <IPV4> shared-key <text> delete system aaa radius authorization server-ip <IPV4> shared-key < IPV4>The effective value is radius authorization server IP. < text> The effective value is text,it refers to shared-key. This example configures the radius authorization IP and the radius server shared key: XorPlus# set system aaa radius authorization server-ip shared-key test123 system aaa radius authorization server-ip <IPV4> timeout User can configure radius authorization IP and radius authorization server timeout or delete it. set system aaa radius authorization server-ip < IPV4> timeout < uint> delete system aaa radius authorization server-ip < IPV4> timeout < IPV4> The effective value is radius authorization server IP. < uint > The effective value is uint. This example configures the radius authorization IP and the radius server timeout: XorPlus# set system aaa radius authorization server-ip timeout 5 system aaa tacacs-plus accounting User can enable/disable the tacacs+ accounting or delete it. set system aaa tacacs-plus accounting < bool> delete system aaa tacacs-plus accounting < bool>the effective value is true/false.when the value is true,enable tacacs+ accounting.when the value is false,disable tacacs+ accounting. This example enables the tacacs+ accounting: XorPlus# set system aaa tacacs-plus accounting true 269

270 system aaa tacacs-plus authorization User can enable/disable the tacacs+ authorization or delete it. set system aaa tacacs-plus authorization < bool> delete system aaa tacacs-plus authorization < bool> The effective value is true/false.when the value is true,the tacacs+ authorization enable.when the value is false, the tacacs+ authorization disable. This example configures enable tacacs+ authentication: XorPlus# set system aaa tacacs-plus authorization true system aaa tacacs-plus auth-type User can configure tacacs+ authentication type or delete it. set system aaa tacacs-plus auth-type < type> delete system aaa tacacs-plus auth-type < type> Configure tacacs+ authentication type as ascii,chap or pap. Required select include: ascii ascii authentication type chap chap authentication type pap pap authentication type This example configures ascii authentication type as ascii authentication type: XorPlus# set system aaa tacacs-plus auth-type ascii system aaa tacacs-plus disable User can enable/disable the tacacs+ or delete the acacs+. set system aaa tacacs-plus disable < bool> delete system aaa tacacs-plus disable 270

271 < bool> The effective value is true/false.when the value is true,disable tacacs+.when the value is false,enable tacacs+. This example enables the tacacs+: XorPlus# set system aaa tacacs-plus disable false system aaa tacacs-plus key User can configure the tacacs+ server key or delete it. set system aaa tacacs-plus key < text> delete system aaa tacacs-plus key < text> The effective value is text.the value is the tacacs+ server shared key. This example configures the tacacs+ key as pica8: XorPlus# set system aaa tacacs-plus key pica8 system aaa tacacs-plus port-number User can configure the tacacs+ server port number or delete it. set system aaa tacacs-plus port-number < uint> delete system aaa tacacs-plus port-number < uint> The effective value is uint.the value is the tacacs+ server port number. This example configures the tacacs+ port number: XorPlus# set system aaa tacacs-plus port-number 3 system aaa tacacs-plus server-ip User can configure the tacacs+ server ip address or delete it. 271

272 set system aaa tacacs-plus server-ip < IPV4> delete system aaa tacacs-plus server-ip < IPV4> < IPV4> The effective value is the tacacs+ server ip address. This example configures the tacacs+ server ip address as : XorPlus# set system aaa tacacs-plus server-ip system hostname User can configure the system's network name. set system hostname < text> delete system hostname < text> The effective value type is text,max length is 63. This example configures the system's network name as bozo: XorPlus# set system hostname bozo system inband enable User can allow/not allow the inband service or delete it. set system inband enable < bool> delete system inband enable < bool> The effective value is true/false.when the value is true,the inband service is enable.when the value is false,the inband service is disable. This example allows the inband service: XorPlus# set system inband enable true 272

273 system login-acl network User can configure the ACL to control whether remote hosts within specified subnetworks are allowed to log in the system.user can set ipv4-address/netmask or ipv6-address/netmask,or configure remote hosts from both subnetworks log in,also,the user can delete them. set system login-acl network < IPV4Net> set system login-acl network < IPV6Net> delete system login-acl network < IPV4Net> delete system login-acl network < IPV6Net> < IPV4Net> It stands ipv4 address and netmask. < IPV6Net> It stands ipv6 address and netmask. This example configures the login ACL attributes is ipv4-address and netmask: XorPlus# set system login-acl network /24 This example configures the login ACL attributes is ipv6-address and netmask: XorPlus# set system login-acl network 2001:1:1:1::/64 system login announcement User can configure a system announcement message(displayed after login). set system login announcement < text> delete system login announcement < text> VLAN tag identifier, the effective value type is text. This example configures the system announcement message after login: XorPlus# set system login announcement "welcome the switch-1101" system login user User can configure a user account or delete it. 273

274 set system login user < text> delete system login user < text> < text> The effective value type is text. This example configures the user account as bozo: XorPlus# set system login user bozo system login user <text> authentication plain-text-password User can configure create a user account and password or delete them. set system login user < text> authentication plain-text-password < text> delete system login user < text> authentication plain-text-password < text> The effective value type is text. This example configures create a user account and password: XorPlus# set system login user bozo authentication plain-text-password pica8 system login user <text> class User can configure a user permission or delete it,the newly created user account, by default, is read-only. set system login user < text> class < limit> delete system login user < text> class < text> The effective value type is text. < limit> Configure the permission as read-only or super-user. Required select include: read-only permissions[view] super-user permission[all] Default value: read-only 274

275 This example configures a super-user user account: XorPlus# set system login user bozo class super-user system login user admin authentication plain-text-password User can configure a password for the user admin or delete it. set system login user admin authentication plain-text-password < text> delete system login user admin authentication plain-text-password < text> The effective value type is text. This example configures create a password for the user admin: XorPlus# set system login user admin authentication plain-text-password pica8 system login user admin class User can configure the user admin is a read-only account.the newly created user account, by default, is read-only. set system login user admin class <limit> delete system login user admin class < limit> Configure the permission as read-only or super-user. Required select include: read-only permissions[view] super-user permission[all] Default value: read-only This example configures the user admin as super-user: XorPlus# set system login user admin class super-user system ntp-server-ip User can configure the NTP server IP address or delete it. The L2/L3 switch synchronizes with the NTP server only when the configuration commands are committed using the commit command. 275

276 set system ntp-server-ip < IPV4> delete system ntp-server-ip < IPV4> < IPV4> It refer to ipv4 address. This example change the NTP server's IP address: XorPlus# set system ntp-server-ip system remote-config allow-client User can remote configure client IPV4 address and netmask or delete it. set system remote-config allow-client < IPV4Net> delete system remote-config allow-client < IPV4Net> < IPV4Net> It stands ipv4 address and netwask. This example remote configures client IPV4 address and netmask as /24: XorPlus# set system remote-config allow-client /24 system services ssh connection-limit User can configure the SSH connection limit or delete it. set system services ssh connection-limit < int> delete system services ssh connection-limit < int>it is the maximum number of allowed connections,the valid number range This example configures the SSH maximum number of connections as 5: XorPlus# set system services ssh connection-limit 5 276

277 system services ssh disable User can configure the permission of the SSH login or delete the permission. set system services ssh disable < bool> delete system services ssh disable < bool>the effective value is true/false,when the value is true,it refers to disable SSH login;when the value is false,it refers to enable SSH login. This example configures SSH login as permission: XorPlus# set system services ssh disable false system services ssh protocol-version v2 It refer to which specify ssh protocol version is supported.user can configure it or delete it. set system services ssh protocol-version v2 delete system services ssh protocol-version This example sets the specify ssh protocol versions supported to v2: XorPlus# set system services ssh protocol-version v2 system services ssh rate-limit User can configure the maximum number of connections per minute or delete the configuration. set system services ssh rate-limit < int> delete system services ssh rate-limit < int>the effective value type is int, the valid number range This example sets the maximum number of connections per minute to 2: XorPlus# set system services ssh rate-limit 2 277

278 system services ssh root-login User can configure allow or deny root access via ssh or delete the limits of authority. set system services ssh root-login < limit> delete system services ssh root-login < limit> Configure allow or deny root access via ssh. Required select include: allow allow root access via ssh deny do not allow root access via ssh This example allow the root access via ssh: XorPlus# set system services ssh root-login allow system services telnet connection-limit User can configure the maximum number of allowed connections or delete the configuration. set system services telnet connection-limit < int> delete system services telnet connection-limit < int>it is the maximum number of allowed connections,the valid number range This example sets the maxmum number of allowed connections to 100: XorPlus# set system services telnet connection-limit 100 system services telnet disable User can configure to disable or enable telnet login or delete the configuration. set system services telnet disable < bool> delete system services telnet disable < bool>the effective value is true/false,when the value is true,it refers to disable telnet login;when the value is false,it refers to enable telnet login. This example configures to enable telnet login: 278

279 XorPlus# set system services telnet disable false system services telnet rate-limit User can configure the maximum number of connections per minute or delete it. set system services telnet rate-limit < int> delete system services telnet rate-limit < int>the effective value type is int, the valid number range This example sets the maximum number of connections per minute to 2: XorPlus# set system services telnet rate-limit 2 system snmp-acl network By default, all hosts allow snmp walk the information of the switch. User can configure an SNMP ACL to control which hosts within the subnetwork enable snmp walk the switch or delete the configuration. set system snmp-acl network < IPV4Net> delete system snmp-acl network < IPV4Net> < IPV4Net> it stands ipv4 address and netmask. This example configures the network /24 which enable snmp walk the switch: XorPlus# set system snmp-acl network /24 system syslog host User can configure the syslog host ip address or delete the configuration. After you configure the syslog server IP address, the log files will be sent to the syslog server. set system syslog host < IPV4> delete system syslog host < IPV4> it stands ipv4 address. 279

280 This example sets the syslog host ip address to : XorPlus# set system host system syslog local-file User can configure the system logging local output location the syslog messages can be stored in RAM or in a local SD card. And the user can delete the configuration. set system syslog local-file < log-storage> delete system syslog local-file < log-storage> Configure the place of the log storage.required select include: disk log storage in disk ram log storage in ram This example sets the log storage as disk: XorPlus# set system syslog local-file disk system syslog port-number User can configure the syslog host port number or delete the configuration. set system syslog port-number < uint> delete system syslog port-number < uint>the effective value type is uint,it refer to the syslog host port number. This example sets the syslog host port number to 2: XorPlus# set system syslog port-number 2 system syslog port-protocol User can configure the syslog host port trandport protocol.the protocol can be tcp or udp.and user can delete the configuration. 280

281 set system syslog port-protocol < trans-protocol> delete system syslog port-protocol < trans-protocol> Configure trandport protocol.required select include: tcp tcp syslog transmission udp udp syslog transmission This example sets the syslog host trandport protocol as tcp: XorPlus# set system syslog port-protocol tcp system timezone User can configure local time zone or delete it. set system syslog timezone <time-zone> delete system syslog timezone < time-zone>the effective value is a time zone. This example sets local time zone to Shanghai: XorPlus# set system timezone Asia/Shanghai 281