Manual Switch LightBolt
Manual Switch LightBolt
Manual Switch LightBolt
INDEX
1 INTRODUCTION ........................................................................................................................................ 6
1.1 FRONT PANEL ............................................................................................................................... 9
1.2 REAR PANEL............................................................................................................................... 10
2 SPECIFICATION ...................................................................................................................................... 11
2.1 SYSTEM DEFAULTS .................................................................................................................... 11
3 CONFIGURATION ................................................................................................................................... 12
3.1 COMMAND LINE INTERFACE....................................................................................................... 12
3.2 CONVENTIONS USED IN THIS GUIDE ........................................................................................... 12
3.3 COMMAND LINE INTERFACE PRIMER.......................................................................................... 12
3.4 MODES COMMON TO PROTOCOLS .............................................................................................. 14
3.5 COMMAND NEGATION ................................................................................................................ 15
3.6 FORMAT USED FOR COMMAND DESCRIPTION ............................................................................. 15
3.7 INITIAL CONFIGURATION ............................................................................................................ 15
3.8 CONNECTING TO THE SWITCH ..................................................................................................... 16
3.9 CONFIGURING THE SWITCH ........................................................................................................ 17
3.10 MANAGING FILE SYSTEM ........................................................................................................... 26
3.11 CONFIGURING SYSTEM LOGS..................................................................................................... 28
3.12 CONFIGURING YOUR CONSOLE PORT........................................................................................... 29
3.13 CONFIGURING REMOTE OR LOCAL LOGON AUTHENTICATION ................................................... 31
3.14 CONFIGURING SNMP ................................................................................................................. 34
3.15 PORT CONFIGURATION ............................................................................................................... 35
3.16 CONFIGURING IP ADDRESSES ON SWITCHED VIRTUAL INTERFACES SVI´S ................................ 36
3.17 MAC ADDRESS TABLE............................................................................................................... 37
3.18 ACCESS LIST .............................................................................................................................. 38
3.19 DENIAL OF SERVICE ATTACK PREVENTION (DOS PREVENTION) ................................................. 42
3.20 SPANNING TREE PROTOCOLS...................................................................................................... 45
3.21 LINK AGREGATION CONTROL PROTOCOL COMMANDS SET. ....................................................... 69
Safety
When installing, operating and maintaining this equipment, basic safety precautions should always be
followed. No adjustment, repair or maintenance should be performed by the operator or user. Only
qualified person or authorized services are allowed to repair or make adjustments to this equipment.
Optical Device
Since this product has an optical device, the following security warnings should be followed:
• Never look directly into the optical transmission interface, aligning your
eye with theoptical device. Doing so, user could expose your eye to a
concentrated beam of optical radiation.
• Do not attempt to adjust the optical device, intending to amplify or
attenuate theoptical signal.
Internal Voltage
As the serial inputs and outputs of this equipment operate with voltages lower
than the 5 volt threshold, it cannot harm the user when handling the equipment.
However, overvoltages coming from the Telecommunication Network could be
present, mainly if the equipment is not properly installed.
Electrostatic Discharge
This product (chassis and printed circuit boards) can be handled by the user, not
presenting any problems concerning electrical discharge. However, it is
recommended user to follow ANSI IPC-A-610 standard for electrical discharge
(ESD) and use a wrist strap when removing or inserting any card into the
equipment.
The information contained in this guide is AsGa’s property, and it is not authorized to publish,
reproduce or to make any other use without written permission of AsGa.
AsGa reserves the right to make changes to this guide without notice.
5
AsGa LightB
LightBolt 10GigE Switch
User Guide Introduction
1 INTRODUCTION
Over the past several years, Ethernet has been the most popular choice of technology for
local area networks (LAN). There are millions of Ethernet users worldwide and still counting growing.
In 1998, the standard for 1-Gigabit Ethernet was released. Today 1-Gigabit Ethernet dominate the
LAN markets.
As the demand for high-speed networks continues to grow, the need for a faster Ethernet
technology became a need. By March 1999, a working group was formed at IEEE 802.3 Higher
Speed Study Group (HSSG) to develop a standard for 10-Gigabit Ethernet, today 10GigE is a reality.
10-Gigabit Ethernet is basically the faster-speed version of Ethernet. It will support the data rate of 10
Gb/s. It offers similar benefits to those of the preceding Ethernet standard.
The potential of 10-Gigabit Ethernet to solve the actual and future network bottlenecks are
enormous.
There are broad groups of users who demand 10-Gigabit Ethernet; for example, enterprise
users, universities, telecommunication carriers, and Internet service providers, but in a last instance;
users and their application will be pushing up this new generation of equipments and its use.
One of the main benefits of 10-Gigabit standard is that it offers a low-cost solution to solve the
current and future demands for bandwidth. Not only the cost of installation is low, but the cost of
network maintenance and management is minimal as well. Management and maintenance for 10-
Gigabit Ethernet may be done by local network administrators as it is done actually for 1GigE
networks.
In addition to the cost reduction benefit, 10-Gigabit Ethernet may allow faster switching. Since
10-Gigabit Ethernet uses the same Ethernet format, it allows seamless integration of LAN, MAN, and
WAN. There is no need for packet fragmentation, reassembling, or address translation 10-Gigabit
Ethernet also offers straightforward scalability (10/100/1000/10000 Mb/s).
Upgrading to 10-Gigabit Ethernet is simple since the upgrade paths are similar to those of 1-
Gigabit Ethernet.
AsGa LightBOLT 10GigE switches offer a seamless path migration to your 10Gig solution,
integrating in just one rack unit 24 1GigE electrical ports (two optical 1GigE combo port available) plus
four 10GigE ports with an unparallel switching capacity: less than 3 microsecond switching time at
full load. In addition to many other capabilities, all switching/routing decisions are solved by hardware,
all Access Control List (ACL´s) are also solved in hardware off loading all host CPU processing time
related with those and many other tasks.
LightBotl 28322-E
• 24 Ports 10/100/1000. Electrical ports. Two Combo ports Electrical/Optical (base on SFP
technology).
• 4 ports 10GE (Two XSFP based plus two 10Gig electrical port XC4 compatible).
• 1 Rack Unit.
• 8K MAC Table.
• 4K L3 IPV4 Table.
LightBotl 28522-E
• 24 Ports 10/100/1000. Electrical Ports. Two Combo ports Electrical/Optical (base on SFP
technology).
• 4 ports 10GE (Two XSFP based plus two 10Gig electrical port XC4 compatible).
• 1 Rack Unit.
• 16K MAC Table.
• 8K L3 IPV4 Table.
6
AsGa LightB
LightBolt 10GigE Switch
User Guide Introduction
LightBotl 28322-O
• 24 Ports 10/100/1000. Optical ports (base on SFP technology).Two Combo ports
Electrical/Optical.
• 4 ports 10GE (Two XSFP based plus two 10Gig electrical port XC4 compatible).
• 1 Rack Unit.
• 8K MAC Table.
• 2K L3 IPV4 Table.
LightBotl 28522-O
• 24 Ports 10/100/1000. Optical ports (base on SFP technology).Two Combo ports
Electrical/Optical
• 4 ports 10GE (Two XSFP based plus two 10Gig electrical port XC4 compatible).
• 1 Rack Unit.
• 16K MAC Table.
• 8K L3 IPV4 Table.
LightBotl 28304-E
• 24 Ports 10/100/1000. Electrical Ports. Two Combo ports Electrical/Optical (base on SFP
technology).
• 4 ports 10GE (Four 10Gig electrical port XC4 compatible).
• 1 Rack Unit.
• 8K MAC Table.
• 2K L3 IPV4 Table.
LightBotl 28504-E
• 24 Ports 10/100/1000. Electrical Ports. Two Combo ports Electrical/Optical (base on SFP
technology).
• 4 ports 10GE (Four 10Gig electrical port XC4 compatible).
• 1 Rack Unit.
• 16K MAC Table.
• 8K L3 IPV4 Table.
LightBotl 28304-O
• 24 Ports 10/100/1000. Optical ports (base on SFP technology).Two Combo ports
Electrical/Optical.
• 4 ports 10GE (Four 10Gig electrical port XC4 compatible).
• 1 Rack Unit.
• 8K MAC Table.
• 2K L3 IPV4 Table.
LightBotl 28504-O
• 24 Ports 10/100/1000. Optical ports (base on SFP technology).Two Combo ports
Electrical/Optical.
• 4 ports 10GE (Four 10Gig electrical port XC4 compatible).
• 1 Rack Unit.
• 16K MAC Table.
• 8K L3 IPV4 Table.
LightBotl 28340-O
• 24 Ports 10/100/1000. Optical ports (base on SFP technology).Two Combo ports
Electrical/Optical.
• 4 ports 10GE (Four XSFP based).
• 1 Rack Unit.
• 8K MAC Table.
• 2K L3 IPV4 Table.
7
AsGa LightB
LightBolt 10GigE Switch
User Guide Introduction
LightBotl 28540-O
• 24 Ports 10/100/1000. Optical ports (base on SFP technology).Two Combo ports
Electrical/Optical.
• 4 ports 10GE (Four XSFP based).
• 1 Rack Unit.
• 16K MAC Table.
• 8K L3 IPV4 Table.
With LightBOLT switches, AsGa introduce AsGOS a compressive CLI (Command Line Interface)
industry standard configuration. AsGOS come in the following packages:
8
AsGa LightB
LightBolt 10GigE Switch
User Guide Introduction
Configuration Backup and restore: You can save the current configuration settings to a
file on a TFTP server, and later download this file to restore the switch configuration
settings.
Image Backup and restore: You can save or restore the image files on a TFTP
server, and later download or restore it to the switch
Authentication – This switch authenticates management access via the console port,
Telnet. User names and passwords can be configured locally or can be verified via a
remote authentication server RADIUS. Other authentication options include SSH for
secure management access over a Telnet-equivalent connection, IP address filtering
for SNMP/Telnet management.
• Full L3 protocol Support (*). When loaded with this feature set software. In addition to the
before mentioned L2 characteristics the LightBOLT family of switches Full Layer 3 support.
• AsGOS MC Extension (*): Full Layer 2; little Layer 3 package specifically adapted for provide
full management support to AsGa 1GigE Media Converters directly attached to Optical
LightBOLT Family of switches.
The following lines detail basic CLI standard commands available at the current AsGOS L2
version; for more complete information about all command available please refer to the alphabetic
command index.
Position Designation
RJ45 connector for combo port Electrical 10/ 100/ 1000Mbps and indicative Led of activity
[1]
in the port (ports 1 – 24).
[2] SFP connector for combo port Optical.
[3] Microgiga connector for ports 10GE.
[4] Indicative Led for Ethernet link (LINK 1 - 4).
[5] Indicative Led of activity in the port 10GE (ACT 1 - 4).
[6] Indicative Led for activated Switch (PWR).
9
AsGa LightB
LightBolt 10GigE Switch
User Guide Introduction
1.2 Rear Panel
The figure 1-2 displays the back view of Switch LightBolt.
Position Designation
[7] RJ45 connector for notebook connection.
[8] DB9 connector for notebook connection.
[9] Backup connectors for power supply input (AC / DC).
[10] Main connectors for power supply input (AC / DC).
1.4 CONSUMPTION
LightBolt10GigE switch total consumption is 96W (2A).
1.5 DIMENSIONS
• Height: 44,45mm (1U)
• Width: 482,6 mm (19”)
• Depth: 367 mm
10
AsGa LightB
LightBolt 10GigE Switch
User Guide Specification
2 SPECIFICATION
2.1 System Defaults
The switch’s system defaults are provided in the configuration file
“Factory_Default_Config.cfg.” To reset the switch defaults, this file should be set as the startup
configuration file. The following table lists some of the basic system default.
FUNCTION PARAMETER DEFAULT
Baud Rate 9600 bps
Data Bit 8
CONSOLE PORT CONNECTION Stop Bit 1
Parity N
Console time out Disable 0
User Name: none
Normal Exec
Password: none
Configuration Level Password: none
AUTHENTICATION
RADIUS Disable
SSH V2.0 Disable
Telnet port 23 Disable
SNMP V1; V2; V3 Disable
RO
SNMP
Communities R/WR
Trap
Admin Status Enable
Auto negotiation Enable
Flow Control Disable
10 Mbps Half Duplex
10 Mbps Full Duplex
100 Mbps Half Duplex
GiGE (Electrical) Port Capabilities
PORT CONFIGURATION 100 Mbps Full Duplex
1000 Mbps Full Duplex
Flow Control Disable
Xe (10GigE) Optical Port 10 GigE Full Duplex. Fixed.
Capabilities Flow Control Disable.
Xe (10GigE) XAUI Port 10 GigE Full Duplex. Fixed.
Capabilities Physical: CX4
RATE LIMITING In/Out Disable
BROADCAST STORM
In Disable
SUPPRESSION
MULTICAST LIMIT
In Disable
SUPPRESSION
Mode 802.1D Classic Spanning Tree
SPANNING TREE PROTOCOL
Port Fast Disable
ADDRESS MAC TABLE Aging Time 300 seconds
Default VLAN 1
Port vlan Mode: PVID 1
VIRTUAL LANs VLANs
Frames Acceptable Untagged
Switch Port Mode Access
IP address 0.0.0.0
MANAGEMENT IP SETTINGS Mask 255.0.0.0
Default gateway 0.0.0.0
first-fragment-ip-packets Enable
icmp-attack-check Enable
minimun-icmp-packet-over-size 512
minimun-tcp-header-allowed 20
DENIED OF SERVICES
sip-dip-protection Enable
tcp-fragment-attack Enable
tcp-on-invalid-flags Enable
tcp-udp-sp-equal-dp Eanble
SYSTEM LOG Status Disable
11
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3 CONFIGURATION
3.1 Command Line Interface
This Guide attempts to make configuration simpler as possible; displaying all AsGOS
command lines necessaries to configure LightBOLT series switches. It covers basic configurations for
Basic Access and all Networking Services provided by the platform.
Note: Unless otherwise stated, press Enter after each command entry.
12
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.3.1 Command Line Help
The AsGOS CLI contains a text-based help facility. Access this help by typing in the full or
partial command string then typing “?”. The AsGOS CLI displays the command keywords or
parameters plus a short description.
Note: Some of our command examples showed here are base on features that will be released. All of
them must be taken as typographic examples only.
For example, at the CLI command prompt, type “show ?” (the CLI does not display the question
mark). The CLI displays this keyword list with short descriptions for each keyword:
bgpd# show
debugging Debugging functions (see also 'undebug')
history Display the session command history
ip IP information
memory Memory statistics
route-map route-map information
running-config running configuration
startup-config Contents of startup configuration
version Displays AsGOS version
AsGOS> sh
Press TAB. The CLI shows:
AsGOS> show
If the command or parameter partial spelling is ambiguous, the AsGOS CLI displays the
choices that match the abbreviation. Type show i. Press TAB. The CLI shows:
AsGOS> show i
interface ip
AsGOS> show i
The interface displays the interface and ip keywords. Type “n” to select interface and press
TAB. The CLI shows:
AsGOS> show in
AsGOS> show interface
Type ? and the CLI shows the list of parameters for the show interface command.
This command has but one positional parameter, an interface name. Supply a value for the
IFNAME parameter.
13
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.3.3 Command Abbreviations
The AsGOS CLI accepts abbreviations for commands. For example:
sh in Ge7
% Unknown command.
% Command incomplete.
Some commands are too long for the display line and can wrap in mid-parameter or mid-keyword if
necessary.
Privileged Exec: This mode, also called the Enable mode, allows users to perform debugging
commands, the write commands (for saving and viewing the configuration), show commands, and so
on.
Configure: Sometimes referred to as Configure Terminal, this mode serves as a gateway into the
Interface, AsGOS, Line, Route Map, Key Chain and Address Family modes.
Interface: This mode (or context) is used to configure protocol-specific settings for a particular
interface.
14
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.5 Command Negation
Some commands can be negated by using a no keyword. Depending on the command or
the parameters, command negation can mean the disabling of one entire feature for the
AsGOS/switch or the disabling of that feature for a specific ID, interface or address.
In the following example, negation is for the base command only. The negated form does
not take any parameter.
default-metric <1-16777214>
no default-metric
Command name
Description of the command. What the command does and when should it be used.
Command Syntax
Sample command name mandatory-parameters (OPTIONAL-PARAMETERS)
Default
The status of the command before it is executed. Is it enabled or disabled by default.
Command Mode
Name of the command mode in which this command is to be used. Such as, Exec, Privilege Exec,
Configure mode and so on.
Usage
This section is optional. It describes the the usage of a specific command and the interactions
between parameters. It also includes appropriate sample outputs for show commands.
Example
Used if needed to show the complexities of the command syntax.
Related Commands
This section is optional and lists those commands that are of immediate importance.
Equivalent Commands
This section is optional and lists commands that accomplish the same function.
Validation Commands
This section is optional and lists commands that can be used to validate the effects of other
commands.
15
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
you need to configure an IP management address. The IP address for this switch is unassigned by
default. To change this address, see “Setting Management IP address” on page 25.
The switch, CLI interface configuration program agent allows you to perform the following
management functions:
• Select the appropriate serial port (COM port 1 or COM port 2).
• Set the profile to the default switch profile.
• Once you have set up the terminal correctly, the console login screen will be displayed.
• Refer to “Line Commands” for a complete description of console configuration options.
16
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
COMMAND DESCRIPTION
SSH Service:
COMMAND DESCRIPTION
To enter in configuration mode ingress the enable
AsGa> enable
command and press enter.
AsGa# service ssh (enable | disable) Enable or Disable the SSH Service
AsGa# wr Save the current configuration
As well to gain access to onboard management agent via a network connection, you must first
configure it with a valid IP address, subnet mask, and route (when it is needed) using a console
connection. The IP address for this switch is unassigned by default; see “Setting Management IP
address” on page 25.
This switch supports five simultaneous Telnet sessions. After configuring the switch’s IP
parameters, you can access the onboard configuration program from anywhere within the attached
network. The onboard configuration program can be accessed using Telnet (port 23 by default) or
SSH from any computer attached to the network.
COMMAND DESCRIPTION
AsGa> Default hostname and prompt will be displayed
To enter in configuration mode ingress the enable command and
AsGa> Enable
press enter.
AsGa# Now you are into configuration mode or privileged mode.
If you have configured a user name and password you will be prompted:
COMMAND DESCRIPTION
After connect your terminal you will be prompted for a user name
and password.
User name: Enter your configured User name.
Password: Enter Your Configured Pass.
AsGa> Default hostname and password.
AsGa> enable Now you can issue the command enable.
AsGa# The prompt will change to “#”. Now you are into the privileged
mode or configuration mode.
17
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.9.2 Displaying system configuration
In order to verify your current configuration you need to type the command “show
running” under the privileged Exec level (enable mode). This command displays your
configuration stored into NVRAM and actually running on your system. A typical view of this command
can be summarized:
AsGa#sh run
!
no service password-encryption
!
hostname AsGa
!
spanning-tree mst config
bridge instance 1 vlan 100
bridge instance 1 vlan 300
bridge instance 2 vlan 20
bridge region test
!
maximum-paths 8
bridge protocol mstp
bridge acquire
vlan classifier rule 1 ipv4 40.40.40.40/24 vlan 300
vlan classifier rule 2 mac 00.0c4.012 vlan 300
vlan classifier rule 3 proto 8192 encap ethv2 vlan 300
vlan classifier group 1 add rule 1
vlan classifier group 1 add rule 2
vlan classifier group 1 add rule 3
bridge spanning-tree errdisable-timeout interval 1
bridge cisco-interoperability enable
!
vlan database
vlan 20 bridge name TEST2
vlan 20 bridge state enable
vlan 100 bridge name TEST
vlan 100 bridge state enable
vlan 300 bridge name TEST3
vlan 300 bridge state enable
vlan 4094 bridge name DEFAULT-VLAN
vlan 4094 bridge state enable
!
interface ge1
switchport
switchport mode access
switchport access vlan 100
flowcontrol send on
flowcontrol receive on
bridge-group instance 1
spanning-tree portfast
!
interface ge2
switchport
bridge-group
switchport mode access
switchport access vlan 20
bridge-group instance 2
spanning-tree portfast
18
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
!
interface ge3
switchport
switchport mode access
switchport access vlan 100
bridge-group instance 1
spanning-tree portfast
!
interface ge4
switchport
switchport mode access
vlan classifier activate 1
bridge-group instance 1
!
interface ge5
!
interface ge6
!
interface ge7
!
interface ge8
!
interface ge9
!
interface ge10
!
interface ge11
switchport
switchport mode access
!
interface ge12
switchport
switchport mode trunk
switchport mode trunk ingress-filter enable
switchport trunk allowed vlan add 300
bridge-group instance 1
bridge-group instance 2
!
interface ge13
!
interface ge14
!
interface ge15
!
interface ge16
!
interface ge17
!
interface ge18
!
interface ge19
!
interface ge20
switchport
switchport mode access
switchport mode access ingress-filter enable
switchport access vlan 300
flowcontrol send on
19
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
flowcontrol receive on
bridge-group instance 1
spanning-tree portfast
!
interface ge21
switchport
switchport mode access
switchport access vlan 300
spanning-tree portfast
!
interface ge22
!
interface ge23
switchport
switchport mode trunk
switchport mode trunk ingress-filter enable
switchport trunk allowed vlan add 20
switchport trunk allowed vlan add 100
switchport trunk allowed vlan add 300
switchport trunk allowed vlan add 4094
switchport trunk native vlan 4094
bridge-group instance 1
bridge-group instance 2
!
interface ge24
switchport
switchport mode trunk
switchport mode trunk ingress-filter enable
switchport trunk allowed vlan add 20
switchport trunk allowed vlan add 100
switchport trunk allowed vlan add 300
switchport trunk allowed vlan add 4094
bridge-group instance 1
bridge-group instance 2
!
interface lo
mtu 1500
ip address 127.0.0.1/8
ip address 30.30.30.30/24 secondary
!
interface vlan1.1
!
interface vlan1.20
!
interface vlan1.100
ip address 10.10.10.10/24
!
interface vlan1.300
!
interface vlan1.4094
!
line con 0
exec-timeout 0 0
login
line vty 0 4
exec-timeout 0 0
login local
!
20
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
end
AsGa#
The command “show inventory” shows all basic system information including MAC base
system address; software and hardware versions; manufacturing data; etc. A typical view of this
command is:
vlan-id ID: of the configured VLAN. Valid IDs are from 1 to 4095. Do not enter leading zeros.
Name: vlan-name (Optional): Specify the VLAN name, an ASCII string from 1 to 32
characters.
State: {suspend | active} (Optional) Specify the VLAN state:
• If active, the VLAN is operational.
21
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
• If suspend, the VLAN is suspended. Suspended VLANs do not traffic
packets.
COMMAND DESCRIPTION
AsGOS (config)# vlan database Enter the VLAN configuration mode.
Enable VLAN number 5. Specifying the enable
AsGOS (config-vlan)# vlan 5 state enable state allows forwarding of frames on this VLAN-
aware bridge.
AsGOS (config-vlan)# exit Exit the VLAN configuration mode and enter
Configuration mode.
Note: By default all ports are switched (no routed) access ports with the default per port VLAN ID
(PVID) equal to one (PVID=1). By default the system run classical STP on all those access port.
Use the switchport interface configuration command with no keywords to put an interface
that is in Layer 3 mode into Layer 2 mode for Layer 2 configuration. Use the no statement of this
command to put an interface in Layer 3 mode.
switchport
no switchport
Use the no switchport command (without parameters) to set the interface to the routed-
interface status and to erase all Layer 2 configurations. You must use this command before assigning
an IP address to a routed port.
COMMAND DESCRIPTION
AsGa>config t Enter into configuration mode.
AsGa#interface ge1 Enter into interface ge1 configuration mode.
AsGa(interface)# Now you are into the interface configuration mode.
AsGa(interface)# swtchport Put the interface into the default switchport mode.
AsGa(interface)#end Exit from interface configuration mode.
AsGa# wr Save the configuration.
COMMAND DESCRIPTION
AsGa>config t Enter into configuration mode
AsGa#interface ge1 Enter into interface ge1 configuration mode.
AsGa(interface)# Now you are into the interface configuration mode.
AsGa(interface)# NO swtchport Put the interface into the routed port mode, ready to
accept an IP address.
AsGa(interface)#end Exit from interface configuration mode.
AsGa# wr Save the configuration.
22
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.9.6 Switchport Mode
When the switch receives a frame, it classifies the frame in one of two ways. If the frame is
untagged, the switch assigns the frame to an associated VLAN (based on the default VLAN ID of the
receiving port). But if the frame is tagged the switch use the Taggued VLAN ID to identify the port
broadcast domain for the frame.
In order to identify the ports on wich the frame must be sent first at all you need to define the
switch port mode of a port.
Ports can be 3 types:
• Access Ports.
• Trunk Ports.
• Hibrid ports.
Use the switchport mode interface configuration command to configure the mode of a port. Use
the <no> statement of this command to reset the mode to the appropriate default for the device.
Access: Set the port to access mode. The port is set to access unconditionally and operates as a
nontrunking, single VLAN interface that sends and receives nonencapsulated (non-tagged) frames.
An access port can be assigned to only one VLAN.
Trunk: Set the port to trunk unconditionally. The port is a trunking VLAN Layer-2 interface. The port
sends and receives encapsulated (tagged) frames that identify the VLAN of origination. A trunk is a
point-to-point link between two switches or between a switch and a router.
Hibrid: This mode set the trunk in an hybrid mode wich means that the port acting as a trunk has a
default VLAN for all those packets that arrive at the port untagged. Under this mode the user must
specify the untagged VLAN for all those arriving non tagged packets. Packet going outward for the
specified VLAN ID will go from this trunk in an untagged form.
COMMAND DESCRIPTION
AsGa>config t Enter in configuration mode.
AsGa#interface ge1 Enter in interface ge1 configuration mode.
AsGa(interface)# Now you are into the interface configuration mode.
AsGa(interface)# swtchport mode access Put the interface in the accces switch port mode.
AsGa(interface)#end Exit from interface configuration mode.
AsGa# wr Save the configuration.
COMMAND DESCRIPTION
AsGa>config t Enter in configuration mode.
AsGa#interface ge1 Enter in interface ge1 configuration mode.
AsGa(interface)# Now you are into the interface configuration mode.
AsGa(interface)# swtchport mode trunk Put the interface in the trunk switch port mode.
AsGa(interface)#end Exit from interface configuration mode.
AsGa# wr Save the configuration.
23
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.9.7 Assigning a VLAN to an Access port
Use the “switchport access” interface configuration command to configure a port as a VLAN
assigned static-access port. If the mode is set to access, the port operates as a member of the
configured VLAN.
COMMAND DESCRIPTION
AsGa>config t Enter in configuration mode.
AsGa#interface ge1 Enter in interface ge1 configuration mode.
AsGa(interface)# Now you are in the interface configuration mode.
AsGa(interface)# swtchport access vlan 300 Assign Pert Port VLAN ID to an access port.
AsGa(interface)#end Exit from interface configuration mode.
AsGa# wr Save the configuration.
AsGOS (config-if)# exit Exit the interface configuration mode and enter
configuration mode.
24
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
AsgOS#show vlan all
COMMAND DESCRIPTION
AsGa>config t Enter in configuration mode
Enter in interface vlan1.1 configuration mode.
AsGa#interface VLAN1.1 VLAN1.1 is the default switched virtual interface witch
represent the routed interface for the default VLAN 1
AsGa(interface)# Now you are in the interface configuration mode
AsGa(interface)#ipaddress x.x.x.x/y Enter the IP address
AsGa(interface)#end Exit from interface configuration mode
AsGa# wr Save the configuration
In Order to negate this IP address uses the <no> statement of this command. The example use
the SVI VLAN1.1 witch is created by default into the system. Remember that those SVI´s are created
by the system each time that you define a VLAN into the VLAN database. By default those SVI´s does
not contain any IP address.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode.
AsGOS(config)#hostname LighetBolt Specify your host name.
LightBolt (config)# Your host name will appear as a new prompt in your system.
Exit from configuration mode.
LightBolt# Write Save your changes into permanent memory.
25
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.10 Managing file System
• AsGos: Binary Files that contain all mayors control planes and switching/routing software. Naming
convention for this file is:
LightBolt-28322-E1-L2-AsGOS-1.0.0-RC4.bin
• System: Binary files that contain no switching / routing control planes software but have some
other software pices. Naming convention for this file is:
LightBolt-28322-E1-L2-System-1.0.0-RC2.bin
• Sanity: Binary files that contain sanity check code. Naming convention for this file is:
LightBolt-28322-E1-L2-Sanity-1.0.0-RC1.bin
In addition to this system file there are configuration files identified by the extension .CONF this
file type storage in a plain text format all configuration rules. There is no limit to the quantity of
configuration files sorted into your system. Just one will be active at time.
Another file type is the .LOG file this file type storage all system sanity test information under
this extension you can find a default file wich name is production.log this file storage all factory
sanity log, this file is a read only file and can not be deleted. The user can decide at startup time run a
new sanity test; its result will be storage under a new file name.
LighBOLT flash system has a flash memory capacity of 32 Mb. This memory can not be
formatted by the user. Use the dir command at privilege level to inspect your file system.
The following shows a typical file system:
AsGa-LAB-1#dir
3.8M Wed Jan 2 01:15:59 2002 LightBolt-28322-E1-L2-AsGOS-1.0.0-RC4.bin
3.8M Mon Jul 21 17:13:49 2036 LightBolt-28322-E1-L2-AsGOS-1.0.0---RC4.bin
1.4M Wed Jan 2 01:18:32 2002 LightBolt-28322-E1-L2-Sanity-1.0.0-RC1.bin
708.8k Mon Jul 21 17:16:06 2036 LightBolt-28322-E1-L2-System-1.0.0---RC4.bin
708.8k Wed Jan 2 01:16:49 2002 LightBolt-28322-E1-L2-System-1.0.0-RC2.bin
3.5k Thu Jul 24 10:59:22 2036 default.conf
0 Mon Jul 14 17:34:08 2036 julio
26
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
AsGa# copy <file name> <TFTP server address>
ASGA_1#sh boot
Config File:
Startup: AsGa-conf-1
Running: AsGa-conf-1
Last Modified: Mon Apr 7 12:56:13 2036
AsGOS Image:
Startup: LightBolt-28322-E1-L2-AsGOS-1.0.0-RC4.bin
Running: LightBolt-28322-E1-L2-AsGOS-1.0.0-RC4.bin
Last Modified: Thu Apr 3 08:34:12 2036
System Image:
Startup: LightBolt-28322-E1-L2-System-1.0.0-RC2.bin
Running: LightBolt-28322-E1-L2-System-1.0.0-RC2.bin
Last Modified: Tue Apr 1 08:45:23 2036
Sanity Image:
Startup: LightBolt-28322-E1-L2-Sanity-1.0.0-RC1.bin
Last Modified: Tue Apr 1 08:45:23 2036
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode.
AsGOS(config)# boot LightBolt-28322-E1-
Specify the booting AsGOS image file name.
L2-AsGOS-1.0.0-RC5.bin
AsGOS (config)# exit Exit from configuration mode.
LightBolt# Write Save your changes into permanent memory.
27
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
• Changing your config File
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode.
AsGOS(config)# boot config AsGa-conf-2 Specify the booting configuration file name.
AsGOS (config)# exit Exit from configuration mode.
LightBolt# Write Save your changes into permanent memory.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode.
AsGOS(config)# boot systemLightBolt-
Specify the booting system file name.
28322-E1-L2-System-1.0.0-RC3.bin
AsGOS (config)# exit Exit from configuration mode.
LightBolt# Write Save your changes into permanent memory.
Under those changes the show boot command will display the show boot command will display
the following changes:
ASGA_1#sh boot
Config File:
Startup: AsGa-conf-2
Running: AsGa-conf-2
Last Modified: Mon Apr 7 12:56:13 2036
AsGOS Image:
Startup: LightBolt-28322-E1-L2-AsGOS-1.0.0-RC5.bin
Running: LightBolt-28322-E1-L2-AsGOS-1.0.0-RC4.bin
Last Modified: Thu Apr 3 08:34:12 2036
System Image:
Startup: LightBolt-28322-E1-L2-System-1.0.0-RC3.bin
Running: LightBolt-28322-E1-L2-System-1.0.0-RC2.bin
Last Modified: Tue Apr 1 08:45:23 2036
Sanity Image:
Startup: LightBolt-28322-E1-L2-Sanity-1.0.0-RC1.bin
Last Modified: Tue Apr 1 08:45:23 2036
On next booting time the switch will load the new AsGOS; System and config files.
AsgOS(config)#log ?
file Logging to file
monitor Copy debug output to the current terminal line
stdout Logging goes to stdout
syslog Logging goes to syslog
trap Limit logging to specified level
28
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.11.1 System Log Configuration
Logging is enabled each time you specify a logging method. When logged it can send
messages to specific locations in addition to the console. Under privileged EXEC mode, use one or
more of the following commands to specify the locations that receive messages:
• Logging to a file:
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# log <file> Specify the logging file name.
AsGOS (config)# exit Exit from configuration mode.
LightBolt# Write Save your changes into permanent memory.
Your file will be stored in RAM; if you need save it you need to type issue the following command:
COMMAND DESCRIPTION
AsGOS# write log Write your log file into permanent memory.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# log syslog <IP address> Specify the logging server IP address.
AsGOS (config)# exit Exit from configuration mode.
LightBolt# Write Save your changes into permanent memory.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# log monitor Specify loggining method eq monitor
AsGOS (config)# exit Exit from configuration mode.
29
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Session-timeout: Sets the interval that the system waits until user input is detected. If user input is
not detected within the timeout interval, the current session is terminated.
Limits: Timeout in minutes <0-35791> - Timeout in seconds <0-2147483>.
Exec-timeout: Sets the interval that the system waits until user input is detected. If user input is not
detected within the timeout interval, the current
EXEC session is terminated. Limits: Timeout in minutes <0-35791> - Timeout in seconds <0-
2147483>.
Flowcontrol: Sets the current flow control mechanism; it can be set by hardware, software or no flow
control. Direction can be in; out or both. Default No flow control.
Start-character: Sets the current start character used when software flow control mechanism is
activate ( possible ASCII values are 1-255 )
Stop-character: Sets the current stop character used when software flow control mechanism is
activate ( possible ASCII values are 1-255 )
Width: Sets the current screen column width valid values are 0-60.
Length: Sets number of lines on a screen valid values are 0-512.
Privilege level Changes privilege level for line <1-15>.
Escape-character: Changes the current escape character possible values are ASCII from 1-255.
To configure any of those parameters you must issue the following commands. The table
shows just some of those commands.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# line console Enter in console configuration mode.
AsGOS (config)# speed
<(115200|57600|38400|19200|9600|4800|2400) Change the console speed.
AsGOS (config)# parity (none|even|odd|space|mark) Change the console parity.
AsGOS (config)# flowcontrol (none|software
(in|out)|hardware) Change the console flow control mode.
AsGOS (config)# databits <5-8> Change the console data bits.
AsGOS (config)# exec-timeout <0-35791> (<0-2147483>|) Change the Exec time out for a session
started from console.
AsGOS (config)# session-timeout <0-35791> (<0- Change the session time out for the
2147483>|) console.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# service SSH enable Enable SSH service.
AsGOS(config)# service telnet enable Enable Telnet Service.
30
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
• Disabling Telnet or SSH services:
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# service SSH disable Disable SSH service.
AsGOS(config)# service telnet disable Disable Telnet Service.
retransmit < RETRIES> The number of times a RADIUS request is re-sent to a server, if that
server is not responding or responding slowly. Enter a value in the
range 1 to 100.
timeout <SEC> (Optional) The time interval (in seconds) that the switch waits for the
RADIUS server to reply before retransmitting. This setting overrides
the global value of the radius-server If no timeout value is specified,
the global value is used. Enter a value in the range 1 to 1000.SEC.
auth-port < PORTNO> Specifies the UDP destination port for authentication requests port-
number (Optional) . If unspecified, the port number sets default to
1645.
This command specify the global key string used between the switch and the Radius Server.
31
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.13.2 Enabling a TACACs Server
In order to provide remote user and password authentification you need toconfigure a
TACACS server properly.
TACACS is a security application that provides centralized validation of users attempting to
gain access to a switch. In order to configure a TACACs client aply the following commands at
configuration prompt.
• Definig Users:
Localy defined User Accounts: Manually configure access rights on the switch for specific users.
RADIUS User accounts: Configure RADIUS user accounts fore remote authentication.
name Specify the user ID as one word. Spaces and quotation marks are not allowed.
level For level, specify the privilege level the user has after gaining access. At
this software revision AsGOS 1.0.0 just level 15 is allowed.
password Specify the password the user must enter to gain access to the switch
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode.
AsGOS(config)# user <user-name>
privilege <privilege> password Enter the local database, and establish a username-
<Encryption-level> <password> based authentication system.
AsGOS(config)# end Go to privilege level mode
AsGOS# copy running–config startup-
config Copy running config into startup config.
32
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.13.3.2 Setting remotly authenticated users using an external server.
In order to make login authentication in a Raduis server you need to configure the following
commands:
aaa new-model
This command specifies a new model for the authentification process, if not the default
authentification will be used. The default method is: locally defined users. Under this method user
names and passwords will be defined locally at the switch.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# aaa new model Enable a new model for authentification process.
Enable Radius autentification, over a Raduis Server. If
AsGOS(config)# aaa authentication
default radius the authentification process fails no other
authentification method is applied.
AsGOS(config)# aaa authentication login Enable Radius telnet autentification, over a Raduis
default group radius local Server. If the authentification process fails a local
authentificaion process is applied.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# line console Enter in console config mode
AsGOS(config)# ogin authentication Define the default authentification method fa a session
default opened in a console port
AsGOS(config)# exit
Return to the privilege Exec mode
AsGOS# wr
Save configs
33
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
• Aplaying The authentification rule on VTY Sessions
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# line vty 0 5 Enter in vty config mode (for all sessions from 0 to 5)
AsGOS(config)# ogin authentication Define the default authentification method fa a session
default opened on any VTY session from 0 to 5
AsGOS(config)# exit
Return to the privilege Exec mode
AsGOS# wr
Save configs
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS# snmp-server manager 192.168.1.1 traps- Set the 192.168.1.1 as the server for receiving
version 1 community ASGA traps with community name ASGA. Traps will be
send as SNMP traps version 1.
AsGOS# snmp-server community ASGA rw remote Specify the community name and de IP address
192.168.1.1 for all RW operations.
AsGOS# snmp-server contact ASGA Specify the SNMP contact name.
AsGOS# snmp-server location Rodovia RM Km 4 Specify the SNMP location name.
AsGOS# snmp-server enable trap all Enable all trap sending.
34
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
RFC NUMBER TITLE
2571 An Architecture for Describing SNMP Management Frameworks.
2572 Message Processing and Dispatching for the Simple Network Management Protocol (SNMP).
2573 SNMPv3 Applications.
2574 User-Based Security Model for SNMPv3.
2575 View-Based Access Control Model (VACM) for SNMP.
AsGa LightBolt series switches cover all the subjects detailed into those RFC´s. The following
example shows a typical SNMP V.3 configuration for a more detailed command description please
refer to the alphabetic SNMP commands description.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS (config)# snmp-server users create
Dguerri auth md5 brasil3x0 priv naargentina Create the user name.
AsGOs(config)#snmp-server users access
Dguerri ro priv Give the access type to the configured user.
AsGOS(config)# snmp-server manager Set the 192.168.1.1 as the server for receiving
192.168.1.1 traps-version 3 priv Dguerri traps with user Dguerri.
3.15.1.1 Speed
To change the negotiated speed of the port use the following commands:
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS (config)# interface Ge1 Enter in the interface configuration mode.
AsGOs(interface)#speed <auto|10|100|1000> You can modify the Speed to auto negotiation;
or 10Mbps or 100Mbps or 1000 Mbps.
3.15.1.2 Duplex
To change the negotiated mode of one interface use the following commands:
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS (config)# interface Ge1 Enter in interface configuration mode.
AsGOs(interface)# duplex < half|full|auto> You can modify the duplex mode to full or half or
auto. In 1000Mbps there is no duplex mode.
35
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
notifies the link partner or the remote device of the congestion by transmitting a pause frame. When
flow control receive is on for the remote device and it receives a pause frame, it stops transmitting any
data packets.
Under input police rate limit configuration flow control must be enabled in order to
realize the input rate limit condition. Flow control is negotiated per port basis; so if your
“peer” port does not have this capability you can not achieve police rate limit correctly.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS (config)# interface Ge1 Enter in interface configuration mode.
You can modify the flow control mode to send
(on|off) or receive (on|off). Receive on means
AsGOs(interface)# send on receive on that the switch honor the flow control. Send on
means that the switch will send flow control
when needed.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# VLAN database Enter in the VLAN database mode.
AsGOS (VLAN)# VLAN 200 Create the VLAN 200.
AsGOS (VLAN)# exit Return.
AsGOS(config)# interface vlan1.200 Enter in the SVI interface configuration mode.
AsGOS (config_if)# ip address 20.20.20.20/24 Assign an IP address.
AsGOS (config_if)# end Exit configuration mode.
AsGOS#
AsgOS#show ip route
Codes: C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default
36
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
C 20.20.20.0/24 is directly connected, vlan1.200
Now any port (trunk or access) associated to VLAN 200 has direct L3 access to this virtual
switched interface VLAN1.200. Any default gateway can be configured using commands to add static
routes to the routing table in order to reach those networks.
To add Routes use the following commands:
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsgOS(config)#ip route 192.168.1.0/24 10.10.10.1 Configuring a static route.
AsGOS(config)# end
More about Static Routing creation and inter VLAN Routing will be deployed on “Routing
Section”.
MAC address learning process is an automatic hardware base process, all learned address are
subject to the aging process; this process ensure that after 300 seconds of no hearing a particular
source MAC this will be deleted from the table.
All lookup process into the LightBolt platform is done by hardware. This feature allows wire line
rates for all packet sizes and conditions. For switching decisions the MAC-SA, VID is used to search
the L2 table. When a match is found the packet is forwarded to the specific port indicated into the
same table. When the address is not found the packet generates a Destination Lookup Failure (DLF)
signal and it is flooded to all port member of that VLAN.
You must specify which Static; Dynamic; interface; or vlan portion of the table, in order to
display the entries associated with it.
LightBolt#show mac-address-table
37
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
VLAN address type interface Hit
200 0000.C001.0102 Dynamic ge2 Yes
Total address matching this criteria: 1
The hit bit column shows if the MAC address (Source or Destination) has being hide during the
last aging period.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode
AsGOS (config)# mac-address-table aging-time Configure the Aging time in seconds. It is
200 applied to all VLANs/MACs in the table.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# mac-address-table static Configure the static entry MAC address
0000.0101.0202 vlan 122 interface ge2 associated with a VLAN and Port.
38
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Standard Access-Lists x Extended Access-Lists
Standard Access-List: With standard access-lists you can check just the source IP address of the
packet, meaning, you can check to see if the source address happens to be a specific IP address (or
IP subnet), then you can permit or deny that packet.
Extended Access-List: With extended access-list, there are many things that can be checked.
Besides source L3 addresses, you can check for destination L3 addresses, source/destination port
number, or source/destination protocol number just for mention some examples.
Named Access-Lists
Standard Access Lists are in the range from 1- 99. Extended access-lists are in the range from
100-199. That would mean that you can only have 99 standard access-lists or 100 extended access-
lists on any given equipment. If you really wanted more than 99 standard access-lists or more than
100 extended access-list, you can use Named access-list.
With named access-list, you can classify it to be standard or extended, and then you will follow
the same rules (meaning standard named access-list can check for source address only and
extended named access-list can check for all those other things mentioned earlier). In order to argue
the number of standard and extended access list we provide an expanded range for each. The
expanded range for standard access-list is 1300-1999 and for extended it is 2000-2699.
IP Address 172 16 32 0
Binary format 10101100 00010000 00100000 00000000
Network Mask 11111111 11111111 11100000 00000000
39
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.18.3 Configuring IP standard Access List
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode
AsGOS (config)# access-list Define a standard IP access list by using a source
<standard access-list-number> (deny address and wildcard.
| permit) source = <IP Address> The access-list-number is a decimal number from 1 to
<source-wildcard>
99 or 1300 to 1999.
Enter deny or permit to specify whether to deny or
permit access if conditions are matched.
The source is the source address of the network or
host from which the packet is being sent specified as:
• The 32-bit quantity in dotted-decimal format.
• The keyword any as an abbreviation for
source and source-wildcard
of 0.0.0.0 255.255.255.255. You do not need
to enter a source-wildcard.
• The keyword host as an abbreviation for
source and source-wildcard of source 0.0.0.0.
Use the no access-list access-list-number global configuration command to delete the entire ACL.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode
AsGOS(config)#access-list Define a extended IP access
<extended access-list-number> The access-list-number is a decimal number from 100-to
(deny|permit|remark) 199 or 2000 to 2699.
protocol <Portocol ID> Enter deny or permit to specify whether to deny or permit
(A.B.C.D A.B.C.D|any|host access if conditions are matched.
Enter remark to indicate an access list entry comment
A.B.C.D) (A.B.C.D
The protocol indicate a valid protocol ID specified as a single
A.B.C.D|any|host A.B.C.D)
number o a character set:
<0-255> An IP protocol number
ahp Authentication Header Protocol
eigrp Cisco EIGRP routing protocol
esp Encapsulation Security Payload
gre Cisco GRE tunneling
icmp Internet Control Message Protocol
igmp Internet Gateway Message Protocol
igrp Cisco's IGRP routing protocol
ip Any Internet Protocol
ipinip IP in IP tunneling
ospf OSPF routing protocol
pcp Payload Compression Protocol
pim Protocol Independent Multicast
tcp Transmission Control Protocol
udp User Datagram Protocol
A.B.C.D: Source address A.B.C.D Source wildcard bits.
Any: Specify Any source host.
host : Specify A single source host A.B.C.D Source address
A.B.C.D Destination address A.B.C.D Destination wildcard
bits.
any: Specify any destination host.
host : Specify a single destination host A.B.C.D Destination
address.
40
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Extended ACLs specifying the source and Destination ports for TCP/UDP sessions.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode
AsGOS(config)# access-list<extended Define a extended IP access number
access-list-number>
(deny|permit|remark) (tcp|udp) Deny: Specify packets to reject
(A.B.C.D A.B.C.D | any | host permit: Specify packets to forward
A.B.C.D)
Remark: Access list entry comment
(A.B.C.D A.B.C.D |any | host
A.B.C.D) tcp:Transmission Control Protocol
Src (eq|gt|lt|neq) PORT dst udp: User Datagram Protocol
(eq|gt|lt|neq) PORT A.B.C.D: Source address
A.B.C.D: Source wildcard bits
any: Any source host
host: A single source host
A.B.C.D: Source address
A.B.C.D: Destination address
A.B.C.D: Destination wildcard bits
Any: Any destination host
host: A single destination host
A.B.C.D: Destination address
Src: Source (TCP/UDP) port
eq: Equal
gt: Greater than
lt: Less than
neq: Not equal
PORT: Port number <0-65535>
dst: Destination (TCP/UDP) port
eq: Equal
gt: Greater than
lt: Less than
neq: Not equal
PORT: Port number <0-65535>
For a complete syntax of access list please refer the alphabetic session.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configuration mode
AsGOS (config)# interface <IF- Enter into Interface configuration mode.enter a Valid
NAME> Interface ID.
AsGOS(config-if)# ip access- Ip Interface Internet Protocol config commands
group <ACL-Number> (in|out) access-group Specify access control for packets
ACL-number IP access list number (Standard or
Extended)
in This ACL is intaled for inbound packets
Out This ACL is installed for outbound packets
41
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.18.6 Configuring MAC Bases Access List
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode
AsGOS (config)# access-list deny Specify packets to reject
<MAC-ACeess-List Number> permit Specify packets to permit
(deny|permit) <MAC ; MAC-MASK | MAC Source host's MAC address in
any > <MAC; MAC-MASK | any;> HHHH.HHHH.HHHH format
any Source any
MASK Source mask in HHHH.HHHH.HHHH format
MAC Destination host's MAC address in
HHHH.HHHH.HHHH formatce
any Destination any
MASK Destintion mask in HHHH.HHHH.HHHH format
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode
AsGOS (config)# interface <IF- Enter into Interface configuration mode.enter a Valid
NAME> Interface ID.
AsGOS(config-if)# mac access- Mac config commands
group <ACL-Number> (in) access-group Specify access control for packets
ACL-number IP access list number (Standard or
Extended)
in This ACL is instaled for inbound packets
Note: MAC access Lis can not be instales as OUT into a Interface context.
In this case; the last statement has the bigger priority. All paquets with destination IP address
that match with 10.10.10.10 will be switched.
In this case a packet with src-ip 10.10.10.10 dst-ip 20.20.20.20 tcp port 80 will be not bloqued,
because all statement have a “match” for this packet but the last one permit it, the entrie with big
priority.
42
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.19.1 IP packet with invalid “First-fragment”
A type of attack involving fragments is known as the “tiny fragment attack”. Two TCP fragments
are created. The first fragment is so small that it does not even include the full TCP header,
particularly the destination port number. The second fragment contains the reminder of the TCP
header, including the port number. Some firewalls and intrusion detection systems may let one or
both fragments pass through, particularly if they do not perform packet reassembly. Under this setting
if the first fragment of the packet does not have a full TCP header length the packet will be dropped.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# denial-of-service Enter into Dos mode configuration
AsGOS(config-dos)# first-fragment-ip-packets
Enable the first fragment DoS Checking.
enable
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode.
AsGOS(config)# denial-of-service Enter into Dos mode configuration.
AsGOS(config-dos)# icmp-attack-check enable Enable ICMP DoS attack checking.
AsGOS(config-dos)# minimun-icmp-packet-over- Modify the minimum packet oversize ICMP
size 512 packet size.
AsGOS(config-dos)# end
43
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)# denial-of-service Enter into Dos mode configuration.
AsGOS(config-dos)# tcp-fragment-attack enable Enable TCP fragment protection.
AsGOS(config-dos)# minimun-tcp-header-allowed 20 Modify the minimum TCP header allowed.
AsGOS(config-dos)# end
COMMAND DESCRIPTION
AsGOS# configure terminal Enter the Configure mode.
AsGOS(config)# denial-of-service Enter into Dos mode configuration.
AsGOS(config-dos)# sip-dip-protection enable SAIP = DAIP checking.
AsGOS(config-dos)# tcp-udp-sp-equal-dp enable Source and Destination TCP/UDP checking.
AsGOS(config-dos)# end
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port | Destination Port |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Acknowledgment Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data | |U|A|P|R|S|F| |
| Offset| Reserved |R|C|S|S|Y|I| Window |
| | |G|K|H|T|N|N| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | Urgent Pointer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options | Padding |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
44
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Programs utilize TCP by passing it buffers of data. TCP breaks this data into packages known
as segments, and then uses IP to further package these segments into datagrams. Finally, the
datagrams are embedded into a network packet which can be routed across a network.
When the packet arrives at its destination, the IP stack on the remote host extracts the
datagram from the packet, then the segment from the datagram. The segment is then passed up to
the TCP stack, where it can be validated. Ultimately the TCP stack can reassemble all the segments
into the complete buffer which is then passed to the application. TCP provides two way
communication, so this same process occurs in both directions.
Inside of the packet there are some bits related with control structures. Particularly there are six
'control bits' defined in TCP, one or more of which is defined in each packet. The control bits are
'SYN', 'ACK', 'PSH', 'URG', 'RST', and 'FIN'. TCP uses these bits to define the purpose and contents
of a packet. We will briefly define them.
• URG means out of band data. For example in the telnet session if you press ctr-c tcp stack will
send a packet, which has this flag set.
• SYN bit has meaning only when establishing connection e.g. in the handshaking procedure.
Both sides of the connection need to send this special packet with SYN flag on.
• When the ACK flag is on the Acknowledgement field in the tcp packet contains the number of
the next acknowledgeable tcp packet with this sequence number. This bit is on almost in every
packet. ACK flag tells to the target machine that the sending machine has approved all
packets with sequence number below the Ack number in the packet.
• If the reset flag (RST) is on then the connection is destroyed and all data structures in memory
for the connection must be freed.
• With interactive connections PSH (push) flag is used to gain rapid and smooth interaction. The
packet is not queued but rather sent as soon as possible. Interactive programs should thus
use this flag.
• FIN flag tells to the target machine that it should not take anymore data packets from the
sending machine. E.g. the sending machine tells that it wount send anymore packets but can
still receive packets by himself.
AsGa LightBolt Switches have a hardware based built in mechanism to detect malicious control
flag bit combinations. The detected combinations are:
Under this setting the system will check for those malicious combinations.
COMMAND DESCRIPTION
AsGOS# configure terminal Enter in the Configure mode.
AsGOS(config)#denial-of-service Enter into Dos mode configuration.
AsGOS(config-dos)#tcp-on-invalid-flags enable Enable the TCP invalid Flag checking.
45
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.20.1.1 bridge forward-time
Use this command to set the time (in seconds) after which (if this bridge is the root bridge) each
port changes states to learning and forwarding. This value is used by all instances. To restore the
default value of 15 seconds, use the <no> statement with this command.
Command Syntax
Command Mode
Configure mode
Default
Usage
The allowable range for forward-time is 4-30 seconds. Care should be exercised if the value is to be
made below 7 seconds.
Examples
Related Commands
Command Syntax
Default
46
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Command Mode
Configure mode
Usage
Configure the bridge instance NAME before using this command. The allowable range of values is 1-
10 seconds. However, make sure that the value of hello time is always greater than the value of hold
time (1 second by default).
Examples
Command Syntax
Command Mode
Configure mode
Default
Usage
Max-age is the maximum time in seconds for which (if a bridge is the root bridge) a message is
considered valid. This prevents the frames from looping indefinitely.
The value of max-age should be greater than twice the value of hello time plus one, but less than
twice the value of forward delay minus one. The allowable range for max-age is 6-40 seconds.
Configure this value sufficiently high, so that a frame generated by root can be propagated to the lead
nodes without exceeding the max-age.
Examples
47
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Command Syntax
Command Mode
Configure mode
Default
Usage
This command must be used to set the priority of the bridge. The priority values can be set only in
increments of 4094.
Examples
Command Syntax
Default
Command Mode
Configure mode
Usage
The BPDU guard feature shuts down the port on receiving a BPDU on a BPDU-guard enabled port.
This command associates a timer with the feature such that the port gets enabled back without
manual intervention after a set interval.
This interval can be configured by the user using the bridge spanning-tree errdisable-
timeout interval command.
Example
48
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.20.1.6 bridge spanning-tree errdisable-timeout interval
Use this command to specify the time interval after which a port is brought back up.
Command Syntax
Default
Command Mode
Configure mode
Example
Command Syntax
Command Mode
Configure mode
Usage
The Spanning Tree Protocol sends BPDUs from all ports. Enabling the BPDU Filter feature ensures
that PortFastenabled ports do not transmit or receive any BPDUs. Use the show spanning tree
command to display administratively configured and currently running values of the bpdu-filter
parameter for bridge and port.
Example
Related Commands
49
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.20.1.8 bridge spanning-tree portfast bpdu-guard
Use this command to enable the BPDU (Bridge Protocol Data Unit) Guard feature on a bridge. Use
the <no> statement with this command to disable the BPDU Guard feature on a bridge.
Command Syntax
Command Mode
Configure mode
Usage
When the BPDU Guard feature is set for a bridge, all portfast-enabled ports of the bridge that have
bpdu-guard set to default shut down the port on receiving a BPDU. In this case, the BPDU is not
processed. You can either bring the port back up manually by using the no shutdown command, or
configure the errdisable-timeout feature to enable the port after the specified time interval.
Use the <show spanning-tree> command to display the bridge and port configurations for the
BPDU Guard feature. It shows both the administratively configured and currently running values of
bpdu-guard.
Example
Related Commands
Command Syntax
Default
Command Mode
Interface mode
50
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Examples
Command Syntax
Default
Command Mode
Interface mode.
Examples
Command Syntax
Command Mode
Interface mode
Usage
The Root Guard feature makes sure that the port on which it is enabled is a designated port. If the
Root Guard enabled port receives a superior BPDU, it goes to a Listening state (for STP) or
discarding state (for RSTP and MSTP).
Example
51
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
AsGOS(config-if)# spanning-tree guard root
Command Syntax
bridge shutdown
no bridge shutdown
Command Mode
Configure mode
Usage
Make sure to use the <bridge instance NAME> command before using this command.
Examples
Related Commands
bridge instance
Command Syntax
Command Mode
Configure mode
Default
52
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Example
Command Syntax
Command Mode
Configure mode
Examples
Command Syntax
show spanning-tree
Command Mode
Examples
53
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Usage
Command Syntax
Command Mode
Configure mode
Default
Examples
54
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.20.3.2 bridge shutdown
Use this command to reset a bridge. Use the <bridge shutdown> command to disable a
bridge, and <no bridge shutdown> to return the bridge to operation.
Command Syntax
bridge shutdown
no bridge shutdown
Bridge-group ID used for bridging.
Command Mode
Configure mode
Usage
The bridge instance NAME must exist prior to using this command.
Examples
Command Syntax
Command Mode
Example
Command Syntax
55
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
tx transmitted packets.
PROTOCOL = protocol (detail) echoes protocol changes to the console.
TIMER = timer (detail) echoes timer start to the console.
detail displays detailed output.
Command Mode
Configure mode
Examples
Command Syntax
show spanning-tree
Command Mode
Examples
Usage
The following is an output of this command displaying the state of the spanning tree.
56
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
% eth2: designated bridge 0000000475e650cf
% eth2: forward-timer 0 - hold-timer 0 - msg age timer 0
% eth2: forward-transitions 1
Command Syntax
Command Mode
Interface mode
Examples
Command Syntax
Command Mode
Interface mode
Usage
57
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Examples
Command Syntax
Default
Command Mode
Configure mode
Usage
If Cisco interoperability is required, all AsGOS boxes in the switched LAN must be Cisco-
interoperability enabled. When AsGOS is interoperating with Cisco, the only criteria used to classify a
region are the region name and revision level.VLAN to instance mapping is not used to classify
regions when interoperating with Cisco.
Examples
To enable Cisco interoperability on a Layer-2 switch for a particular bridge (bridge 2 in this example):
58
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Command Syntax
Command Mode
Configure mode.
Default
Usage
The lower the priority of the bridge, the better the chances are of the bridge becoming a root bridge or
a designated bridge for the LAN. The permitted range of values is 0-61440. The priority values can be
set only in increments of 4094.
Examples
Command Syntax
Command Mode
Usage
The permitted range of instances is 0-15. Instance 0 refers to the internal spanning tree. The VLANs
must be created before being associated with an MST instance (MSTI). If the VLAN range is not
specified, the MSTI will not be created.
Example
59
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
AsGOS(config)# bridge 2 protocol mstp
AsGOS(config)# spanning-tree mst configuration
AsGOS(config-mst) bridge 2 instance 2 vlan 30
Command Syntax
Command Mode
Configure Mode
Default
Usage
Specifying the max hops for a BPDU prevents the messages from looping indefinitely in the network.
When a bridge receives a MST BPDU that has exceeded the allowed max-hops, it discards the
BPDU.
Examples
Command Syntax
Command Mode
Configure mode
Default
60
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Example
Command Syntax
Command Mode
Default
By default, each MST bridge starts with the region name as its bridge address. This means each MST
bridge is a region by itself, unless specifically added to one.
Examples
Command Syntax
Command Mode
Default
Examples
61
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
AsGOS(config-mst)# bridge 3 revision 25
Command Syntax
Command Mode
Interface mode
Examples
Command Syntax
Command Mode
Interface mode
Default
Examples
62
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.20.4.10 bridge-group instance priority
Use this command to set the port priority for a bridge group. Use the <no> statement with this
command to restore the default priority value.
Command Syntax
Command Mode
Interface mode
Default
Usage
The Multiple Spanning Tree Protocol uses port priority as a tiebreaker to determine which port should
forward frames for a particular instance on a LAN, or which port should be the root port for an
instance. A lower value implies a better priority. In the case of the same priority, the interface index
will serve as the tiebreaker, with the lower-numbered interface being preferred over others. The
permitted range is 0-240. The priority values can only be set in increments of 16.
Examples
Command Syntax
Command Mode
Default
63
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Examples
Command Syntax
debug mstp (all|cli|PACKET|PROTOCOL|TIMER)
all echoes all STP debugging levels to the console.
cli echoes STP commands to the console.
PACKET = packet rx|tx echoes MSTP packets to the console.
rx received packets.
tx transmitted packets.
PROTOCOL protocol (detail) echoes protocol changes to the console.
TIMER timer (detail) echoes timer start to the console.
detail detailed output.
Command Mode
Examples
Command Syntax
Command Mode
Usage
The following is a display of this command showing the number of instances created, and the VLANs
associated with it.
64
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
% b: CST Bridge Id 8000000475e93ffe
%
% Instance VLAN
% 0: 1
% 2: 4
Command Syntax
Command Mode
Usage
The following show output displays the MSTP configuration information for bridge b.
Command Syntax
Command Mode
Usage
The following is a display of this command showing displaying detailed information about each
instance, and all interfaces associated with them.
AsGOS# show spanning-tree mst detail
% 1: Bridge up - Spanning Tree Enabled
% 1: CIST Root Path Cost 0 - CIST Root Port 0 - CIST Bridge Priority 0
% 1: Forward Delay 15 - Hello Time 2 - Max Age 20 - Max-hops 20
% 1: CIST Root Id 0000009027342b72
% 1: CIST Reg Root Id 0000009027342b72
% 1: CST Bridge Id 0000009027342b72
% 1: portfast bpdu-filter disabled
% 1: portfast bpdu-guard disabled
65
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
% 1: portfast errdisable timeout disabled
% 1: portfast errdisable timeout interval 1 sec
% eth2: Port 4 - Id 8004 - Role Designated - State Forwarding
% eth2: Designated External Path Cost 0 -Internal Path Cost 0
% eth2: Configured Path Cost 200000 - Add type Explicit ref count 2
% eth2: Designated Port Id 8004 - CST Priority 128 -
% eth2: CIST Root 0000009027342b72
% eth2: Regional Root 0000009027342b72
% eth2: Designated Bridge 0000009027342b72
% eth2: Message Age 0 - Max Age 20
% eth2: CIST Hello Time 2 - Forward Delay 15
% eth2: CIST Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0
% eth2: Version Multiple Spanning Tree Protocol - Received None - Send STP
% eth2: No portfast configured - Current portfast off
% eth2: portfast bpdu-guard default - Current portfast bpdu-guard off
% eth2: portfast bpdu-filter default - Current portfast bpdu-filter off
% eth2: no root guard configured - Current root guard off
% eth2: Configured Link Type point-to-point - Current point-to-point
%
% eth1: Port 3 - Id 8003 - Role Designated - State Forwarding
% eth1: Designated External Path Cost 0 -Internal Path Cost 0
% eth1: Configured Path Cost 200000 - Add type Explicit ref count 2
% eth1: Designated Port Id 8003 - CST Priority 128 -
% eth1: CIST Root 0000009027342b72
% eth1: Regional Root 0000009027342b72
% eth1: Designated Bridge 0000009027342b72
% eth1: Message Age 0 - Max Age 20
% eth1: CIST Hello Time 2 - Forward Delay 15
% eth1: CIST Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0
% eth1: Version Multiple Spanning Tree Protocol - Received STP - Send STP
% eth1: No portfast configured - Current portfast off
% eth1: portfast bpdu-guard default - Current portfast bpdu-guard off
% eth1: portfast bpdu-filter default - Current portfast bpdu-filter off
% eth1: no root guard configured - Current root guard off
% eth1: Configured Link Type point-to-point - Current point-to-point
%
% Instance 1: Vlans: 2
% 1: MSTI Root Path Cost 0 - MSTI Root Port 0 - MSTI Bridge Priority 32768
% 1: MSTI Root Id 8001009027342b72
% 1: MSTI Bridge Id 8001009027342b72
% eth2: Port 4 - Id 8004 - Role Designated - State Forwarding
% eth2: Designated Internal Path Cost 0 - Designated Port Id 8004
% eth2: Configured Internal Path Cost 200000
% eth2: Configured CST External Path cost 200000
% eth2: CST Priority 128 - MSTI Priority 128
% eth2: Designated Root 8001009027342b72
% eth2: Designated Bridge 8001009027342b72
% eth2: Message Age 0 - Max Age 0
% eth2: Hello Time 2 - Forward Delay 15
% eth2: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0
%
% eth1: Port 3 - Id 8003 - Role Designated - State Forwarding
% eth1: Designated Internal Path Cost 0 - Designated Port Id 8003
% eth1: Configured Internal Path Cost 200000
% eth1: Configured CST External Path cost 200000
% eth1: CST Priority 128 - MSTI Priority 128
% eth1: Designated Root 8001009027342b72
% eth1: Designated Bridge 8001009027342b72
% eth1: Message Age 0 - Max Age 0
% eth1: Hello Time 2 - Forward Delay 15
% eth1: Forward Timer 0 - Msg Age Timer 0 - Hello Timer 0
66
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Command Syntax
Command Mode
Usage
The following is a display of this command showing detailed information for instance 2.
AsGOS# show spanning-tree mst instance 2
% 1: Bridge up - Spanning Tree Enabled
% 1: CIST Root Path Cost 0 - CIST Root Port 0 - CIST Bridge Priority 0
% 1: Forward Delay 15 - Hello Time 2 - Max Age 20 - Max-hops 20
% 1: CIST Root Id 0000009027342b72
% 1: CIST Reg Root Id 0000009027342b72
% 1: CST Bridge Id 0000009027342b72
% 1: portfast bpdu-filter disabled
% 1: portfast bpdu-guard disabled
% 1: portfast errdisable timeout disabled
% 1: portfast errdisable timeout interval 1 sec
%
% 1: MSTI Root Path Cost 0 - MSTI Root Port 0 - MSTI Bridge Priority 32768
% 1: MSTI Root Id 8002009027342b72
% 1: MSTI Bridge Id 8002009027342b72
% eth2: Port 4 - Id 8004 - Role Designated - State Discarding
% eth2: Designated Internal Path Cost 0 - Designated Port Id 8004
% eth2: Configured Internal Path Cost 200000
% eth2: Configured CST External Path cost 200000
% eth2: CST Priority 128 - MSTI Priority 128
% eth2: Designated Root 8002009027342b72
% eth2: Designated Bridge 8002009027342b72
% eth2: Message Age 0 - Max Age 0
% eth2: Hello Time 2 - Forward Delay 15
% eth2: Forward Timer 11 - Msg Age Timer 0 - Hello Timer 1
%
% eth1: Port 3 - Id 8003 - Role Designated - State Discarding
% eth1: Designated Internal Path Cost 0 - Designated Port Id 8003
% eth1: Configured Internal Path Cost 200000
% eth1: Configured CST External Path cost 200000
% eth1: CST Priority 128 - MSTI Priority 128
% eth1: Designated Root 8002009027342b72
% eth1: Designated Bridge 8002009027342b72
% eth1: Message Age 0 - Max Age 0
% eth1: Hello Time 2 - Forward Delay 15
% eth1: Forward Timer 7 - Msg Age Timer 0 - Hello Timer 1
Command Syntax
67
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Command Mode
Interface mode
Examples
3.20.4.18 link-type
Use this command to enable or disable point-to-point or shared link types.
Command Syntax
Command Mode
Interface mode
Usage
Examples
Command Syntax
Command Mode
Configure mode
68
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Examples
3.21.1 channel-group
Assign the interface to a channel group, and specify the LACP mode. For channel-group-
number, the range is 1 to 32. Each Channel can have up to eight compatibly configured Ethernet
interfaces.
When You configure Layer 2 EtherChannels by configuring the Ethernet interfaces with the
channel-group interface configuration command, the system creates the port-channel logical
interface. Each Ethernet Interfaces pertaining to the same LACP Group will heritage port-channel
interface characteristics.
Command Syntax
active: Enables LACP only if an LACP device is detected. It places an interface into an active
negotiating state, in which the interface starts negotiations with other interfaces by sending LACP
packets.
passive: Enables LACP on an interface and places it into a passive negotiating state, in which the
interface responds to LACP packets that it receives, but does not start LACP packet negotiation.
Command Mode
Interface mode
Usage
69
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
Examples
Related commands
no channel-group
show etherchannel lacp <1-32>
show etherchannel static
Command Syntax
port-channel load-balance (dst-mac | src-mac | src-dst-mac | dst-ip | src-
ip | src-dst-ip)
Command Mode
Interface mode
Usage
port-channel load-balance (dst-mac | src-mac | src-dst-mac | dst-ip | src-
ip | src-dst-ip)
Examples
70
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.21.3 lacp port-priority
Sets the priority for an Ethernet member link, also known as an Ethernet port, in an IEEE
802.3ad link aggregation group (LAG) bundle. The member link with the lowest numerical priority
value has the highest priority. The Ethernet member link with the highest priority is selected first to
join the LAG bundle. The <no version> command restores the default priority value, 32768.
Command Syntax
lacp port-priority <priority-value>
priority-value, the range is 1 to 65535. By default, the priority value is 32768. The lower the
range, the more likely that the interface will be used for LACP transmission.
Command Mode
Interface mode
Usage
lacp port-priority <priority-value>
Examples
Command Syntax
lacp timeout (short|long)
timeout Number of seconds before invalidating a received LACP data unit (DU).
short LACP short timeout. Default short timeout value is 3 seconds.
long LACP long timeout. Default long timeout value is 90 seconds.
Command Mode
Examples
71
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
3.21.5 lacp system-priority
The LACP system ID is the combination of the LACP system priority value and the MAC
address of the switch. This command set the System ID for the LACPPDU´s to be exchanged.
Command Syntax
lacp system-priority [System –Priority] <1-65535>
system-priority LACP system priority
SYS-Priority LACP system priority <1-65535> default 32768
Command Mode
Examples
AsGOS(config)# lacp system-priority 20000
Command Syntax
Command Mode
Exec mode
Examples
AsgOS#show lacp 1 counters
% Traffic statistics
Port LACPDUs Marker Pckt err
Sent Recv Sent Recv Sent Recv
% Aggregator port-channel1 1000000
ge10 6 10 0 0 0 0
ge12 6 7 0 0 0 0
Command Mode
Exec mode
Examples
72
AsGa LightB
LightBolt 10GigE Switch
User Guide Configuration
% Mac address: 00:14:fa:00:29:d5
% Admin Key: 0001 - Oper Key 0001
% Receive link count: 1 - Transmit link count: 0
% Individual: 0 - Ready: 1
% Partner LAG- 0x8000,00-14-fa-00-2a-08
% Link: ge10 (5010) sync: 1
% Link: ge12 (5012) sync: 1
Command Mode
Exec mode
Examples
Command Mode
Exec mode
Examples
73
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
4 COMMANDS IN ALPHABETIC ORDER
A
4.1 Access-list
An ACL is a sequential collection of permit and deny conditions. The switch tests packets
against the conditions in an access list one by one. The first match determines whether the switch
accepts or rejects the packet. Because the switch stops testing conditions after the first match, the
order of the conditions is critical. If no conditions match, the switch denies the packet.
In LightBolt switches all ACL processing is absolutely accomplished in hardware with no impact in
CPU processing time.
Step 1: Create an ACL by specifying an access list number or name and access conditions.
Step 2: Apply the ACL wethever you need it.
The software supports these styles of ACLs or access lists for IP:
The table lists the access-list number and corresponding access list type:
74
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
results determine which address bits are to be considered in processing the traffic. A 0 indicates that
the address bits must be considered (exact match); a 1 in the mask is a "don't care".
IP Address 172 16 32 0
Binary format 10101100 00010000 00100000 00000000
Network Mask 11111111 11111111 11100000 00000000
Command Syntax
75
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
<0-255> An IP protocol number
ahp Authentication Header Protocol
eigrp Cisco EIGRP routing protocol
esp Encapsulation Security Payload
gre Cisco GRE tunneling
icmp Internet Control Message Protocol
igmp Internet Gateway Message Protocol
igrp Cisco's IGRP routing protocol
ip Any Internet Protocol
ipinip IP in IP tunneling
ospf OSPF routing protocol
pcp Payload Compression Protocol
pim Protocol Independent Multicast
tcp Transmission Control Protocol
udp User Datagram Protocol
A.B.C.D Source address
A.B.C.D Source wildcard bits
any Any source host
host A single source host
A.B.C.D Source address
A.B.C.D Destination address
A.B.C.D Destination wildcard bits
any Any destination host
host A single destination host
A.B.C.D Destination address
76
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Command Mode
Config mode
Default
Examples
Related Commands
Mac access-group
Ip access-group
Class maps
If the specified ACL does not exist, the switch forwards all packets.
Command Syntax
Command Mode
Interface configuration
Examples
Related Commands
Mac access-list
77
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
For standard inbound access lists, after the switch receives a packet, it checks the source
address of the packet against the access list. IP extended access lists can optionally check other
fields in the packet, such as the destination IP address, protocol type, or port numbers. If the access
list permits the packet, the switch continues to process the packet. If the access list denies the packet,
the switch discards the packet.
Command Syntax
ip access-group <access-list-number | name>; <{in | out>
no ip access-group <access-list-number | name>; <in | out>
access-list-number: The number of the IP access control list (ACL), from 1 to 199 or from 1300
to 2699
name: The name of an IP ACL, specified in the ip access-list global configuration command
in: Specify filtering on inbound packets
out:Specify filtering on outbound packets
Command Mode
Interface configuration
Examples
Related Commands
Access-list
Mac-access-group
78
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
B
4.3 Boot
Use this command to change your booting parameters:
Command Syntax
Command Mode
Exec mode
Default
By default the system boot using a default.txt configuration file and its default system image file.
Examples
AsgOS(config)#boot
AsgOS(config)#boot system LightBolt-28322-E1-L2-System-1.0.0-RC3.bin
AsgOS(config)# show boot
Config File:
Startup: AsGa-conf-2
Running: AsGa-conf-2
Last Modified: Mon Apr 7 12:56:13 2036
AsGOS Image:
Startup: LightBolt-28322-E1-L2-AsGOS-1.0.0-RC4.bin
Running: LightBolt-28322-E1-L2-AsGOS-1.0.0-RC4.bin
Last Modified: Thu Apr 3 08:34:12 2036
System Image:
Startup: LightBolt-28322-E1-L2-System-1.0.0-RC3.bin
Running: LightBolt-28322-E1-L2-System-1.0.0-RC2.bin
Last Modified: Tue Apr 1 08:45:23 2036
Sanity Image:
Startup: LightBolt-28322-E1-L2-Sanity-1.0.0-RC1.bin
Last Modified: Tue Apr 1 08:45:23 2036
AsgOS(config)#
Related Commands
show boot
79
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
C
4.4 Clear counters
Use this privileged command to clear all system counters.
Command Syntax
Command Mode
Eexec
Default
Examples
Or
Related Commands
No related commands.
80
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Command Mode
Exec mode
Examples
Related Commands
Show mac-address
Command Syntax
class-map [match-all | match-any | match-all-flows] class-map-name
match-all: (Optional) Perform a logical-AND of all matching statements under this class map. All
criteria in the class map must be matched.
match-any: (Optional) Perform a logical-OR of the matching statements under this class map. One
or more criteria must be matched.
match-all-flows: (Optional) used to define a full matching for all flows no other statements are
defined when this type of matching is used.
class-map-name: Name of the class map.
Command Mode
Default
Usage
Use this command to specify the name of the class for which you want to create or modify class-map
match criteria and to enter class-map configuration mode.
The class-map command and its subcommands are used to define packet classification, as part of a
globally named service policy applied on a per-interface basis.
description: describes the class map. The show class-map privileged EXEC command displays
the description and the name of the class-map.
Use the match class-map configuration command to define the match criteria to classify traffic. Use
the <no> statement of this command to remove the match criteria.
81
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
match {access-group acl-index-or-name | class-map class-map-name | ip dscp
dscp-list | ip precedence ip-precedence-list | vlan vlan-list}
Examples
Related Commands
D
4.7 Dir
Use the <dir> command to display a list of files on your system.
Command Syntax
Dir
Command Mode
Exec mode
Default
No default
Examples
AsGOS#dir
-rw-r--r-- 1 1000 users 7.5M Jul 10 2007 asgos-ver1.0.bin
-rw-r----- 1 root root 3.1k Jul 10 2007 AsGOS.conf
-rw-r--r-- 1 root root 2.4k Jun 29 19:05 sanity.log
-rw-r--r-- 1 root root 2.4k Jun 19 11:51 production.log
-rw-r----- 1 root root 2.3k Jun 15 19:18 default.conf
82
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Flash disk space:
Used Available Use%
7.7M 24.3M 24%
Related Commands
4.8 Duplex
Use the duplex interface configuration command to specify the duplex mode of operation for
Gigabit Ethernet ports. Use the <no> statement of this command to return the port to its default value.
Command Syntax
duplex {full | half | auto}
Command Mode
Interface
Default
Examples
Related Commands
E
4.9 Erase
Use this command to erase the configuration file and restore it to its defaults values.
Command Syntax
erase
Command Mode
Configure mode
83
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Default
Examples
LightBolt(config)# erase
LightBolt(config)#
4.10 Exit
Use the exit VLAN configuration command to implement the proposed new virtual LAN (VLAN)
into the local database.
Command Syntax
Command Mode
Vlan database
Default
Examples
AsGOS(config-vlan)# exit
AsGOS#
Related Commands
Vlan database
F
4.11 Flowcontrol
Use the flowcontrol interface configuration command to set the receive or send flow-control
value for an interface. When flow control send is on for a device and it detects any congestion at its
end, it notifies the link partner or the remote device of the congestion by transmitting a pause frame.
When flow control receive is on for the remote device and it receives a pause frame, it stops
transmitting any data packets. This prevents any loss of data packets during the congestion period.
Use the <receive off> and <send off > keywords to disable flow control.
Command Syntax
84
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
flowcontrol IEEE 802.3x Flow Control
send Flow control on send
receive Flow control on receive
on Turn on flow control
off Turn off flow control
Command Mode
Interface
Usage
Flowcontrol send on
Flowcontrol receive on
Examples
LightBolt# configure t
LightBolt(configure) interface ge1
LightBolt(interface) flowcontrol send on
LightBolt(interface) flowcontrol receive on
Related Commands
No flowcontrol
H
4.12 Hostname
Command Syntax
Command Mode
Default
Examples
Related Commands
85
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
I
4.13 Interface
Use the interface global configuration command to enter in the configuration mode for a
physical interface or to create or access switch virtual interface (SVI) and automatically enter interface
configuration mode. Use the no interface vlan form of this command to delete an SVI.
SVIs are created the first time you enter the interface vlan vlan command for a particular vlan.
The vlan corresponds to the VLAN-tag associated with data frames 802.1q encapsulated trunk or the
VLAN ID configured for an access port.
Command Mode
Configure mode
Default
No default value.
Examples
Related Commands
show interface
shutdown
4.14 Ip address
Use the ip address interface configuration command to set an IP address for the Layer 2 switch
or an IP address for each switch virtual interface (SVI) or routed port on the Layer 3 switch. Use the
<no> statement of this command to remove an IP address or to disable IP processing.
Command Syntax
ip address <ip-address>/< subnet-mask>
no ip address [ip-address / subnet-mask]
Command Mode
Interface
86
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Default
Examples
Related Commands
4.15 Ip-access-group
Use the ip access-group interface configuration command to control access to a Layer 2
interface. Use the <no> statementof this command to remove all access groups or the specified
access group from the interface.
Command Syntax
ip access-group {access-list-number } {in | out}
no ip access-group [access-list-number] {in | out}
Command Mode
Interface configuration
Default
Examples
Related Commands
access list
87
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
M
4.16 Mac-address-table aging-time
Use the mac address-table aging-time global configuration command to set the length of time
that a dynamic entry remains in the MAC address table after the entry is used or updated. Use the
<no> statement of this command to return to the default setting. The aging time applies to all VLANs.
The default value for this time is 300 seconds.
Command Syntax
mac-address-table aging-time (<0-0>|<10-1000000>)
mac-address-table MAC forwarding table"
aging-time Time a learned mac address will persist after
last update:
<0-0> Enter 0 to disable aging"
<10-1000000> Aging time in seconds"
Command Mode
Config mode
Usage
mac-address-table aging-time 10
Examples
LightBolt# configure t
LightBolt(configure)# mac-address-table aging-time 10
Related Commands
no mac-address-table aging-time
show mac-address-table aging-time
Command Syntax
mac-address-table freeze
mac-address-table MAC forwarding table
freeze Freeze changes in mac-address table
Command Mode
Exec mode
88
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Usage
mac-address-table freeze
Examples
LightBolt# configure t
LightBolt (configure)# mac-address-table freeze
Related Commands
no mac-address-table freeze
Command Syntax
mac-address-table static MAC vlan <1-4094> interface IFNAME
mac-address-table MAC forwarding table
static Add a static entry
MAC MAC address in HHHH.HHHH.HHHH format
vlan Select a VLAN id
<1-4094> VLAN id
interface Select a interface
IFNAME Interface name
Command Mode
Exec mode
Usage
Examples
LightBolt#configure t
LightBolt(configure)# mac-address-ta
S
4.19 Switchport
Use this command to put a port as switched port. By default all ports in LightBolt switches are
switched ports. You can negate this using <no switchport> command and put the interface in routed
mode operation.
89
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Command Syntax
Switchport
Command Mode
Default
No switchport.
At Startup all port are switched port and all port are access port attached to VLAN 1. All ports are also
attached to Bridge Group 1 running classic Spanning Tree Protocol (802.1D).
Examples
Related Commands
Command Syntax
Switchport mode {access | trunk | hybrid}
no switchport mode
Access: Set the port to access mode. The port is set to access unconditionally and operates as a
nontrunking, single VLAN interface that transmits and receives non-tagged frames. An access port
can be assigned to only one VLAN.
Trunk: Set the port to trunk unconditionally. The port is a trunking VLAN Layer-2 interface. The port
transmits and receives encapsulated (tagged) frames that identify the VLAN of origination. A trunk is a
point-to-point link between two switches or between a switch and a router. AsGa LightBolt switches
use 802.1Q tag encapsulation method.
Hibrid: This mode set the trunk in an hybrid mode witch means that the port acting as a trunk has a
default VLAN for all those packet witch arrive at the port untagged. Under this mode the user must
specify the untagged VLAN for all those arriving non tagged packets. Out going packet for the
specified VLAN ID will go out from this trunk in an untagged form.
And then the user must specify the non tagged nature of this VLAN for this port using the following
command:
90
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
AsGos (interface ge16) switchport hybrid allowed vlan add <VLAN ID> egress-
tagged disable
VLAN ID =1-4095
Command Mode
Default
No default.
Examples
AsGOS# configure terminal
AsGOS(config)# interface ge2
AsGOS(interface)# switchport mode trunk
AsGOS(interface)# switch port allowed vlan all
Related Commands
Switchport
Command Syntax
vlan ID: Per port VLAN ID configured for this port. Range 2:4093.
Vlan-staking: use this command to enable vlan staking on a particular port (Q in Q method). All
frames will be tagged on top of the existing tag (Customer Tag) with the VLAN ID configured under
this port. Port must be an access port in order to enable vlan staking on it.
Command Mode
Default
No default.
91
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Examples
Related Commands
vlandatabase
VLAN
Switchport mode
Command Syntax
switchport trunk [allowed vlan <allowed vlan ID list>]
vlan ID: 2:4093
Command Mode
Default
Examples
Related Commands
vlandatabase
VLAN
Switchport mode
Command Syntax
92
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Command Mode
Interface mode
Default
Examples
interface ge12
switchport
bridge-group 1
switchport mode trunk
switchport mode trunk ingress-filter enable
switchport trunk allowed vlan add 300
bridge-group 1 instance 1
bridge-group 1 instance 2
!
4.24 Speed
Use the speed interface configuration command to specify the speed of a port. Use the <no> or
default form of this command to return the port to its default value. 10 GigE interfaces has no option
for this command. Those interfaces work only at 10Gig Ethernet standard.
Command Syntax
speed <10 | 100 | 1000| auto>
no speed
Command Mode
Interface
Default
Examples
Related Commands
Interface
93
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
4.25 Show Interface
Use the show interface privileged EXEC command to display the administrative and operational
status of a port.
Command Syntax
show interface <interface-id>
Command Mode
Default
Examples
AsGOS# show interface
94
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Related Commands
Command Syntax
AsGOS# show interfaces ge1
AsGOS# show interfaces
Command Mode
EXEC
Default
Examples
AsGOS#show interfaces
-----------------------------------------------------
Interface name.................................: ge1
Total Packets Received (Octets)................: 0
Total Packets Received Without Errors..........: 0
Total Packets Received Discarded...............: 0
Total Packets Transmitted (Octets).............: 5312
Total Packets Transmitted Successfully.........: 83
Total Packets Transmitted Errors...............: 0
-----------------------------------------------------
Interface name.................................: ge2
Total Packets Received (Octets)................: 0
Total Packets Received Without Errors..........: 0
Total Packets Received Discarded...............: 0
Total Packets Transmitted (Octets).............: 5312
Total Packets Transmitted Successfully.........: 83
Total Packets Transmitted Errors...............: 0
-----------------------------------------------------
Interface name.................................: ge3
Total Packets Received (Octets)................: 0
Total Packets Received Without Errors..........: 0
Total Packets Received Discarded...............: 0
Total Packets Transmitted (Octets).............: 5312
Total Packets Transmitted Successfully.........: 83
Total Packets Transmitted Errors...............: 0
95
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Unicast Packets Received.......................: 0
Multicast Packets Received.....................: 0
Broadcast Packets Received.....................: 0
Related Commands
4.27 Shutdown
Use the shutdown interface configuration command to disable an interface. Use the <no>
statement of this command to restart a disabled port or switch virtual interface (SVI).
The <shutdown> command for a port causes it to stop forwarding. You can enable the port
with the <no shutdown> command. The <shutdown> command disables all functions on the specified
interface.
Command Syntax
shutdown
no shutdown
Command Mode
Interface
96
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Default
Examples
AsGOS# configure terminal
AsGOS(config)# interface ge1
AsGOS(interface)# shutdown
Related Commands
Interface
Interface vlan1<VLAN ID>
Command Syntax
Command Mode
EXEC
Default
Examples
AsgOS#show vlan all bridge 1
Related Commands
97
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
4.29 Show outbound access-priority-table
Use this command to display data about the access-priority table. To modify the lines
displayed, use the | (output modifier token); to save the output to a file, use the > output redirection
token. For more information, see the AsGOS Command Line Interface Environment chapter.
Command Syntax
Command Mode
Usage
AsGOS# show outbound access-priority-table interface eth4
802.3 Format Outbound Access Priority
1
0
0
0
0
0
0
Command Syntax
Command Mode
Usage
The following is a display of this command showing the traffic class table for interface eth1.
98
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Examples
Related Commands
Command Syntax
Command Mode
Usage
The following is output display of this command showing set user priority for interface eth4.
Examples
Related Commands
Command Syntax
storm-control < broadcast | dlf | multicast> < level>
broadcast: type this key to limit the maximum broadcast traffic to be admitted by a specific port.
dlf: is the maximum throughput of dlf (destination lookup failure) to be forwarded/admitted by a
specific port. A dlf occur each time that a no MAC address match is accomplished.
multicast: use this key to limit the maximum multicast traffic to be admitted by a specific port.
level: specify the maximum level of the specific traffic admitted by a specific port. This level is
intended to be a % of the maximum speed of the port.
99
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Command Mode
Interface mode
Usage
Examples
AsGOS(config-if)#storm-control broadcast 30
AsGOS(config-if)#storm-control dlf 50
AsGOS(config-if)#storm-control multicast 10
Related Commands
Command Syntax
snmp-server manager ip-address traps-version ( ( 1 | 2c ) community
community | 3 ( noauth | auth | priv ) username ) ( udp-port port | )
Command Mode
Config mode
Usage
LightBOLT(config)# snmp-server manager ip-address (traps-version ( 1 | 2c | 3 user
username (auth | noauth | priv) | ) (community string | ) (upd-port port | )
100
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Examples
LightBOLT(config)# snmp-server manager 192.168.1.1 traps-version 1 community AsGa
upd-port 162
Related Commands
Command Syntax
snmp-server trap-source <IFNAME>
IFNAME: is any valid interface with a valid IP address
Command Mode
Exec mode
Usage
Examples
LightBOLT(config)# snmp-server trap-source loopback 0
LightBOLT(config)# snmp-server trap-source GE1
LightBOLT(config)# snmp-server trap-source vlan1.400
Related Commands
Command Syntax
snmp-server <enable | Disable> trap ( linkUp | linkDown | coldstart | warmreset |
config | bridge | vlancreate | vlandelete | copy-config | snmp-notify | all )
101
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
snmp-server Configure parameters to SNMP Agent
enable Enable SNMP traps configuration
disable Disable SNMP traps configuration
trap Turn On SNMP traps
linkUp LinkUp trap
linkDown LinkDown trap
coldstart coldstart trap
warmreset warmreset trap
config config trap
bridge bridge trap
vlancreate vlancreate trap
vlandelete vlandelete trap
copy-config copy-config trap
snmp-notify notify snmp configuration change trap
all All traps
Command Mode
Exec mode
Usage
Examples
Related Commands
Command Syntax
snmp-server community string (ro | rw) (remote ip-addres | ) (view view-name | )
<string> Community string that consists of 1 to 32 alphanumeric characters much like a password,
permitting access to SNMP. Blank spaces are not permitted in the community string.
ro: (Optional) Specifies read-only access. Authorized management stations can retrieve only MIB
objects.
102
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
rw: (Optional) Specifies read-write access. Authorized management stations can both retrieve and
modify MIB objects.
remote: Specify the remote SNMP management system. When specify the system check for snmp
messages coming from the server.
view: specify the particular view associated to the community string.
Command Mode
Exec mode
Usage
Examples
Related Commands
Command Syntax
Command Mode
Config
Usage
Examples
LightBolt# configure t
LightBolt(configure)# snmp-server name name TEST
Related Commands
103
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
4.38 Snmp-server contact
To set the system contact (sysContact) string, use the <snmp-server contact> command in
global configuration mode. To remove the system contact information, use the <no> statement of this
command.
Command Syntax
Command Mode
Exec mode
Usage
Examples
Related Commands
Command Syntax
Command Mode
Exec mode
Usage
LightBOLT(config)# snmp-server location <text>
Examples
LightBOLT(config)# snmp-server location Rodovia Roberto Moreira KM4
Related Commands
104
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
4.40 Snmp-server view
This command can be used to create different views of different OIDs trees. Using this
command a snmp server can gain access just to those OIDs assigned to it. The rest of OIDs will not
be displayed. Use the no form of this command to negate it.
Command Syntax
Command Mode
Exec mode
Usage
Examples
Related Commands
no snmp-server view view-name
snmp-server community string (ro | rw) (remote ip-addres ) (view view-name )
show snmp view
Command Syntax
snmp-server engineID <local | remote ip-address > engine-string
Command Mode
Exec mode
Usage
105
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Examples
Related Commands
Command Syntax
snmp-server users create username auth ( md5 | sha ) auth-password ( priv priv-
password | )
Command Mode
Exec
Usage
Examples
LightBOLT(config)#
Related Commands
Command Syntax
106
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Command Mode
Exec
Examples
Related Commands
snmp-server view
no snmp-server view viewname
Command Syntax
Show all-files
Command Mode
Exec mode
Usage
Examples
Related Commands
Command Syntax
show log-files
107
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Command Mode
Exec mode
Usage
Examples
Related Commands
Command Syntax
show config-files
Command Mode
Exec mode
Usage
Examples
Related Commands
108
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
4.47 Show image-files
Command Syntax
Command Mode
Usage
Examples
Related Commands
Command Syntax
Command Mode
Enable mode
Usage
Examples
LightBolt#show mac-address-table
109
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
LightBolt#show mac-address-table vlan 200
VLAN address type interface Hit
200 0000.C003.0102 Dynamic ge4 Yes
200 0000.0101.0202 Static ge1 No
200 0000.C001.0102 Dynamic ge2 Yes
Total address matching this criteria: 4
Related Commands
4.49 Storm-control
Use this command to select the appropriate storm control level for broadcast multicast packets or for
a Destination Lookup Failure DLF . Use the <no> statement of this command to negate its actions.
Command Syntax
storm-control (broadcast | multicast | dlf) level LEVEL
Command Mode
Interface
Usage
Examples
LightBolt# configure t
LightBolt(Configure)# interface ge1
LightBolt(interface)# storm-control broadcast 5
Related Commands
110
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
V
4.50 VLAN Database
Use the vlan database privileged EXEC command to enter virtual LAN (VLAN) configuration
mode. From this mode, you can add, delete, and modify VLAN configurations.
Command Syntax
Command Mode
Configure mode
Default
No Default
Examples
Related Commands
VLAN
4.51 VLAN
Use the VLAN configuration command to configure virtual LAN (VLAN) characteristics for a
specific VLAN. Use the <no> statement of this command without additional parameters to delete a
VLAN. All VLANs created under this command are Ethernet 802.1Q VLAN’s.
Command Syntax
Command Mode
Default
The default VLAN ID is 1. By Default at power on the system start with all ports as access port with
per port VLAN equal to 1 and attached to Bridge Group 1. The Bridge Group 1 run classic STP
(802.1D).
111
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Examples
Related Commands
Use the <no vlan> classifier in an interface context in order to eliminate this classification group from
an interface context.
Use the <no vlan classifier group> <group number> in order to eliminate a complete group.
Use the vlan classifier group <group number> delete rule <rule number> to delete a particular rule
inside a group.
Up to 255 rules can be configured on a single group.
Up to 16 groups can be configured.
Command Syntax
vlan classifier <group | rule>
vlan classifier group <group number> <add | delete> rule <rule number>
vlan classifier rule <rule number> < ipv4 | mac | proto >
ipv4 format: A.B.C.D/M ipv4 address in A.B.C.D/M format
mac format: HHHH.HHHH.HHHH
proto: <0-65535> ethernet decimal
arp protocol - Address Resolution
atalkaarp protocol - Appletalk AARP
atalkddp protocol - Appletalk DDP
atmmulti protocol - MultiProtocol Over ATM
atmtransport protocol - Frame-based ATM Transport
dec protocol - DEC Assigned
deccustom protocol - DEC Customer use
decdiagnostics protocol - DEC Diagnostics
decdnadumpload protocol - DEC DNA Dump/Load
decdnaremoteconsole protocol - DEC DNA Remote Console
decdnarouting protocol - DEC DNA Routing
declat protocol - DEC LAT
decsyscomm protocol - DEC Systems Comms Arch
g8bpqx25 protocol - G8BPQ AX.25
ieeeaddrtrans protocol - Xerox IEEE802.3 PUP Address
Translation
ieeepup protocol - Xerox IEEE802.3 PUP
ip protocol - IP
ipv6 protocol - IPv6
ipx protocol - IPX
pppdiscovery protocol - PPPoE discovery
pppsession protocol - PPPoE session
rarp protocol - Reverse Address Resolution
x25 protocol - CCITT X.25
xeroxaddrtrans protocol - Xerox PUP Address Translation
xeroxpup protocol - Xerox PUP
112
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Command Mode
Config mode
Interface mode
Default
No default
Examples
!
bridge 1 protocol mstp
bridge 1 acquire
vlan classifier rule 1 mac 0000.c004.0102 vlan 300
vlan classifier rule 2 ipv4 40.40.40.40/24 vlan 300
vlan classifier rule 3 proto 8192 encap ethv2 vlan 300
vlan classifier group 1 add rule 1
vlan classifier group 1 add rule 2
vlan classifier group 1 add rule 3
!
vlan database
vlan 300 bridge 1 name TEST3
vlan 300 bridge 1 state enable
!
interface ge4
switchport
bridge-group 1
switchport mode access
vlan classifier activate 1
bridge-group 1 instance 1
!
Related Commands
Vlan Database
Interface
W
4.53 Write
Use this command to transfer into or from permanent memory all system files. File types can
be: configuration files log files or image files.
Command Syntax
Write <config-file | log-file | image_file> <File name> <from-tftp | to-tftp>
<server: IPaddress>
Command Mode
Configure mode
113
AsGa LightB
LightBolt 10GigE Switch
User Guide Commands
Default
Examples
LightBolt(config)#write config-file 1.0.1LightBolt29304.txt from-tftp server
192.168.1.1
114
AsGa LightB
LightBolt 10GigE Switch
User Guide Warranty
WARRANTY
13/10/2008 – ED.01.4.γ
AsGa LightB
LightBolt 10GigE Switch
User Guide Warranty