100% found this document useful (1 vote)

13K views

Adtran AOS Commands!

ADTRAN OPERATING SYSTEM (AOS) Command Reference Guide. Each ADTRAN product contains a single license for ADTRAN supplied software. Warranty information can be found at www.adtran.com.

Uploaded by

Butch Mayhew

Available Formats

Download as PDF, TXT or read online on Scribd

100% found this document useful (1 vote)

13K views

Adtran AOS Commands!

ADTRAN OPERATING SYSTEM (AOS) Command Reference Guide. Each ADTRAN product contains a single license for ADTRAN supplied software. Warranty information can be found at www.adtran.com.

Uploaded by

Butch Mayhew

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 507

ADTRAN OPERATING SYSTEM (AOS)

Command Reference Guide AOS Version 11.1 NetVanta 1000 Series Products

November 2005 61200500L1-35E

Command Reference Guide

Trademarks
Any brand names and product names included in this manual are trademarks, registered trademarks, service marks, or trade names of their respective holders.

To the Holder of this Manual

The contents of this manual are current as of the date of publication. ADTRAN reserves the right to change the contents without prior notice. In no event will ADTRAN be liable for any special, incidental, or consequential damages or for commercial losses even if ADTRAN has been advised thereof as a result of issue of this publication.

Software Licensing Agreement

Each ADTRAN product contains a single license for ADTRAN supplied software. Pursuant to the Licensing Agreement, you may: (a) use the software on the purchased ADTRAN device only and (b) keep a copy of the software for backup purposes. This Agreement covers all software installed on the system as well as any software available on the ADTRAN website. In addition, certain ADTRAN systems may contain additional conditions for obtaining software upgrades.

Conventions

Notes provide additional useful information.

Cautions signify information that could prevent service interruption or damage to the equipment.

Warnings provide information that could prevent endangerment to human life.

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Warranty and Customer Service

ADTRAN will repair and return this product within the warranty period if it does not meet its published specifications or fails while in service. Warranty information can be found at www.adtran.com. (Click on Warranty and Repair Information under Support.)

Product Registration
Registering your product helps ensure complete customer satisfaction. Please take time to register your products on line at www.adtran.com. Click Service/Support and then on Product Registration under Support.

Product Support Information

A return material authorization (RMA) is required prior to returning equipment to ADTRAN. For service, RMA requests, training, or more information, use the contact information given below. Repair and Return If you determine that a repair is needed, please contact our Customer and Product Service (CaPS) department to have an RMA number issued. CaPS should also be contacted to obtain information regarding equipment currently in house or possible fees associated with repair.
CaPS Department (256) 963-8722

Identify the RMA number clearly on the package (below the address), and return to the following address:
ADTRAN Customer and Product Service 901 Explorer Blvd. (East Tower) Huntsville, Alabama 35806 RMA # _____________

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Pre-Sales Inquiries and Applications Support

Your reseller should serve as the first point of contact for support. If additional pre-sales support is needed, the ADTRAN Support website provides a variety of support services such as a searchable knowledge base, latest product documentation, application briefs, case studies, and a link to submit a question to an Applications Engineer. All of this, and more, is available at: http://support.adtran.com When needed, further pre-sales assistance is available by calling our Applications Engineering Department.
Applications Engineering (800) 615-1176

Post-Sales Support
Your reseller should serve as the first point of contact for support. If additional support is needed, the ADTRAN Support website provides a variety of support services such as a searchable knowledge base, updated firmware releases, latest product documentation, service request ticket generation and trouble-shooting tools. All of this, and more, is available at: http://support.adtran.com When needed, further post-sales assistance is available by calling our Technical Support Center. Please have your unit serial number available when you call.
Technical Support (888) 4ADTRAN

CLI Introduction

REFERENCE GUIDE INTRODUCTION

This manual provides information about the commands that are available with all of the NetVanta Series units. This manual provides information about the commands that are available with NetVanta 1000 Series units. For a list of all of the commands available through the CLI, see 61950860L1-35L (All Products). If you are new to the ADTRAN Operating Systems (AOS) Command Line Interface (CLI), take a few moments to review the information provided in the section which follows (CLI Introduction). If you are already familiar with the CLI and you need information on a specific command or group of commands, proceed to Command Descriptions on page 13 of this guide.

CLI INTRODUCTION
This portion of the Command Reference Guide is designed to introduce you to the basic concepts and strategies associated with using the AOS CLI. Accessing the CLI from your PC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Understanding Command Security Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Understanding Configuration Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Using CLI Shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Performing Common CLI Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Understanding CLI Error Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Accessing the CLI from your PC

All products using the AOS are initially accessed by connecting a VT100 terminal (or terminal emulator) to the CONSOLE port located on the rear panel of the unit using a standard DB-9 (male) to DB-9 (female) serial cable. Configure the VT100 terminal or terminal emulation software to the following settings: 9600 baud 8 data bits No parity 1 stop bit No flow control For more details on connecting to your unit, refer to the Quick Configuration Guides and Quick Start Guides located on the ADTRAN OS Documentation CD provided with your unit.

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Understanding Command Security Levels

The ADTRAN CLI has two command security levels Basic and Enable. Both levels support a specific set of commands. For example, all interface configuration commands are accessible only through the Enable security level. The following table contains a brief description of each level. Level
Basic

Access by...
beginning an AOS session.

Prompt
>

With this level you can...

display system information perform traceroute and ping functions open a Telnet session manage the startup and running configurations use the debug commands enter any of the configuration modes

Enable

entering enable while in the # Basic command security level as follows: >enable

To prevent unauthorized users from accessing the configuration functions of your AOS product, immediately install an Enable-level password. Refer to the Quick Configuration Guides and Quick Start Guides located on the ADTRAN OS Documentation CD provided with your unit for more information on configuring a password.

Understanding Configuration Modes

The ADTRAN CLI has four configuration modes to organize the configuration commands Global, Line, Router, and Interface. Each configuration mode supports a set of commands specific to the configurable parameters for the mode. For example, all Frame Relay configuration commands are accessible only through the interface configuration mode (for the virtual Frame Relay interface). The following table contains a brief description of each level. Mode
Global

Access by...
entering config while at the Enable command security level prompt. For example: >enable #config term

Sample Prompt
(config)#

With this mode you can...

set the systems Enable-level password(s) configure the system global IP parameters configure the SNMP parameters enter any of the other configuration modes

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Using CLI Shortcuts

Mode
Line

Access by...

Sample Prompt

With this mode you can...

configure the console terminal settings (datarate, login password, etc.) create Telnet logins and specify their parameters (login password, etc.) configure RIP or OSPF parameters suppress route updates redistribute information from outside routing sources (protocols) configure parameters for the available LAN and WAN interfaces

(config-con0)# specifying a line (console or Telnet) while at the Global Configuration mode prompt. For example: >enable #config term (config)#line console 0 entering router rip or router ospf (config-rip)# while at the Global Configuration mode prompt. For example: >enable #config term (config)#router rip specifying an interface (T1, Ethernet, Frame Relay, ppp, etc.) while in the Global Configuration mode. For example: >enable #config term (config)#int eth 0/1 (config-eth 0/1)# (The above prompt is for the Ethernet LAN interface located on the rear panel of the unit.)

Router

Interface

Using CLI Shortcuts

The ADTRAN CLI provides several shortcuts which help you configure your AOS product more easily. See the following table for descriptions. Shortcut
Up arrow key

Description
To re-display a previously entered command, use the up arrow key. Continuing to press the up arrow key cycles through all commands entered starting with the most recent command. Pressing the <Tab> key after entering a partial (but unique) command will complete the command, display it on the command prompt line, and wait for further input.

<Tab> key

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Using CLI Shortcuts

Shortcut
?

Description
The ADTRAN CLI contains help to guide you through the configuration process. Using the question mark, do any of the following: Display a list of all subcommands in the current mode. For example: (config-t1 1/1)#coding ? ami - Alternate Mark Inversion b8zs - Bipolar Eight Zero Substitution Display a list of available commands beginning with certain letter(s). For example: (config)#ip d? default-gateway dhcp-server domain-lookup domain-name domain-proxy Obtain syntax help for a specific command by entering the command, a space, and then a question mark (?). The ADTRAN CLI displays the range of values and a brief description of the next parameter expected for that particular command. For example: (config-eth 0/1)#mtu ? <64-1500> - MTU (bytes)

Jump to the beginning of the displayed command line. This shortcut is helpful when using the no form of commands (when available). For example, pressing <Ctrl + A> at the following prompt will place the cursor directly after the #: (config-eth 0/1)#ip address 192.33.55.6 Jump to the end of the displayed command line. For example, pressing <Ctrl + E> at the following prompt will place the cursor directly after the 6: (config-eth 0/1)#ip address 192.33.55.6

Clears the current displayed command line. The following provides an example of the <Ctrl + U> feature: (config-eth 0/1)#ip address 192.33.55.6 (Press <Ctrl + U> here) (config-eth 0/1)#

auto finish

You need only enter enough letters to identify a command as unique. For example, entering int t1 1/1 at the Global configuration prompt provides you access to the configuration parameters for the specified T1 interface. Entering interface t1 1/1 would work as well, but is not necessary.

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Performing Common CLI Functions

The following table contains descriptions of common CLI commands. Command
do

Description
The do command provides a way to execute commands in other command sets without taking the time to exit the current and enter the desired one. The following example shows the do command used to view the Frame Relay interface configuration while currently in the T1 interface command set: (config)#interface t1 1/1 (config-t1 1/1)#do show interfaces fr 7

To undo an issued command or to disable a feature, enter no before the command. For example: no shutdown t1 1/1

copy running-config startup-config

When you are ready to save the changes made to the configuration, enter this command. This copies your changes to the units nonvolatile random access memory (NVRAM). Once the save is complete, the changes are retained even if the unit is shut down or suffers a power outage. Displays the current configuration. Use the debug command to troubleshoot problems you may be experiencing on your network. These commands provide additional information to help you better interpret possible problems. For information on specific debug commands, refer to the section Enable Mode Command Set on page 34. To turn off any active debug commands, enter this command.

show running config debug

undebug all

The overhead associated with the debug command takes up a large portion of your AOS products resources and at times can halt other processes. It is best to only use the debug command during times when the network resources are in low demand (non-peak hours, weekends, etc.).

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Understanding CLI Error Messages

The following table lists and defines some of the more common error messages given in the CLI. Message
%Ambiguous command %Unrecognized Command

Helpful Hints
The command may not be valid in the current command mode, or you may not have entered enough correct characters for the command to be recognized. Try using the ? command to determine your error. See Using CLI Shortcuts on page 9 for more information. The command may not be valid in the current command mode, or you may not have entered all of the pertinent information required to make the command valid. Try using the ? command to determine your error. See Using CLI Shortcuts on page 9 for more information. The error in command entry is located where the caret (^) mark appears. Enter a question mark at the prompt. The system will display a list of applicable commands or will give syntax information for the entry.

%Invalid or incomplete command

%Invalid input detected at ^ marker

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Common Commands

COMMON COMMANDS
The following section contains descriptions of commands that are common across multiple command sets. These commands are listed in alphabetical order. alias <text> on page 25 cross-connect <#> <from interface> <slot/port> <tdm-group#> <to interface> <slot/port> on page 26 description <text> on page 29 do on page 30 end on page 31 exit on page 32 shutdown on page 33

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Common Commands

alias <text>
Use the alias command to populate the ifAlias OID (Interface Table MIB of RFC2863) for all physical and virtual interfaces when using Simple Network Management Protocol (SNMP) management stations. Syntax Description
<text> Describes the interface (for SNMP) using an alphanumeric character string enclosed in quotation marks (limited to 64 characters).

Default Values
No defaults required for this command.

Applicable Command Modes

Applies to all interface mode command sets.

Applicable Platforms
Applies to all AOS products.

Command History
Release 1.1 Command was introduced.

Functional Notes
The ifAlias OID is a member of the ifXEntry object-type (defined in RFC2863) used to provide a non-volatile, unique name for various interfaces. This name is preserved through power cycles. Enter a string (using the alias command) which clearly identifies the interface.

Usage Examples
The following example defines a unique character string for the T1 interface: (config)#interface t1 1/1 (config-t1 1/1)#alias CIRCUIT_ID_23-908-8887-401

Technology Review
Please refer to RFC2863 for more detailed information on the ifAlias display string.

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Common Commands

cross-connect <#> <from interface> <slot/port> <tdm-group#> <to interface> <slot/port>

Use the cross-connect command to create a cross-connect map from a created TDM group on an interface to a virtual interface.

Changing cross-connect settings could potentially result in service interruption.

Syntax Description
<#> <from interface> <slot/port> <tdm-group#> <to interface> <slot/port> Identifies the cross-connect using a number descriptor or label for (useful in systems that allow multiple cross-connects). Specifies the interface (physical or virtual) on one end of the cross-connect. Enter cross-connect 1 ? for a list of valid interfaces. Used when a physical interface is specified in the <from interface> subcommand (For example: specifying the T1 port of a T1 module would be t1 1/1). Specifies which configured TDM group to use for this cross-connect. This subcommand only applies to T1 physical interfaces. Specifies the virtual interface on the other end of the cross-connect. Use the ? to display a list of valid interfaces. Used when a physical interface is specified in the <to interface> subcommand. (For example, specifying the primary T1 port of a T1 module would be t1 1/1).

Default Values
By default, there are no configured cross-connects.

Applicable Platforms
Applies to all AOS products

Command History
Release 1.1 Release 5.1 Command was introduced. Command was expanded to include the E1 interface.

Functional Notes
Cross-connects provide the mechanism for connecting a configured virtual (layer 2) endpoint with a physical (layer 1) interface. Supported layer 2 protocols include Frame Relay and point-to-point protocol (PPP).

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Common Commands

Usage Examples
The following example creates a Frame Relay endpoint and connects it to the T1 1/1 physical interface: 1. Create the Frame Relay virtual endpoint and set the signaling method: (config)# interface frame-relay 1 (config-fr 1)# frame-relay lmi-type cisco 2. Create the sub-interface and configure the PVC parameters (including DLCI and IP address): (config-fr 1)# interface fr 1.1 (config-fr 1.1)# frame-relay interface-dlci 17 (config-fr 1.1)# ip address 168.125.33.252 255.255.255.252 3. Create the TDM group of 12 DS0s (64K) on the T1 physical interface: (THIS STEP IS ONLY VALID FOR T1 INTERFACES.) (config)# interface t1 1/1 (config-t1 1/1)# tdm-group 1 timeslots 1-12 speed 64 (config-t1 1/1)# exit 4. Connect the Frame Relay sub-interface with port T1 1/1: (config)# cross-connect 1 t1 1/1 1 fr 1

Technology Review
Creating an endpoint that uses a layer 2 protocol (such as Frame Relay) is generally a four-step process: Step 1: Create the Frame Relay virtual endpoint (using the interface frame-relay command) and set the signaling method (using the frame-relay lmi-type command). Also included in the Frame Relay virtual endpoint are all the applicable Frame Relay timers logging thresholds, encapsulation types, etc. Generally, most Frame Relay virtual interface parameters should be left at their default state. For example, the following creates a Frame Relay interface labeled 7 and sets the signaling method to ansi. (config)# interface frame-relay 7 (config-fr 7)# frame-relay lmi-type ansi

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide Step 2:

Common Commands

Create the sub-interface and configure the PVC parameters. Using the sub-interface, apply access policies to the interface, create bridging interfaces, configure dial-backup, assign an IP address, and set the PVC data-link control identifier (DLCI). For example, the following creates a Frame Relay sub-interface labeled 22, sets the DLCI to 30, and assigns an IP address of 193.44.69.253 to the interface. (config-fr 7)# interface fr 7.22 (config-fr 7.22)# frame-relay interface-dlci 30 (config-fr 7.22)# ip address 193.44.69.253 255.255.255.252 Step 3: (VALID ONLY FOR T1 INTERFACES) Specify the group of DS0s used for signaling on the T1 interface by creating a TDM group. Group any number of contiguous DS0s together to create a data pipe for layer 2 signaling. Also use the tdm-group command to specify the per-DS0 signaling rate on the interface. For example, the following creates a TDM group labeled 9 containing 20 DS0s (each DS0 having a data rate of 56 kbps). (config)# interface t1 1/1 (config-t1 1/1)# tdm-group 9 timeslots 1-20 speed 56 (config-t1 1/1)# exit Step 4: Make the association between the layer 2 endpoint and the physical interface using the cross-connect command. Supported layer 2 protocols include Frame Relay and point-to-point protocol (PPP). For example, the following creates a cross-connect (labeled 5) to make an association between the Frame Relay virtual interface (fr 7) and the TDM group configured on interface t1 1/1 (tdm-group 9). (config)# cross-connect 5 t1 1/1 9 fr 7

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Common Commands

description <text>
Use the description command to identify the specified interface (for example, circuit ID, contact information, etc.). Syntax Description
<text> Identifies the specified interface using up to 80 alphanumeric characters.

Default Values
No defaults required for this command.

Applicable Command Modes

Applies to all interface mode command sets.

Applicable Platforms
Applies to all AOS products.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example enters comment information using the description command: (config)#interface t1 1/1 (config-t1 1/1)#description This is the Dallas office T1

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Common Commands

do
Use the do command to execute any AOS command, regardless of the active configuration mode. It provides a way to execute commands in other modes without taking the time to exit the current mode and enter the desired one. Syntax Description
No subcommands.

Default Values
No defaults required for this command.

Applicable Command Modes

Applies to all mode command sets.

Applicable Platforms
Applies to all AOS products.

Command History
Release 2.1 Command was introduced.

Functional Notes
Use the do command to view configurations or interface states after configuration changes are made without exiting to the Enable mode.

Usage Examples
The following example shows the do command used to view the Frame Relay interface configuration while currently in the T1 Interface Configuration mode: (config)#interface t1 1/1 (config-t1 1/1)#do show interfaces fr 7 fr 7 is ACTIVE Signaling type is ANSI signaling role is USER Polling interval is 10 seconds full inquiry interval is 6 polling intervals Output queue: 0/0 (highest/drops) 0 packets input 0 bytes 0 pkts discarded 0 error pkts 0 unknown protocol pkts 0 packets output 0 bytes 0 tx pkts discarded 0 tx error pkts

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Common Commands

end
Use the end command to exit the current configuration mode and enter the Enable Security mode. When exiting the Global Configuration mode, remember to perform a copy running-config startup-config to save all configuration changes.

Syntax Description
No subcommands.

Default Values
No defaults necessary for this command.

Applicable Command Modes

Applies to all mode command sets except Basic mode.

Applicable Platforms
Applies to all AOS products.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example shows the end command being executed in the T1 Interface Configuration mode: (config-t1 1/1)#end # #- Enable Security mode command prompt

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Common Commands

exit
Use the exit command to exit the current configuration mode and enter the previous one. For example, using the exit command in an interface configuration mode will activate the Global Configuration mode. When using the exit command in the Basic mode, the current session will be terminated. When exiting the Global Configuration mode, remember to perform a copy running-config startup-config to save all configuration changes.

Syntax Description
No subcommands.

Default Values
No defaults necessary for this command.

Applicable Command Modes

Applies to all mode command sets.

Applicable Platforms
Applies to all AOS products.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example shows the exit command being executed in the Global Configuration mode: (config)#exit # #- Enable Security mode command prompt

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Common Commands

shutdown
Use the shutdown command to disable the interface (both physical and virtual) so that no data will be passed through. Use the no form of this command to turn on the interface and allow it to pass data. By default, all interfaces are disabled. Syntax Description
No subcommands.

Default Values
By default, all interfaces are disabled.

Applicable Command Modes

Applies to all interface mode command sets.

Applicable Platforms
Applies to all AOS products.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example administratively disables the modem interface: (config)#interface modem 1/2 (config-modem 1/2)#shutdown

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

clear event-history
Use the clear event-history command to clear all messages logged to the local event-history. Messages cleared from the local event-history (using the clear event-history command) are no longer accessible.

Enable Mode Command Set

clear mac address-table dynamic [address <mac address> | <interface id>]

Use the clear mac address-table dynamic command to remove dynamic media access control (MAC) addresses from the MAC address table. Syntax Description
address <mac address> Removes a specific MAC address from the table (format: AA:AA:AA:AA:AA:AA). <interface id> Removes the MAC address of a specific interface. Type clear mac address-table dynamic interface ? for a complete list of applicable interfaces.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following example removes the dynamic address A0:B1:C2:D3:E4:A1 from the MAC address table: >enable #clear mac address-table dynamic address A0:B1:C2:D3:E4:A1 The following example removes all dynamic addresses from the MAC address table: >enable #clear mac address-table dynamic

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Enable Mode Command Set

clear port-security
Use the clear port-security command to clear the dynamic or sticky secure media access control (MAC) addresses associated with an interface. This can be done on a per-address or per-port basis. Variations of this command include the following:
clear port-security dynamic address <address> clear port-security dynamic interface <interface id> clear port-security sticky address <address> clear port-security sticky interface <interface id>

clear spanning-tree detected-protocols [interface <interface id>]

Use the clear spanning-tree detected-protocols command to restart the protocol migration process. Syntax Description
interface <interface id> Optional. Specifies a valid interface to clear. Type clear spanning-tree detected-protocols interface ? for a complete list of applicable interfaces.

Default Values
No default value necessary for this command.

clock no-auto-correct-dst
The clock no-auto-correct-dst command allows you to override the automatic one-hour correction for Daylight Saving Time (DST). Syntax Description
No subcommands.

Default Values
No default value is necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 6.1 Command was introduced.

Functional Notes
Many time zones include an automatic one-hour correction for daylight saving time at the appropriate time. You may override it at your location using this command.

Usage Examples
The following example overrides the one-hour offset for DST: >enable #clock no-auto-correct-dst

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Enable Mode Command Set

clock set <time> <day> <month> <year>

Use the clock set command to configure the system software clock. For the command to be valid, all fields must be entered. Refer to the Usage Example below for an example. Syntax Description
<time> <day> <month> <year> Sets the time (in 24-hour format) of the system software clock in the format HH:MM:SS (hours:minutes:seconds). Sets the current day of the month (valid range: 1 to 31). Sets the current month (valid range: January to December). You need only enter enough characters to make the entry unique. This entry is not case-sensitive. Sets the current year (valid range: 2000 to 2100).

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example sets the system software clock for 3:42 pm, August 22 2004: >enable #clock set 15:42:00 22 Au 2004

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Enable Mode Command Set

clock timezone <text>

The clock timezone command sets the units internal clock to the timezone of your choice. This setting is based on the difference in time (in hours) between Greenwich Mean Time (GMT) or Central Standard Time (CST) and the timezone for which you are setting up the unit. Use the no form of this command to disable this feature. Syntax Description
Subcommands are specified in the Functional Notes section for this command.

Default Values
No default value is necessary for this command.

Copyright 2005 ADTRAN

Command Reference Guide

Enable Mode Command Set

debug dynamic-dns [verbose]

Use the debug dynamic-dns command to display debug messages associated with dynamic domain naming system (DNS). Debug messages are displayed (real time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description
verbose Enables detailed debug messages.

Default Values
By default, all debug messages in the AOS are disabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 8.1 Command was introduced.

Usage Examples
The following example activates dynamic DNS debug messages: >enable #debug dynamic-dns verbose

61200500L1-35E

Copyright 2005 ADTRAN

debug ip tcp [events]

Use the debug ip tcp events command to activate debug messages associated with significant Transmission Control Protocol (TCP) events such as state changes, retransmissions, session aborts, etc., in the AOS. Debug messages are displayed (real time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. These debug events are logged for packets that are sent or received from the router. Forwarded TCP packets are not included.

Syntax Description
events Optional. Displays only TCP protocol events.

Default Values
By default, all debug messages in the AOS are disabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 4.1 Command was introduced.

Functional Notes
In the debug ip tcp events information, TCB stands for TCP task control block. The numbers which sometimes appear next to TCB (e.g., TCB5 in the following example) represent the TCP session number. This allows you to differentiate debug messages for multiple TCP sessions.

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following is sample output for this command: >enable #debug ip tcp events 2003.02.17 07:40:56 IP.TCP EVENTS TCP: Allocating block 5 2003.02.17 07:40:56 IP.TCP EVENTS TCB5: state change: FREE->SYNRCVD 2003.02.17 07:40:56 IP.TCP EVENTS TCB5: new connection from 172.22.75.246:3473 to 10.200.2.201:23 2003.02.17 07:40:56 IP.TCP EVENTS TCB5: state change: SYNRCVD->ESTABLISHED [172.22.75.246:3473] 2003.02.17 07:41:06 IP.TCP EVENTS TCB5: Connection aborted -- error = RESET 2003.02.17 07:41:06 IP.TCP EVENTS TCB5: De-allocating tcb

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Enable Mode Command Set

debug ip udp
Use the debug ip udp command to activate debug messages associated with User Datagram Protocol (UDP) send and receive events in the AOS. Debug messages are displayed (real time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages.

These debug events are logged for packets that are sent or received from the router. Forwarded UDP packets are not included.

The overhead associated with this command takes up a large portion of your routers resources and at times can halt other router processes. It is best to only use the command during times when the network resources are in low demand (non-peak hours, weekends, etc.). Syntax Description
No subcommands.

Default Values
By default, all debug messages in the AOS are disabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 4.1 Command was introduced.

Functional Notes
In the debug ip udp information, the message no listener means that there is no service listening on this UDP port (i.e., the data is discarded).

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following is sample output for this command: >enable #debug ip udp 2003.02.17 07:38:48 IP.UDP RX: src=10.200.3.236:138, dst=10.200.255.255:138, 229 bytes, no listener 2003.02.17 07:38:48 IP.UDP RX: src=10.200.2.7:138, dst=10.200.255.255:138, 227 bytes, no listener 2003.02.17 07:38:48 IP.UDP RX: src=10.200.201.240:138, dst=10.200.255.255:138, 215 bytes, no listener

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Enable Mode Command Set

erase [<filename> | startup-config]

Use the erase command to erase the specified file. Syntax Description
<filename> startup-config Specifies the name of the file (located in FLASH memory) to erase. Erases the startup configuration file stored in NVRAM.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example erases the startup configuration file stored in NVRAM: >enable #erase startup-config If a new startup-configuration file is not specified before power-cycling the unit, the AOS will initialize using a default configuration.

61200500L1-35E

Copyright 2005 ADTRAN

101

Command Reference Guide

Enable Mode Command Set

events
Use the events command to enable event reporting to the current command line interface (CLI) session. Use the no form of this command to disable all event reporting to the current CLI session. Syntax Description
No subcommands.

Default Values
By default, this command is enabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 3.1 Command was introduced.

Usage Examples
The following example enables event reporting: >enable #events

61200500L1-35E

Copyright 2005 ADTRAN

102

105

Command Reference Guide The following is a list of available extended ping fields with descriptions: Target IP address: Repeat Count: Datagram Size: Timeout in Seconds: Specifies the IP address of the system to ping.

Enable Mode Command Set

Specifies the number of ping packets to send to the system (valid range: 1 to 1,000,000). Size (in bytes) of the ping packet (valid range: 1 to 1448). If a ping response is not received within the timeout period, the ping is considered unsuccessful (valid range: 1 to 5 seconds).

Extended Commands: Specifies whether additional commands are desired for more ping configuration parameters. Source Address: Data Pattern: Specifies the IP address to use as the source address in the ECHO_REQ (or interface) packets. Specifies an alphanumerical string to use (the ASCII equivalent) as the data pattern in the ECHO_REQ packets. Specifies the minimum size of the ECHO_REQ packet (valid range: 0 to 1488). Specifies the maximum size of the ECHO_REQ packet (valid range: Sweep Min Size to 1448). Specifies the interval used to determine packet size when performing the sweep (valid range: 1 to 1448). Specifies an extended results output.

Sweep Range of Sizes: Varies the sizes of the ECHO_REQ packets transmitted. Sweep Min Size: Sweep Max Size: Sweep Interval: Verbose Output:

Usage Examples
The following is an example of a successful ping command: >enable #ping Target IP address:192.168.0.30 Repeat count[1-1000000]:5 Datagram Size [1-1000000]:100 Timeout in seconds [1-5]:2 Extended Commands? [y or n]:n Type CTRL+C to abort. Legend: '!' = Success '?' = Unknown host '$' = Invalid host address '*' = Request timed out '-' = Destination host unreachable 'x' = TTL expired in transit Pinging 192.168.0.30 with 100 bytes of data: !!!!! Success rate is 100 percent (5/5) round-trip min/avg/max = 19/20.8/25 ms

61200500L1-35E

Copyright 2005 ADTRAN

106

Command Reference Guide

Enable Mode Command Set

ping stack-member
Use the ping stack-member command to ping a member of the stack. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 1000 and 1000R Series units.

Command History
Release 8.1 Command was introduced.

Functional Notes
This command is available only in stack-master mode.

Usage Examples
The following example pings a member of the stack: >enable #ping stack-member 3 Type CTRL+C to abort. Legend: '!' = Success, '?' = Unknown host, '$' = Invalid host address '*' = Request timed out, '-' = Destination host unreachable 'x' = TTL expired in transit Sending 5, 100-byte ICMP Echos to 169.254.0.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2.2/3 ms #

61200500L1-35E

Copyright 2005 ADTRAN

107

Command Reference Guide

Enable Mode Command Set

reload [cancel | in <delay>]

Use the reload command to preform a manual reload of the AOS.

Performing an AOS reload disrupts data traffic.

Syntax Description
cancel in <delay> Optional. Deactivates a pending reload command. Optional. Specifies a delay period the AOS will wait before reloading. Specifies the delay period in minutes (mmm) or hours and minutes (hh:mm).

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example reloads the AOS software in 3 hours and 27 minutes: >enable #reload in 03:27 The following example reloads the AOS software in 15 minutes: >enable #reload in 15 The following example terminates a pending reload command: >enable #reload cancel

61200500L1-35E

Copyright 2005 ADTRAN

108

Command Reference Guide

Enable Mode Command Set

show arp [realtime]

Use the show arp command to display the Address Resolution Protocol (ARP) table. Syntax Description
realtime Displays full-screen output in real time. See the Functional Notes below for more information.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Release 10.1 Command was introduced. The real time display option was introduced.

Functional Notes
Use the realtime argument for this command to display full-screen output in real time. Information is continuously updated on the console until you either freeze the data (by pressing the F key) or exit realtime mode (by pressing Ctrl-C). If there is not enough room on the screen for all available data, the information will truncate at the bottom of the screen. In order to maximize the amount of data displayed, increase the terminal length (using the terminal length command; refer to terminal length <text> on page 199).

Usage Examples
The following is a sample output of the show arp command: >enable #show arp ADDRESS 192.168.30.36 192.168.30.253 224.0.0.9 TTL (min) 13 17 71578541 MAC ADDRESS 00:E0:7D:88:1A:B9 02:60:8C:DD:0A:CE 01:00:5E:00:00:09 LAST UPDATED (min) 4260 4264 0 INTERFACE eth 0/1 eth 0/1 eth 0/2

61200500L1-35E

Copyright 2005 ADTRAN

109

Command Reference Guide

Enable Mode Command Set

show auto-config
Use the show auto-config command to display auto-configuration status. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 11.1 Command was introduced.

Usage Examples
The following is a sample output of the show auto-config command: >enable #show auto-config Auto-Config is enabled, current status: Done. TFTP Server is 10.20.20.1 Config filename is 1524STfile Maximum retry count is 0 (repeat indefinitely), total retries is 0

61200500L1-35E

Copyright 2005 ADTRAN

110

Command Reference Guide

Enable Mode Command Set

show buffers [realtime]

Use the show buffers command to display the statistics for the buffer pools on the network server. Syntax Description
realtime Displays full-screen output in real time. See the Functional Notes below for more information.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 3.1 Release 10.1 Command was introduced. The real time display option was introduced.

Usage Examples
The following is a sample output from the show buffers command: >enable #show buffers Buffer handles: 119 of 2000 used. Pool 0 1 2 3 4 5 Size 1800 2048 4096 8192 16384 32768 Total 1894 64 32 4 2 2 Used 119 0 0 0 0 0 Available 1775 64 32 4 2 2 Max. Used 122 0 0 0 0 0

61200500L1-35E

Copyright 2005 ADTRAN

111

Command Reference Guide

Enable Mode Command Set

show buffers users [realtime]

Use the show buffers users command to display a list of the top users of packet buffers. Typically, this command will only be used as a debug tool by ADTRAN personnel. Syntax Description
realtime Displays full-screen output in real time. See the Functional Notes below for more information.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 4.1 Release 10.1 Command was introduced. The real time display option was introduced.

Usage Examples
The following is a sample from the show buffers users command: >enable #show buffers users Number of users: 7 Rank User 1 0x0052f4f8 2 0x0051a4fc 3 0x00528564 4 0x0053c1c8 5 fixedsize

Count 59 32 8 7 5

61200500L1-35E

Copyright 2005 ADTRAN

112

Command Reference Guide 6 7 8 9 10 11 12 13 14 15 0x001d8298 0x0010d970 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 2 1 0 0 0 0 0 0 0 0

Enable Mode Command Set

61200500L1-35E

Copyright 2005 ADTRAN

113

Command Reference Guide

Enable Mode Command Set

show channel-group
Use the show channel-group command to display detailed information regarding port aggregation of a specified channel group (i.e., channel groups and their associated ports). Variations of this command include the following:
show channel-group port-channel load-balance show channel-group summary show channel-group <channel group #> summary

Syntax Description
port-channel load-balance summary <channel group #> Displays the current load-balance scheme. Summarizes the state of all channel groups or of a specific channel group (if specified by the <channel group #> argument). Specifies the channel group using the channel group ID (16).

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is a sample from the show channel-group command: >enable #show channel-group summary Channel Group Port channel -----------------------------------1 2 1 2

Associated Ports ----------------------eth 0/2 eth 0/3 eth 0/5 eth 0/6 eth 0/7

61200500L1-35E

Copyright 2005 ADTRAN

114

Command Reference Guide

Enable Mode Command Set

show clock [detail]

Use the show clock command to display the system time and date entered using the clock set command. Refer to the section clock set <time> <day> <month> <year> on page 59 for more information. Syntax Description
detail Optional. Displays more detailed clock information, including the time source.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example displays the current time and data from the system clock: >show clock 23:35:07 UTC Tue Aug 20 2002

61200500L1-35E

Copyright 2005 ADTRAN

115

Command Reference Guide

Enable Mode Command Set

show configuration
Use the show configuration command to display a text printout of the startup configuration file stored in nonvolatile random access memory (NVRAM). Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following is a sample output of the show configuration command: >enable #show configuration ! ! no enable password ! ip subnet-zero ip classless ip routing ! event-history on no logging forwarding logging forwarding priority-level info no logging email ! ip policy-timeout tcp all-ports 600 ip policy-timeout udp all-ports 60 ip policy-timeout icmp 60 !

61200500L1-35E

Copyright 2005 ADTRAN

116

Command Reference Guide ! ! interface eth 0/1 speed auto no ip address shutdown ! interface dds 1/1 shutdown ! interface bri 1/2 shutdown ! ! ip access-list standard Outbound permit host 10.3.50.6 permit 10.200.5.0 0.0.0.255 ! ! ip access-list extended UnTrusted deny icmp 10.5.60.0 0.0.0.255 any source-quench deny tcp any any ! no ip snmp agent ! ! ! line con 0 no login ! line telnet 0 login line telnet 1 login line telnet 2 login line telnet 3 login line telnet 4 login !

Enable Mode Command Set

Command History
Release 3.1

Functional Notes
The list below describes the fields contained in the host table: Flags: Indicate whether the entry is permanent (P) or temporary (T) and if the entry is OK or expired (EXP). Age: Indicates the age of the entry. Type: Shows the protocol type. Address: Displays the IP address for the entry.

Usage Examples
The following example is sample output from the show hosts command: >enable #show hosts Name/address lookup uses domain name service DNS Proxy is disabled Default domain is not set Name servers are 1.1.1.1 2.2.2.2 Host Flags Age Type Address Example1 (P OK) -IP 1.1.1.1 Example2 (P OK) -IP 2.2.2.2

61200500L1-35E

Copyright 2005 ADTRAN

125

Command Reference Guide

Enable Mode Command Set

show interfaces <interface>

Use the show interfaces command to display configuration parameters and current statistics for all interfaces (or a specified interface). Syntax Description
<interface> description performance-statistics Optional. Specifies the interface to display. Type show interfaces ? for a complete list of valid interfaces. Optional. Displays information such as name, administrative status, protocol, and description for all the interfaces. Optional. Displays the current 15-minute interval, the current 24-hour totals, and all 96 stored intervals.

performance-statistics total-24-hourOptional. Displays the current 24-hour totals and the past seven 24-hour intervals. performance-statistics <x-y> Shows the current 15-minute interval, the current 24-hour totals, and all intervals from x through y. This command is basically the same thing as the performance-statistics command with the added function of allowing you to specify a particular interval (or range of intervals) to display rather than displaying all 96.

Note: If you want to display the 24th interval, enter (for example) show interface t11/1 performance-statistics 24-24. Entering show interface t1 1/1 performance-statistics 24 results in displaying the 24-hour statistics. Any number other than 24 (between 1 and 96) results in the correct display of the selected interval (e.g., show interface t1 1/1 performance-statistics 4 shows the fourth interval).
realtime status verbose version Displays full-screen output in real time. See the Functional Notes below for more information. Optional. Displays information such as name, type, status, VLAN, speed, and duplex for all the Ethernet interfaces only. Displays detailed configuration information on the terminal screen (versus only the non-default values). Optional. Displays current version information (e.g., model and list number, software version, etc.) for the T1 interface.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

61200500L1-35E

Copyright 2005 ADTRAN

126

Command Reference Guide

Enable Mode Command Set

Command History
Release 1.1 Release 6.1 Release 9.1 Release 10.1 Release 11.1 Command was introduced. Command was updated to include performance-statistics option. Command was expanded to include HDLC and tunnel interfaces. The realtime option and PRI interface were added. Description, status, and verbose options were introduced. The demand, FXO, and serial interfaces were added.

Usage Examples
The following are samples from various show interfaces commands: >enable #show interfaces t1 1/1 t1 1/1 is UP T1 coding is B8ZS framing is ESF Clock source is line FDL type is ANSI Line build-out is 0dB No remote loopbacks No network loopbacks DS0 Status: 123456789012345678901234 NNNNNNNNNNNNNNNNNNNNNNNN Line Status: -- No Alarms -Current Performance Statistics: 0 Errored Seconds 0 Bursty Errored Seconds 0 Severely Errored Seconds 0 Severely Errored Frame Seconds 0 Unavailable Seconds 0 Path Code Violations 0 Line Code Violations 0 Controlled Slip Seconds 0 Line Errored Seconds 0 Degraded Minutes

61200500L1-35E

Copyright 2005 ADTRAN

127

Command Reference Guide #show interfaces modem 1/2 modem 1/2 is UP Line status: on-hook Caller ID will be used to route incoming calls 0 packets input 0 bytes 0 no buffer 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 abort 0 ignored 0 overruns 0 packets output 0 bytes 0 underruns 0 input clock glitches 0 output clock glitches 0 carrier lost 0 cts lost #show interfaces eth 0/1 Ip address is 10.200.1.50 Netmask is 255.255.0.0 MTU is 1500 Fastcaching is Enabled RIP Authentication is Disabled RIP Tx uses global version value RIP Rx uses global version value #show interfaces dds 1/1 dds 1/1 is UP line protocol is UP Encapsulation FRAME-RELAY (fr 1) Loop rate is set to 56000 actual rate is 56000 Clock source is line Data scrambling is disabled No Loopbacks 75 packets input 6108 bytes 0 no buffer 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 abort 0 ignored 0 overruns 81 packets output 11496 bytes 0 underruns 0 input clock glitches 0 output clock glitches 0 carrier lost 0 cts lost

Enable Mode Command Set

61200500L1-35E

Copyright 2005 ADTRAN

128

Command Reference Guide #show interfaces fr 1 TDM group 10 line protocol is UP Encapsulation FRAME-RELAY (fr 1) 463 packets input 25488 bytes 0 no buffer 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 abort 0 ignored 0 overruns 864 packets output 239993 bytes 0 underruns 0 input clock glitches 0 output clock glitches 0 carrier lost 0 cts lost Line Status: -- No Alarms -Current Performance Statistics: 0 Errored Seconds 0 Bursty Errored Seconds 0 Severely Errored Seconds 0 Severely Errored Frame Seconds 0 Unavailable Seconds 0 Path Code Violations 0 Line Code Violations 0 Controlled Slip Seconds 0 Line Errored Seconds 0 Degraded Minutes #show interfaces fr 1.100* fr 1.100 is Active Ip address is 63.97.45.57, mask is 255.255.255.248 Interface-dlci is 100 MTU is 1500 bytes, BW is 96000 Kbit (limited) Average utilization is 53%

Enable Mode Command Set

*Note: If the user has configured a Bc and Be value on the virtual circuit, the bandwidth (BW) displayed is the sum of those values (Bc + Be). If not, the value for BW is the speed of the interface. The Average utilization displayed is the average utilization of the displayed bandwidth. If the bandwidth number is the Bc + Be value, the (limited) text appears (as shown above).

61200500L1-35E

Copyright 2005 ADTRAN

129

Command Reference Guide

Command Reference Guide

Enable Mode Command Set

show ip interfaces [<interface> | brief]

Use the show ip interfaces command to display the status information for all IP interfaces (or a specific interface). Syntax Description
<interface> Optional. Displays status information for a specific interface. If no interface is entered, status information for all interfaces is displayed. Type show ip interfaces ? for a complete list of applicable interfaces. Displays an abbreviated version of interface statistics for all IP interfaces.

brief

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Release 9.1 Release 11.1 Command was introduced. Command was expanded to include HDLC and tunnel interfaces. Demand interface was added.

Usage Examples
The following is a sample output of the show ip interfaces command: >enable #show ip interfaces eth 0/1 is UP, line protocol is UP Ip address is 10.10.10.1 Netmask is 255.255.255.0 MTU is 1500 Fastcaching is Enabled RIP Authentication is Disabled RIP Tx uses global version value RIP Rx uses global version value

61200500L1-35E

Copyright 2005 ADTRAN

134

Command Reference Guide

Enable Mode Command Set

show ip traffic [realtime]

Use the show ip traffic command to display all IP traffic statistics. Syntax Description
realtime Displays full-screen output in real time. See the Functional Notes below for more information.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 3.1 Release 10.1 Command was introduced. The real time display option was introduced.

Usage Examples
>enable #show ip traffic

61200500L1-35E

Copyright 2005 ADTRAN

135

Command Reference Guide

Enable Mode Command Set

show lldp
Use the show lldp command to display local loop demarkation point (LLDP) timer configuration. Syntax Description
No subcommands.

Default Values
No default values are necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 8.1 Command was introduced.

Usage Examples
The following example shows a sample LLDP timer configuration: >enable #show lldp Global LLDP information: Sending LLDP packets every 30 seconds Sending TTL of 120 seconds

61200500L1-35E

Copyright 2005 ADTRAN

136

Command Reference Guide

Enable Mode Command Set

show lldp device <system name>

Use the show lldp device command to display specific neighbor information about a given neighbor. Syntax Description
<system name> Specifies the system name of the neighbor to display.

Default Values
No default values are necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 8.1 Command was introduced.

Functional Notes
If there is more than one neighbor with the same system name, all neighbors with that system name will be displayed.

Usage Examples
The following example shows specific information about a neighbor for the system name Router: >enable #show lldp device Router Chassis ID: 00:A0:C8:02:DD:2A (MAC Address) System Name: Router Device Port: eth 0/1 (Locally Assigned) Holdtime: 30 Platform: NetVanta 3305 Software: Version: 08.00.22.sw1.D, Date: Mon Nov 01 10:28:55 2004 Capabilities: Bridge, Router Enabled Capabilities: Router Local Port: eth 0/3 Management Addresses: Address Type: IP version 4, Address: 10.23.10.10 Interface Type: Interface Index, Interface Id: 2

61200500L1-35E

Copyright 2005 ADTRAN

137

Command Reference Guide

Enable Mode Command Set

show lldp interface <interface>

Use the show lldp interface command to display local loop demarkation point (LLDP) configuration and statistics for interfaces on this device. Syntax Description
<interface> Displays the information for the specified interface. Type show lldp interface ? for a complete list of applicable interfaces.

Default Values
No default values are necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 8.1 Command was introduced.

Usage Examples
The following example shows LLDP configuration and statistics for the Ethernet 0/1 interface: >enable #show lldp interface ethernet 0/1 eth 0/1 (TX/RX) 0 packets input 0 input errors 0 TLV errors, 0 TLVs Discarded 0 packets discarded 8799 packets output 0 neighbor ageouts #

61200500L1-35E

Copyright 2005 ADTRAN

138

Command Reference Guide

Enable Mode Command Set

show lldp neighbors [interface <interface> l <interface type> | detail | realtime]

Use the show lldp neighbors interface command to display information about neighbors of this device learned about via local loop demarkation point (LLDP). Syntax Description
<interface> Displays a summary of all neighbors learned about through the specified interface (e.g., eth 0/1). Type show lldp neighbors interface ? for a complete list of applicable interfaces. Displays a summary of all neighbors learned about through interfaces of the specified type (e.g., eth). Optional. Shows detailed neighbor information for the specified interface or interface type. Displays full-screen output in real time. See the Functional Notes below for more information.

<interface type> detail realtime

Default Values
No default values necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 8.1 Release 10.1 Command was introduced. The real time display option was introduced.

61200500L1-35E

Copyright 2005 ADTRAN

139

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following example shows detailed information about a devices neighbors: >enable #show lldp neighbors interface eth 0/3 detail Chassis ID: 00:A0:C8:02:DD:2A (MAC Address) System Name: Router Device Port: eth 0/1 (Locally Assigned) Holdtime: 38 Platform: NetVanta 3305 Software: Version: 08.00.22.sw1.D, Date: Mon Nov 01 10:28:55 2004 Capabilities: Bridge, Router Enabled Capabilities: Router Local Port: eth 0/3 Management Addresses: Address Type: IP version 4, Address: 10.23.10.10 Interface Type: Interface Index, Interface Id: 2

61200500L1-35E

Copyright 2005 ADTRAN

140

Command Reference Guide

Enable Mode Command Set

show lldp neighbors statistics

Use the show lldp neighbors statistics command to display statistics about local loop demarkation point (LLDP) neighbor table actions. Syntax Description
No subcommands.

Default Values
There are no default values necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 8.1 Command was introduced.

Functional Notes
This command shows information about the changes in this devices neighbor table. The information displayed indicates the last time a neighbor was added to or removed from the table as well as the number of times neighbors were inserted into or deleted from the table.

Usage Examples
The following example shows sample output for this command: >enable #show lldp neighbors statistics System Last Change Time Inserts 10-15-2004 14:24:56 55

Deletes 3

Drops 1

Age outs 1

System Last Change Time - Shows the time at which the most recent change occurred in the neighbor table. Inserts - Shows the number of times neighbors have been added to the table. Deletes - Shows how many times neighbors have been deleted from the table because an interface was shut down. Drops - Shows how many times the insertion of a new neighbor into the table failed because the table was full. Age outs - Shows how many times neighbors have been removed from the table because no new updates were received from that neighbor before its time-to-live timer expired.

61200500L1-35E

Copyright 2005 ADTRAN

141

Command Reference Guide

Enable Mode Command Set

show mac address-table

Use the show mac address-table command to display all static and dynamic entries in the medium access control (MAC) address table for all virtual local area networks (VLANs) and physical interfaces. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is sample output from the show mac address-table command: >enable #show mac address-table Mac Address Table -----------------------------------------Vlan 1 1 2 2 2 2 2 2 2 2 2 2 2 Mac Address aa:bb:ee:d1:c2:33 00:00:00:00:00:00 00:90:2b:7d:30:00 00:a0:c8:00:8e:a6 00:a0:c8:00:8f:ba 00:a0:c8:00:8f:73 00:a0:c8:00:00:00 00:a0:c8:01:ff:02 00:a0:c8:01:09:d3 00:a0:c8:01:13:34 00:a0:c8:01:14:4a 00:a0:c8:03:95:4b 00:a0:c8:05:00:89 Type STATIC STATIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC Ports eth 0/18 CPU eth 0/1 eth 0/1 eth 0/1 eth 0/1 eth 0/1 eth 0/1 eth 0/1 eth 0/1 eth 0/1 eth 0/1 eth 0/1

61200500L1-35E

Copyright 2005 ADTRAN

142

Command Reference Guide

Enable Mode Command Set

Usage Examples
2 2 2 00:a0:c8:05:00:ac 00:a0:c8:05:00:ad 00:a0:c8:05:00:c2 DYNAMIC DYNAMIC DYNAMIC eth 0/1 eth 0/1 eth 0/1

61200500L1-35E

Copyright 2005 ADTRAN

143

Command Reference Guide

Enable Mode Command Set

show mac address-table address

Use the show mac address-table address command to display all medium access control (MAC) addresses known by the AOS. Variations of this command include the following:
show mac address-table address <mac address> show mac address-table address <mac address> interface <interface type> <interface id> show mac address-table address <mac address> interface <interface type> <interface id> vlan <vlan id> show mac address-table address <mac address> vlan <vlan id>

Syntax Description
<mac address> Specifies a valid 48-bit MAC address. interface <interface type> Shows information for a specific interface. Type show mac address-table address interface ? for a list of valid interfaces. <interface id> vlan <vlan id> Specifies a valid slot/port interface ID (e.g., 0/1). Specifies a valid VLAN interface ID (1 to 4094).

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following sample from the show mac address-table address command displays information regarding a specific MAC address from the MAC address table: >enable #show mac address-table address 00:a0:c8:7d:30:00 Mac Address Table -----------------------------------------Vlan -------2 Mac Address -------------------00:a0:c8:7d:30:00 Type --------DYNAMIC Ports ----------eth 0/1

61200500L1-35E

Copyright 2005 ADTRAN

144

Command Reference Guide

Enable Mode Command Set

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

Command History
Release 5.1 Command was introduced.

61200500L1-35E

Copyright 2005 ADTRAN

148

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following is a sample from the show mac address-table dynamic command: >enable #show mac address-table dynamic Mac Address Table ---------------------------Vlan Mac Address Type ------- --------------------------1 00:a0:c8:7d:30:00 DYNAMIC 1 00:a0:c8:05:89:09 DYNAMIC 1 00:a0:c8:07:d9:d2 DYNAMIC 1 00:a0:c8:07:d9:19 DYNAMIC 1 00:a0:c8:09:95:6b DYNAMIC 1 00:a0:c8:0a:2d:7c DYNAMIC 1 00:a0:c8:f6:e9:a6 DYNAMIC 1 00:a0:c8:01:0a:ef DYNAMIC 1 00:a0:c8:0c:74:80 DYNAMIC 1 00:a0:c8:15:5a:9f DYNAMIC 1 00:a0:c8:6c:71:49 DYNAMIC 1 00:a0:c8:77:78:c1 DYNAMIC 1 00:a0:c8:6b:53:7b DYNAMIC 1 00:a0:c8:72:e6:d6 DYNAMIC 1 00:a0:c8:05:00:e6 DYNAMIC Total Mac Addresses for this criterion: 15

Ports -------eth 0/1 eth 0/2 eth 0/5 eth 0/7 eth 0/7 eth 0/12 eth 0/24 eth 0/23 eth 0/20 eth 0/7 eth 0/2 eth 0/3 eth 0/4 giga-eth 0/2 giga-eth 0/1

61200500L1-35E

Copyright 2005 ADTRAN

149

Command Reference Guide

Enable Mode Command Set

show mac address-table interface [<interface type> <interface id> | vlan <vlan id>]
Use the show mac address-table interface command to display information regarding medium access control (MAC) address table entries specific to a certain interface. Syntax Description
<interface type> <interface id> vlan <vlan id> Shows information for a specific interface type. Type show mac address-table interface ? for a list of valid interfaces. Shows address-table information related to a specific interface (e.g., eth 0/1). Shows address-table information related to a specific VLAN. Specifies a valid VLAN interface ID (1 to 4094).

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is an example of the show mac address-table interface eth 0/1 command displaying MAC address-table entries specifically on Ethernet 0/1: >enable #show mac address-table interface ethernet 0/1 Mac Address Table Vlan 2 2 2 2 2 2 2 Mac Address 00:90:2b:7d:30:00 00:a0:c8:05:00:ac 00:a0:c8:05:00:ad 00:a0:c8:05:00:c2 00:a0:c8:05:01:6e 00:a0:c8:09:95:6b 00:a0:c8:0a:2d:7c Type DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC Ports eth 0/1 eth 0/1 eth 0/1 eth 0/1 eth 0/1 eth 0/1 eth 0/1

Total Mac Addresses for this criterion: 10

61200500L1-35E

Copyright 2005 ADTRAN

150

Command Reference Guide

Enable Mode Command Set

show mac address-table static

Use the show mac address-table static command to display all static medium access control (MAC) addresses known by the AOS. Variations of this command include the following:
show mac address-table static show mac address-table static address <mac address> show mac address-table static address <mac address> interface <interface type> <interface id> show mac address-table static address <mac address> interface <interface type> <interface id> vlan <vlan id> show mac address-table static address <mac address> vlan <vlan id> show mac address-table static interface <interface type> <interface id> show mac address-table static interface <interface type> <interface id> vlan <vlan id> show mac address-table static vlan <vlan id>

Syntax Description
address <mac address> Specifies a valid 48-bit MAC address. interface <interface type> Shows information for a specific interface. Type show mac address-table static interface ? for a list of valid interfaces. <interface id> vlan <vlan id> Specifies any valid slot/port interface ID (e.g., 0/1). Specifies a valid VLAN interface ID (1 to 4094).

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

61200500L1-35E

Copyright 2005 ADTRAN

151

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following is a sample from the show mac address-table static command: >enable #show mac address-table static

Mac Address Table ----------------------------Vlan -----1 Mac Address ------------------00:a0:c8:00:88:40 Type -------STATIC Ports -------CPU

Total Mac Addresses for this criterion: 1

61200500L1-35E

Copyright 2005 ADTRAN

152

Command Reference Guide

Enable Mode Command Set

show memory [heap | realtime | uncached-heap]

Use the show memory command to display statistics regarding memory including memory allocation and buffer use statistics. Shows how memory is in use (broken down by memory size) and how much memory is free. Syntax Description
heap uncached-heap Shows how much memory is in use (broken down by memory block size) and how much memory is free. Shows how much memory has been set aside to be used without memory caching, how much memory is being used and how much memory is free. (Valid only on NetVanta 300, 1000, and 1000R Series Units.) Displays full-screen output in real time. See the Functional Notes below for more information.

realtime

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 3.1 Release 10.1 Release 11.1 Command was introduced. Realtime option was introduced. Uncached heap option was introduced.

61200500L1-35E

Copyright 2005 ADTRAN

153

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following is a sample output from the show memory heap command: >enable #show memory heap Memory Heap: HeapFree: 2935792 HeapSize: 8522736 Block Managers: Mgr 0 1 2 3 4 5 6 7 8 9 10 11 12 13 Size 0 16 48 112 240 496 1008 2032 4080 8176 16368 32752 65520 Used 58 1263 1225 432 140 72 76 25 2 31 8 5 3 Free 0 10 2 2 3 2 1 1 1 1 0 1 0 0 Max-Used 58 1273 1227 434 143 74 26 26 3 32 8 6 30 0

131056 0

61200500L1-35E

Copyright 2005 ADTRAN

154

Command Reference Guide

Enable Mode Command Set

show monitor session [<session-number> | all]

Use the show monitor session command to display information regarding a specified monitor session or to display this information for all sessions. Syntax Description
<session-number> all Displays information for a single specific monitor session. Shows all sessions.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is a sample from the show monitor session command: >enable #show monitor session 1 Monitor Session 1 ----------------Source Ports: RX Only: None TX Only: None Both: eth 0/2, eth 0/3 Destination Port: eth 0/6

61200500L1-35E

Copyright 2005 ADTRAN

155

Command Reference Guide

Enable Mode Command Set

show output-startup
Use the show output-startup command to display startup configuration output line-by-line. This output can be copied into a text file and then used as a configuration editing tool. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 3.1 Command was introduced.

Usage Examples
The following is a sample output from the show output-startup command: >enable #show output-startup ! #! #hostname "UNIT_2" UNIT_2#no enable password UNIT_2#! UNIT_2#ip subnet-zero UNIT_2#ip classless UNIT_2#ip routing UNIT_2#! UNIT_2#event-history on UNIT_2#no logging forwarding UNIT_2#logging forwarding priority-level info UNIT_2#no logging email etc....

61200500L1-35E

Copyright 2005 ADTRAN

156

Command Reference Guide

Enable Mode Command Set

show port-auth [detailed | statistics | summary] [interface <interface id>]

Use the show port-auth command to view port authentication information. Syntax Description
detailed statistics summary interface <interface id> Displays detailed port authentication information. Displays port authentication statistics. Displays a summary of port authentication settings. Displays port authentication information for the specified interface. Interface ID consists of the interface type and ID number. Type show port-auth interface ? for a list of valid interfaces.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 1000 and 1000R Series units.

Command History
Release 10.1 Command was introduced.

Usage Examples
The following example displays the port authentication information: >enable #show port-auth Global Port-Authentication Parameters: re-authentication enabled: reauth-period: quiet-period: tx-period: supp-timeout: server-timeout: reauth-max: max-req: False 3600 60 30 30 30 2 2

61200500L1-35E

Copyright 2005 ADTRAN

157

Command Reference Guide Port-Authentication Port Summary: Interface Status Type Mode Authorized --------------------------------------------------------------------------------------eth 0/1 disabled port-based n/a n/a eth 0/2 disabled port-based n/a n/a eth 0/3 disabled port-based n/a n/a eth 0/4 disabled port-based n/a n/a eth 0/5 disabled port-based n/a n/a eth 0/6 disabled port-based n/a n/a eth 0/7 disabled port-based n/a n/a eth 0/8 disabled port-based n/a n/a eth 0/9 disabled port-based n/a n/a eth 0/10 disabled port-based n/a n/a eth 0/11 disabled port-based n/a n/a eth 0/12 disabled port-based n/a n/a eth 0/13 disabled port-based n/a n/a eth 0/14 disabled port-based n/a n/a eth 0/15 disabled port-based n/a n/a eth 0/16 disabled port-based n/a n/a eth 0/17 disabled port-based n/a n/a eth 0/18 disabled port-based n/a n/a eth 0/19 disabled port-based n/a n/a eth 0/20 disabled port-based n/a n/a eth 0/21 disabled port-based n/a n/a eth 0/22 disabled port-based n/a n/a eth 0/23 disabled port-based n/a n/a eth 0/24 disabled port-based n/a n/a Port Authentication Port Details: Port-Authentication is disabled on eth 0/1 Port-Authentication is disabled on eth 0/2

Enable Mode Command Set

61200500L1-35E

Copyright 2005 ADTRAN

158

Command Reference Guide

Enable Mode Command Set

show port-security [address | interface <interface id> | port-expiration] detailed

Use the show port-security command to display port security information. Syntax Description
address interface port-expiration detailed Displays a list of secure medium access control (MAC) addresses for all interfaces currently configured for port security. Filters the output to include only information for a particular interface. Displays the ports currently participating in port expiration and the amount of time left until the port is shutdown. Displays information for all interfaces, even if not configured for port expiration.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 8.1 Command was introduced.

Usage Examples
The following displays all secure MAC addresses related to the Ethernet 0/1 interface: >enable #show port-security interface eth 0/1 address VLAN Mac Address Type of Entry Interface Remaining Time -------------------------------------------------------------------------------------------------------------1 00:a0:c8:0a:c6:4a Dynamic-Secure eth 0/1 -1 00:a0:c8:0a:c6:4b Dynamic-Secure eth 0/1 --------------------------------------------------------------------------------------------------------------Dynamic Address Count: 2 Static Address Count: 0 Sticky Address Count: 0 Total Address Count: 2

61200500L1-35E

Copyright 2005 ADTRAN

159

Command Reference Guide

Enable Mode Command Set

show power inline <slot/port> [realtime]

Use the show power inline command to display power information (in watts) for devices connected to power over Ethernet (PoE) interfaces. The command also displays the PoE interfaces that can be powered, whether the interfaces are powered or not, and the IEEE class for the device(s) connected to the PoE interfaces. Syntax Description
<slot/port> realtime Optional. Specifies the slot/port of a PoE interface. If specified, the command only displays information related to that interface. Displays full-screen output in real time. See the Functional Notes below for more information.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 1000 and 1000R series units.

Command History
Release 9.1 Release 11.1 Command was introduced. The real time display option was added.

Usage Examples
The following example displays power information for all PoE interfaces: >enable #show power inline Interface eth 0/1 Admin auto Oper off Power (watts) n/a Class n/a

61200500L1-35E

Copyright 2005 ADTRAN

160

Command Reference Guide eth 0/2 eth 0/3 eth 0/4 eth 0/5 eth 0/6 eth 0/7 eth 0/8 eth 0/9 auto auto auto auto off off off auto off off on off n/a n/a n/a on n/a n/a 3.1 n/a n/a n/a n/a 2.4

Enable Mode Command Set n/a n/a Class 0 n/a n/a n/a n/a Class 1

61200500L1-35E

Copyright 2005 ADTRAN

161

Command Reference Guide

Enable Mode Command Set

show processes [cpu | cpu realtime | history | queue | stack]

Use the show processes command to display process statistic information. Syntax Description
cpu cpu realtime history queue stack Displays informations about processes that are currently active. Displays full-screen CPU output in real time. See the Functional Notes below for more information. Displays the process switch history. Displays process queue utilization. Displays process stack usage.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 3.1 Release 10.1 Command was introduced. New option was introduced.

Usage Examples
The following is a sample output from the show processes cpu command: >enable #show processes cpu processes cpu System load: 7.07% Min: 0.00% Context switch load: 0.21%

Max 85.89%

61200500L1-35E

Copyright 2005 ADTRAN

162

Command Reference Guide Task D 0 1 3 4 5 10 11 12 13 14 ....etc. Task Name Idle FrontPanel Stack Usage Q Test 1 Q Test 2 Clock PacketRouting Thread Pool IKE RouteTableTick Invoked PRI STAT 0W 249 W 11 W 10 W 11 W 20 W 250 W 50 W 10 W 50 W Exec (count) 129689 9658 485 50 50 1443 31656 161 2 49 Time (usec) 1971 165 305 4 6 24 10 159 341 874 Runtime (usec) 927923 3202 325 0 0 55 3871 0 0 874

Enable Mode Command Set Load % (1sec) 92.79 0.32 0.03 0.00 0.00 0.01 0.39 0.00 0.00 0.09

61200500L1-35E

Copyright 2005 ADTRAN

163

Command Reference Guide

Enable Mode Command Set

show qos [cos-map | dscp-cos | interface <interface id> | queuing]

Use the show qos command to display information regarding quality of service (QoS) and cost of service (CoS) settings. Syntax Description
cos-map dscp-cos Displays the CoS priority-to-queue map. The map outlines which CoS priority is associated with which queue. Displays the Differentiated Services Code Point (DSCP) to CoS map settings.

interface <interface id> Displays the QoS settings on a specific interface (Ethernet, Gigabit Ethernet, or Port Channel). queuing Displays the type of queuing being used. If weighted round robin (WRR) queuing is enabled, the command also displays the weight of each queue.

Default Values
No defaults necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 6.1 Release 7.1 Command was introduced. Command was expanded to include the dscp-cos option.

61200500L1-35E

Copyright 2005 ADTRAN

164

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following is sample output from the show qos cos-map command: >enable #show qos cos-map CoS Priority: 0 1 2 3 4 5 6 7 Priority Queue: 1 1 2 2 3 3 4 4 The following is sample output from the show qos interface command for Ethernet 0/8 interface: >enable #show qos interface ethernet 0/8 Ethernet 0/8 trust state: trusted default CoS: 0 The following is sample output from the show qos queuing command with WRR queuing enabled: >enable #show qos queuing Queue-type: wrr Expedite queue: disabled wrr weights: qid - weight 1 - 12 2 - 45 3 - 55 4 - 65

61200500L1-35E

Copyright 2005 ADTRAN

165

Command Reference Guide

Enable Mode Command Set

show radius statistics

Use the show radius statistics command to display various statistics from the RADIUS subsystem. These statistics include number of packets sent, number of invalid responses, number of timeouts, average packet delay, and maximum packet delay. Statistics are shown for both authentication and accounting packets. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is an example output using the show radius statistics command: >enable #show radius statistics Auth. 3 0 0 2 ms 3 ms Acct. 0 0 0 0 ms 0 ms

Number of packets sent: Number of invalid responses: Number of timeouts: Average delay: Maximum delay:

61200500L1-35E

Copyright 2005 ADTRAN

166

Command Reference Guide

Enable Mode Command Set

show running-config
Use the show running-config command to display a text print of all the non-default parameters contained in the current running configuration file. Specific portions of the running-config may be displayed, based on the command entered. Variations of this command include the following:
show running-config show running-config access-lists show running-config access-lists verbose show running-config checksum show running-config interface <interface type> <interface id> show running-config interface <interface type> <interface id> verbose show running-config ip-crypto show running-config ip-crypto verbose show running-config policy-class show running-config policy-class verbose show running-config qos-map show running-config qos-map verbose show running-config router pim-sparse show running-config router pim-sparse verbose show running-config verbose

Syntax Description
access-lists checksum Displays the current running configuration for all configured IP access lists. Optional. Displays the encrypted Message Digest 5 (MD5) version of the running configuration.

interface <interface type> Displays the current running configuration for a particular interface. Type show running-config interface ? for a list of valid interfaces. <interface id> ip crypto policy-class qos-map router pim-sparse verbose Specifies any valid slot/port interface (e.g., 0/1). Displays the current running configuration for all IPSec VPN settings. Displays the current running configuration for all configured policy classes. Displays the current running configuration for all configured QoS maps. Optional: Displays the current global PIM-SM configuration. Optional. Displays the entire running configuration to the terminal screen (versus only the non-default values).

Default Values
No default value necessary for this command.

61200500L1-35E

Copyright 2005 ADTRAN

167

Command Reference Guide

Enable Mode Command Set

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is an example output using the show spanning-tree command: >enable #show spanning-tree Spanning Tree enabled protocol ieee Root ID Priority 32768 00:a0:c8:00:88:41 Address

We are the root of the spanning tree Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority Address 32768 00:a0:c8:00:88:41

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface ------------------eth 0/2 eth 0/3 eth 0/4 giga-eth 0/1 giga-eth 0/2 Role ------------------Desg Desg Desg Desg Desg Sts ------------------FWD FWD FWD FWD FWD Cost ----------19 19 19 4 4 Prio.Nbr ------------128.2 128.3 128.4 128.25 128.26 Type --------------P2p P2p P2p P2p P2p

61200500L1-35E

Copyright 2005 ADTRAN

171

Command Reference Guide

Enable Mode Command Set

show spanning-tree active [detail]

Use the show spanning-tree active command to display the spanning-tree status on active interfaces only. Syntax Description
detail Optional. Displays the spanning-tree protocol status in detail.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is an example output using the show spanning-tree active command: >enable #show spanning-tree active Spanning Tree enabled protocol ieee Root ID Priority 32768 00:a0:c8:00:88:41 Address

We are the root of the spanning tree Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority Address 32768 00:a0:c8:00:88:41

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 eth 0/9 eth 0/24 Interface ------------------eth 0/2 eth 0/3 eth 0/9 Desg FWD 19 Desg FWD 19 Role ------------------Desg Desg Desg 128.9 P2p 128.24 P2p Sts FWD FWD FWD Cost 19 19 19 Prio.Nbr ------------128.2 128.3 128.9 Type --------------P2p P2p P2p

------------------ -----------

61200500L1-35E

Copyright 2005 ADTRAN

172

Command Reference Guide

Enable Mode Command Set

show spanning-tree blockedports

Use the show spanning-tree blockedports command to display ports that are currently in a blocked state. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is an example output using the show spanning-tree blockedports command: >enable #show spanning-tree blockedports Blocked Interfaces List -----------------------------------eth 0/3 giga-eth 0/2 p-chan 1 Number of blocked ports (segments) in the system: 3

61200500L1-35E

Copyright 2005 ADTRAN

173

177

Command Reference Guide

Enable Mode Command Set

show spanning-tree pathcost method

Use the show spanning-tree pathcost method command to display the default pathcost method being used. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is sample output using the show spanning-tree pathcost method command. In this case 32-bit values are being used when calculating path costs: >enable #show spanning-tree pathcost method Spanning tree default pathcost method used is long

61200500L1-35E

Copyright 2005 ADTRAN

178

Command Reference Guide

Enable Mode Command Set

show spanning-tree realtime

Use the show spanning-tree realtime command to display full-screen spanning tree information in real time. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Release 10.1 Command was introduced. The real time display option was introduced.

61200500L1-35E

Copyright 2005 ADTRAN

179

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following is sample output using the show spanning-tree realtime command. >enable #show spanning-tree realtime ------------------------------------------------------------------------------------------------STP 0 Vlan 1 Spanning Tree enabled protocol ieee 802.1w (Rapid Spanning-Tree) Root ID Priority 8894 Address 00:a0:c8:00:f5:52 Cost 46 Port 1 (giga-eth 0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 00:a0:c8:02:f6:6b Aging Time 300

Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------------------------------giga-eth 0/1 Root FWD 19 128.1 P2p giga-eth 0/5 Altn BLK 19 128.5 P2p ----------------------------------------------------------------------------------------------------Exit - 'Ctrl-C', Freeze - 'f', Resume - 'r'

61200500L1-35E

Copyright 2005 ADTRAN

180

Command Reference Guide

Enable Mode Command Set

show spanning-tree root [address | cost | detail | forward-time | hello-time | id | max-age | port | priority | priority system-id]
Use the show spanning-tree root command to display information regarding the spanning-tree protocol root. Syntax Description
address cost detail forward-time hello-time id max-age port priority priority system-id Optional. Displays the address of the spanning-tree root. Optional. Displays the path cost of the spanning-tree root. Optional. Displays the spanning-tree root information in detail. Optional. Displays the forward-time of the spanning-tree root. Optional. Displays the hello-time of the spanning-tree root. Optional. Displays the ID of the spanning-tree root. Optional. Displays the maximum age of the spanning-tree root. Optional. Displays the port of the spanning-tree root. Optional. Displays the priority of the spanning-tree root. Optional. Displays the priority and system-id of the spanning-tree root.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is an example output using the show spanning-tree root command: >enable #show spanning-tree root Root ID -------------------8191 00:a0:c8:b9:bb:82 Root Cost -------------108 Hello Time ------------2 Max Age -----------20 Fwd Dly -------------15 Root Port ---------------eth 0/1

61200500L1-35E

Copyright 2005 ADTRAN

181

Command Reference Guide

Enable Mode Command Set

show spanning-tree summary

Use the show spanning-tree summary command to display a brief summary of the spanning tree. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following is an example output using the show spanning-tree summary command: >enable #show spanning-tree summary Spanning tree default pathcost method is short Blocking Listening Learning ---------------------------------------0 0 0

Forwarding --------------12

STP Active ---------------12

61200500L1-35E

Copyright 2005 ADTRAN

182

Command Reference Guide

Enable Mode Command Set

show stack [candidates | candidates realtime | realtime | topology | topology realtime]

Use the show stack command to view the status of all the switches configured for stacking. Syntax Description
show stack candidates candidates realtime realtime topology topology realtime Displays the mode of the switch as either master or member. If the mode is master, this command also gives the status of the stack members. Displays all units that have registered with this stack master. This option is only available on a switch configured as a stack master. Displays candidates output in real time. Displays full-screen output in real time. See Functional Notes below for more information. Displays the stack topology. This option is only available on a switch configured as a stack master. Displays the stack topology output in real time.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 1000 and 1000R Series units.

Command History
Release 8.1 Release 10.1 Command was introduced. The real time display option was introduced.

Functional Notes
The stack candidates are a list of units that could be added to the stack. They are not yet members. Use the realtime argument for this command to display full-screen output in real time. Information is continuously updated on the console until you either freeze the data (by pressing the F key) or exit realtime mode (by pressing Ctrl-C). If there is not enough room on the screen for all available data, the information will truncate at the bottom of the screen. In order to maximize the amount of data displayed, increase the terminal length (using the terminal length command; refer to terminal length <text> on page 199).

61200500L1-35E

Copyright 2005 ADTRAN

183

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following example displays the configuration of the switch stack while in stack-master mode: >enable #show stack Stack mode is MASTER Management Vlan is 2386, firmware version is 08.00.18.D Stack network is 169.254.0.0/24 Stack members... Member 2 3 # Member MAC address Mgmt IP Address Source Interface State stack member's Unit ID stack member's MAC address stack member's IP address interface that the stack member was learned from Up (member is up and functioning properly); Down (member was at one time functioning, but we have lost contact with it); Waiting (we are waiting for the unit to register with us; when he does, we will add it to the stack); Denied (the unit could not be added to the stack because the stack protocol versions were not compatible). Mac Address 00:A0:C8:02:CF:C0 00:A0:C8:00:8C:20 Mgmt IP Address 169.254.0.2 169.254.0.3 Source Interface Stack port Stack port State Up Up

The following example displays the configuration of the switch stack while in stack-member mode: >enable #show stack Stack mode is STACK-MEMBER My Unit ID is 3, management Vlan is 2386 Stack management network is 169.254.0.0/24 Stack Master info: Master is "Switch", learned via giga-eth 0/1 IP address is 169.254.0.1, MAC address is 00:DE:AD:00:65:83 # The following example displays all units that have registered with this stack-master.

61200500L1-35E

Copyright 2005 ADTRAN

184

Command Reference Guide >enable #show stack candidates Displaying all known Stack candidates... MAC Address 00:A0:C8:00:8C:20 00:A0:C8:00:F5:6C 00:A0:C8:02:CF:C0 # System Name LabSwitch1 LabSwitch2 LabSwitch3 Source Interface stack port stack port stack port

Enable Mode Command Set

AOS Revision 08.00.18 08.00.19.D 08.00.20.D

61200500L1-35E

Copyright 2005 ADTRAN

185

Command Reference Guide

Enable Mode Command Set

show startup-config
Use the show startup-config command to display a text printout of the startup configuration file stored in NVRAM. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following is a sample output of the show startup-config command: >enable #show startup-config ! ! no enable password ! ip subnet-zero ip classless ip routing ! event-history on no logging forwarding logging forwarding priority-level info no logging email ! ip policy-timeout tcp all-ports 600 ip policy-timeout udp all-ports 60 ip policy-timeout icmp 60 !

61200500L1-35E

Copyright 2005 ADTRAN

186

Command Reference Guide ! ! interface eth 0/1 speed auto no ip address shutdown ! interface dds 1/1 shutdown ! interface bri 1/2 shutdown ! ! ip access-list standard MatchAll permit host 10.3.50.6 permit 10.200.5.0 0.0.0.255 ! ! ip access-list extended UnTrusted deny icmp 10.5.60.0 0.0.0.255 any source-quench deny tcp any any ! no ip snmp agent ! ! !

Enable Mode Command Set

61200500L1-35E

Copyright 2005 ADTRAN

187

Command Reference Guide

Enable Mode Command Set

show startup-config checksum

Use the show startup-config checksum command to display the Message Digest 5 (MD5) checksum of the units startup configuration. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 8.1 Command was introduced.

Functional Notes
This command is used in conjunction with the show running-config checksum command to determine whether the configuration has changed since the last time it was saved.

Usage Examples
The following example displays the MD5 checksum of the units startup configuration: >enable #show startup-config checksum 10404D5DAB3FE35E307B6A79AC6AC8C0 # #show running-config checksum 10404D5DAB3FE35E307B6A79AC6AC8C0 #

61200500L1-35E

Copyright 2005 ADTRAN

188

Command Reference Guide

Enable Mode Command Set

show tacacs+ statistics

Use the show tacacs+ statistics command to display terminal access controller access control system (TACACS+) client statistics. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 11.1 Command was introduced.

Usage Examples
>enable #show tacacs+ statistics Authentication 0 0 0 0ms 0ms 0 0 0 0 0 0 0 0 Authorization 0 0 0 0ms 0ms Accounting 0 0 0 0ms 0ms

Packets sent: Invalid responses: Timeouts: Average delay: Maximum delay:

Socket Opens: Socket Closes: Socket Aborts: Socket Errors: Socket Timeouts: Socket Failed Connections: Socket Packets Sent: Socket Packets Received:

61200500L1-35E

Copyright 2005 ADTRAN

189

Command Reference Guide

Enable Mode Command Set

show tcp info [realtime] <control block>

Use the show tcp info command to display Transmission Control Protocol (TCP) control block information in the AOS. This information is for troubleshooting and debug purposes only. For more detailed information, you can optionally specify a particular TCP control block. When a particular TCP control block is specified, the system provides additional information regarding crypto map settings that the show tcp info command does not display. Syntax Description
realtime <control block> Displays full-screen output in real time. See the Functional Notes below for more information. Optional. Specifies a particular TCP control block for more detailed information.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 4.1 Release 10.1 Command was introduced. The real time display option was introduced.

Function Notes
Use the realtime argument for this command to display full-screen output in real time. Information is continuously updated on the console until you either freeze the data (by pressing the F key) or exit realtime mode (by pressing Ctrl-C). If there is not enough room on the screen for all available data, the information will truncate at the bottom of the screen. In order to maximize the amount of data displayed, increase the terminal length (using the terminal length command; refer to terminal length <text> on page 199).

Usage Examples
The following is a sample from the show tcp info command: >enable #show tcp info TCP TCB Entries

61200500L1-35E

Copyright 2005 ADTRAN

190

Command Reference Guide

Enable Mode Command Set

Usage Examples
ID 0 1 2 3 4 5 . . 31 STATE LSTATE OSTATE FREE FREE FREE FREE LISTEN FREE FREE LISTEN FREE FREE LISTEN FREE FREE LISTEN FREE FREE FREE FREE TYPE SRVR CONN CONN CONN CONN SRVR FLAGS RPORT LPORT SWIN 0 0 0 0 0 21 0 0 0 80 0 0 0 23 0 0 0 5761 0 0 0 0 0 0 SRT 0 0 0 0 0 0 INTERFACE NONE NONE NONE NONE NONE NONE

FREE

SRVR

NONE

61200500L1-35E

Copyright 2005 ADTRAN

191

Command Reference Guide

Enable Mode Command Set

show users [realtime]

Use the show users command to display the name (if any) and state of users authenticated by the system. Displayed information includes: Connection location (for remote connections this includes Transmission Control Protocol (TCP) information) Username of authenticated user Current state of the login (in process or logged in) Current enabled state Time the user has been idle on the connection

Syntax Description
realtime Displays full-screen output in real time. See the Functional Notes below for more information.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Release 10.1 Command was introduced. The real time display option was introduced.

61200500L1-35E

Copyright 2005 ADTRAN

192

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following is a sample of show users output: >enable #show users - CONSOLE 0 'adtran' logged in and enabled Idle for 00:00:00 - TELNET 0 (172.22.12.60:3998) 'password-only' logged in (not enabled) Idle for 00:00:14 - FTP (172.22.12.60:3999) 'adtran' logged in (not enabled) Idle for 00:00:03

61200500L1-35E

Copyright 2005 ADTRAN

193

Command Reference Guide

Enable Mode Command Set

show version
Use the show version command to display the current ADTRAN operating system (AOS) version information. Syntax Description
No subcommands.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following is a sample show version output: >enable #show version AOS version: 02.01.00 Checksum: 1505165C Built on: Fri Aug 23 10:23:13 2002 Upgrade key: 420987gacs9097gbdsado BootROM version: 02.01.00 Checksum: DB85 Built on: Mon Aug 19 10:33:03 2002 Copyright 1999-2002 ADTRAN Inc. Serial number b104 Router uptime is 0 days 3 hours 9 minutes 54 seconds System returned to ROM by External Hard Reset System image file is "020100.biz"

61200500L1-35E

Copyright 2005 ADTRAN

194

Command Reference Guide

Enable Mode Command Set

show vlan [brief | brief realtime | id <vlan id> | name <vlan name> | realtime]
Use the show vlan command to display current virtual local area network (VLAN) information. Syntax Description
brief brief realtime id <vlan id> name <vlan name> realtime Optional. Shows an abbreviated version of the VLAN information (brief description). Displays full-screen output in real time. See the Functional Notes below for more information. Optional. Shows information regarding a specific VLAN, specified by a VLAN interface ID (valid range: 1 to 4094). Optional. Shows information regarding a specific VLAN, specified by a VLAN interface name (up to 32 characters). Displays full-screen output in real time. See the Functional Notes below for more information.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

Command History
Release 5.1 Release 10.1 Command was introduced. The real time display option was introduced.

61200500L1-35E

Copyright 2005 ADTRAN

195

Command Reference Guide

Enable Mode Command Set

Usage Examples
The following is a sample show vlan output: >enable #show vlan VLAN Name Status -------------active Ports ----------eth 0/5, eth 0/6, eth 0/8, eth 0/13, eth 0/14, eth 0/15, eth 0/16, eth 0/17, eth 0/18, eth 0/19, eth 0/20, eth 0/21, eth 0/22, eth 0/23, eth 0/24, giga-eth 0/1, giga-eth 0/2

-------------------- -------------------1 Default

2 3 VLAN

accounting VLAN0003 Type

active active MTU -------------1500 1500

eth 0/1, eth 0/2 eth 0/3, eth 0/4, eth 0/7, eth 0/9, eth 0/10, eth 0/11, eth 0/12

-------------------- --------------1 enet 2 enet 3

The following is an example of the show vlan name command that displays VLAN 2 (accounting VLAN) information: >enable #show vlan name accounting VLAN Name Status ------------active MTU ------------1500 Ports ---------------eth 0/1, eth 0/2

-------------------- ---------------2 accounting VLAN Type -------------------- ---------------2 enet

61200500L1-35E

Copyright 2005 ADTRAN

196

Command Reference Guide

Enable Mode Command Set

telnet <address>
Use the telnet command to open a Telnet session (through the AOS) to another system on the network. Syntax Description
<address> Specifies the IP address of the remote system.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example opens a Telnet session with a remote system (10.200.4.15): >enable #telnet 10.200.4.15 User Access Login: Password:

61200500L1-35E

Copyright 2005 ADTRAN

197

Command Reference Guide

Enable Mode Command Set

telnet stack-member <unit id>

Use the telnet stack-member command to Telnet to a stack member. Syntax Description
<unit id> Specifies unit ID of the stack member to connect to via a Telnet session.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 1000 and 1000R Series units.

Command History
Release 8.1 Command was introduced.

Functional Notes
This command is only available when in stack-master mode.

Usage Examples
The following example Telnets to a member of the stack: >enable #telnet stack-member 3 Trying Stack Member 3...Press Ctrl+C to abort

61200500L1-35E

Copyright 2005 ADTRAN

198

Command Reference Guide

Enable Mode Command Set

terminal length <text>

The terminal length command sets the number of rows (lines) for a terminal session. Use the no form of this command to return to the default value. This command is only valid for the current session and returns to the default (24 rows) when the session closes. Syntax Description
No subcommands.

Default Values
The default setting for this command is 24 rows.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 6.1 Command was introduced.

Usage Examples
The following example sets the number of rows to 30. >enable #terminal length 30

61200500L1-35E

Copyright 2005 ADTRAN

199

203

Command Reference Guide

Enable Mode Command Set

write [dynvoice-config | erase | memory | network | terminal]

Use the write command to save the running configuration to the units nonvolatile random access memory (NVRAM) or a Trivial File Transfer Protocol (TFTP) server. Also use the write command to clear NVRAM or to display the running configuration on the terminal screen. Entering the write command with no other arguments copies your configuration changes to the units NVRAM. Once the save is complete, the changes are retained even if the unit is shut down or suffers a power outage. Syntax Description
dynvoice-config erase memory network terminal Optional. Writes dynvoice configuration information to the units NVRAM. Optional. Erases the configuration files saved to the units NVRAM. Optional. Saves the current configuration to NVRAM. Refer to copy <source>

<destination> on page 64 for more information.

Optional. Saves the current configuration to the network TFTP server. Refer to

copy tftp <destination> on page 67 for more information.

Optional. Displays the current configuration on the terminal screen.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 3.1 Command was introduced.

Usage Examples
The following example saves the current configuration to the units NVRAM: >enable #write memory

61200500L1-35E

Copyright 2005 ADTRAN

204

Command Reference Guide

Global Configuration Mode Command Set

Command Reference Guide Enter TEXT message. End with the character '#'. Authentication denied.# (config)#

Global Configuration Mode Command Set

(config)#aaa authentication username-prompt Enter Username: (config)#aaa authentication password-prompt Enter Password:

61200500L1-35E

Copyright 2005 ADTRAN

212

Command Reference Guide

Global Configuration Mode Command Set

aaa authentication enable default [none | line | enable | group <groupname> | group radius | group tacacs+]
Use the aaa authentication enable default command to create (or change) the list of fallback methods used for privileged mode access authentication. For more detailed information on AAA functionality, refer to the Technology Review section of the command aaa on on page 221. Syntax Description
none line enable group <groupname> group radius group tacacs+ Access automatically granted. Uses the line password for authentication. Uses the enable password for authentication. Uses the specified group of remote servers for authentication. Uses all defined RADIUS servers for authentication. Uses all defined TACACS+ servers for authentication.

Default Values
If there is no default methods list configured, the default behavior is to use the enable password for the unit. If there is no password configured, consoles are allowed access (this prevents a lock-out).

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Release 11. Command was introduced. The group tacacs+ command was added.

Functional Notes
A user is authenticated by trying the list of methods from first to last until a method succeeds or fails. If a method is unable to complete, the next method is tried. The group falls through if the servers in the remote group cannot be found. Note that enable access is a password-only process. The local-user database cannot be used, and the username given to any remote RADIUS server is $enab15$. The only list name allowed is default.

Usage Examples
The following example specifies using the line password as the first method for enable authentication and using the enable password as the second: (config)#aaa authentication enable default line enable

61200500L1-35E

Copyright 2005 ADTRAN

213

Command Reference Guide

Global Configuration Mode Command Set

aaa authentication login [<listname> | default] [none | line | enable | local | group <groupname> | group radius | group tacacs+]
Use the aaa authentication login command to create (or change) a named list with the ability to have a chain of fallback authentication methods for user authentication. Available methods for the fallback authentication methods are: no authentication (which grants login access without authentication), line password, enable password, local database, and defined group of servers. The defined server groups may be TACACS+ or RADIUS servers. For more detailed information on AAA functionality, refer to the Technology Review section of the command aaa on on page 221. Syntax Description
<listname> default none line enable local group <groupname> group radius group tacacs+ Specifies a named login list. Specifies the default list used to authenticate users when no other list is assigned. Access automatically granted. Uses line password (Telnet 0-4 or console 0-1) for authentication. Uses enable password for authentication. Uses local user database for authentication. Uses specified group of remote servers for authentication. Uses defined RADIUS servers for authentication. Uses defined TACACS+ servers for authentication.

Default Values
The login list named default is the default list used to authenticate users when no other list is assigned.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Release 11. Command was introduced. The group tacacs+ command was added.

Functional Notes
A user is authenticated by trying the list of methods from first to last until authentication succeeds or fails. If a method does not succeed or fail, the next method is tried. The local user database method falls through to the next method if the username does not appear in the database. The group method falls through if the servers in the remote group cannot be found. Refer to the command radius-server on page 311 or tacacs-server on page 341 for information on defining server groups.

61200500L1-35E

Copyright 2005 ADTRAN

214

Command Reference Guide

Global Configuration Mode Command Set

Command History
Release 11.1 Command was introduced.

Usage Examples
The following example enables authorization of configuration mode commands: (config)#aaa authorization config-command The following example enables authorization of console commands: (config)#aaa authorization console

61200500L1-35E

Copyright 2005 ADTRAN

218

Command Reference Guide

Global Configuration Mode Command Set

aaa group server [radius | tacacs+] <listname>

Use the aaa group server command to group pre-defined RADIUS and TACACS+ servers into named lists. For more detailed information on AAA functionality, refer to the Technology Review section of the command aaa on on page 221. Syntax Description
radius tacacs+ <listname> Groups defined RADIUS servers. Groups TACACS+ server. Specifies the name of the list.

Default Values
No default value necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Release 11.1 Command was introduced. TACACS+ server support was added.

Functional Notes
Use the radius-server command to specify RADIUS servers before adding them to a group. Likewise, use the tacacs-server command to specify TACACS+ servers before adding them to a group. These commands enter a mode for adding individual servers to the named group. Refer to Radius Group Command Set on page 499 or TACACS+ Group Configuration Command Set on page 501 for more information. The default group cannot be changed and includes all RADIUS servers in the order they were specified by the radius-server commands. The same is true of TACACS+ servers specified by the tacacs-server commands.

61200500L1-35E

Copyright 2005 ADTRAN

219

Command Reference Guide

Global Configuration Mode Command Set

Usage Examples
The following example creates the named list myServers and enters the RADIUS group: (config)#aaa group server radius myServers (config-sg-radius)# The following example creates the named list myServers and enters the TACACS+ group: (config)#aaa group server tacacs myServers (config-sg-tacacs+)#

61200500L1-35E

Copyright 2005 ADTRAN

220

Command Reference Guide

Global Configuration Mode Command Set

aaa on
Use the aaa on command to activate the AAA subsystem. Use the no form of this command to deactivate AAA. Syntax Description
No subcommands.

Default Values
By default, AAA is not activated.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
By default, the AAA subsystem is turned off and authentication follows the line technique (local, line, etc.). Once activated, the AAA lists override the methods specified in the line command.

Usage Examples
The following example activates the AAA subsystem: (config)#aaa on

Technology Review
AAA stands for authentication, authorization, and accounting. The AOS AAA subsystem currently supports authentication. Authentication is the means by which a user is granted access to the device (router). For instance, a username/password is authenticated before the user can use the CLI. VPN clients can also verify username/password before getting access through the device. There are several methods that can be used to authenticate a user: NONE Instant access LINE-PASSWORD Use the line password (telnet 0-4 or console 0-1) ENABLE-PASSWORD Use the enable password LOCAL-USERS Use the local-user database GROUP <groupname> Use a group of remote RADIUS servers

61200500L1-35E

Copyright 2005 ADTRAN

221

Command Reference Guide

Global Configuration Mode Command Set

The AAA system allows users to create a named list of these methods to attempt in order (if one fails, it falls to the next one on the list). This named list is then attached to a portal (telnet 0-4 or console 0-1). When a user Telnets in or accesses the terminal, the AAA system uses the methods from the named list to authenticate the user. The AAA system must be turned on to be active. By default it is off. Use the aaa on command to activate the AAA system. If a portal is not explicitly assigned a named list, the name default is automatically assigned to it. Users can customize the default list just like any other list. If no default list is configured, the following default behavior applies (defaults are based on portal): Instant access (NONE) is assigned to the console using the default list (when the list has not been configured). The local-user database is used for Telnet sessions using the default list (when the list has not been configured). No access is granted for FTP access using the default list (when the list has not been configured). Methods fail (and therefore cause the system to proceed to the next configured method) under the following circumstances: LINE and ENABLE passwords fall through if there are no LINE or ENABLE passwords configured. LOCAL-USERS fall through if the given user is not in the database. RADIUS server groups fall through if the given server(s) cannot be contacted on the network.

Example For a default list defined with the order [LINE, ENABLE, LOCAL, and GROUP mygroup], the following statements are true: If there is no LINE password, the list falls through to the ENABLE password. If there is no ENABLE password, the AAA system prompts the user for a username and password for the local-user database. If the given user is not in the local list, the username and password are handed to the remote servers defined in mygroup. A failure at any point (password not matching) denies access.

If the AAA process falls through the list completely, system behavior is based on portal: Console access is granted if the process falls completely through (this prevents a lock-out condition). Telnet and FTP are denied access.

61200500L1-35E

Copyright 2005 ADTRAN

222

Command Reference Guide

Global Configuration Mode Command Set

aaa processes <threads>

Use the aaa processes command to set the number of threads available to the AAA subsystem. Use the no form of this command to return to the default setting. For more detailed information on AAA functionality, refer to the Technology Review section of the command aaa on on page 221. Syntax Description
<threads> Specifies the number of threads available to the AAA subsystem. Range: 1 to 64.

Default Values
By default, this is set to 1 process.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
Increasing this number may speed up simultaneous authentication at the cost of system resources (e.g., memory).

Usage Examples
The following example specifies five available threads for the AAA subsystem: (config)#aaa processes 5

61200500L1-35E

Copyright 2005 ADTRAN

223

Command Reference Guide

Global Configuration Mode Command Set

arp <ip address> <mac address> arpa

Use this command to enter static entries into the address resolution protocol (ARP) table. Syntax Description
arpa <ip address> <mac address> Sets the standard address resolution protocol for this interface. Specifies the IP address. Specifies the MAC address.

Default Values
The default for this command is arpa.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Release 6.1 Command was introduced. Command was extended to include NetVanta 2000 Series units.

Usage Examples
The following example enables standard ARP for the VLAN interface: (config)#interface vlan 1 (config-interface-vlan 1)#arp 196.173.22.253 00:A0:C8:00:00:01 arpa

61200500L1-35E

Copyright 2005 ADTRAN

224

Command Reference Guide

Global Configuration Mode Command Set

auto-config [filename <name> | restart | retry-count <number>| server <name or address>]

Use the auto-config command to enable the automatic self-configuration feature in ADTRAN OS. Use the no form of this command to halt the Auto-Config process. For more detailed information on auto-config, see the Auto-Config Configuration Guide on the documentation CD, PN 61200560L1-29.2.

Refer to the Auto-Config Configuration Guide (61200560L1-29.2) for more information on this command. This document is located on the ADTRAN OS Documentation CD provided with your unit

Syntax Description
filename <name> restart retry-count <number> Specifies the configuration filename to download. Restarts auto-config parameters. Specifies the maximum number of retries. Range: 0 to 1000.

server <name or address> Specifies the IP address or host name of TFTP Server from which to download.

Default Values
By default, auto-config is disabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 11.1 Command was introduced.

Usage Examples
The following command enables auto-config: (config)#auto-config

Disabling and re-enabling auto-config restarts the download process.

61200500L1-35E

Copyright 2005 ADTRAN

225

Command Reference Guide

Global Configuration Mode Command Set

The following command specifies the name of the file to download: (config)#auto-config filename myConfig The following command restarts the auto-config process: (config)#auto-config restart The following command sets the number of retries when downloading a configuration file to 100: (config)#auto-config retry-count 100 The following command specifies the TFTP server IP address from which to download the configuration file: (config)#auto-config server 192.33.5.99 The following command specifies the TFTP server hostname from which to download the configuration file: (config)#auto-config server myHost

61200500L1-35E

Copyright 2005 ADTRAN

226

Command Reference Guide

Command Reference Guide

Global Configuration Mode Command Set

clock [auto-correct-dst | no-auto-correct-dst]

The clock auto-correct-dst command allows the unit to automatically correct for Daylight Saving Time (DST). Use the clock no-auto-correct-dst command to disable this feature. Syntax Description
auto-correct-DST no-auto-correct-DST Configures the unit to automatically correct for DST. Disables DST correction.

Global Configuration Mode Command Set

enable password [md5] <password>

Use the enable password command to define a password (with optional encryption) for accessing the Enable mode. Use the no enable password command to remove a configured password. To prevent unauthorized users from accessing the configuration functions of your device, immediately install an Enable-level password.

Syntax Description
md5 Optional. Specifies Message Digest 5 (MD5) as the encryption protocol to use when displaying the enable password during show commands. If the md5 keyword is not used, encryption is not used when displaying the Enable password during show commands Specifies the Enable Security mode password using a string (up to 30 characters in length).

Default Values
By default, there is no configured enable password.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

61200500L1-35E

Copyright 2005 ADTRAN

238

Command Reference Guide

Global Configuration Mode Command Set

Usage Examples
To provide extra security, the AOS can encrypt the Enable password when displaying the current configuration. For example, the following is a show configuration printout (password portion) with an unencrypted Enable password (ADTRAN): ! enable password ADTRAN ! Alternately, the following is a show configuration printout (password portion) with an Enable password of ADTRAN using MD5 encryption: ! enable password md5 encrypted 5aa5fbae7d01a90e79fb57705ce74676 !

61200500L1-35E

Copyright 2005 ADTRAN

239

Command Reference Guide

Global Configuration Mode Command Set

event-history on
Use the event-history on command to enable event logging for the AOS system. Event log messages will not be recorded unless this command has been issued (regardless of the event-history priority configured). The event log may be displayed using the show event-history command. Use the no form of this command to disable the event log. Syntax Description
No subcommands.

Default Values
By default, the AOS event logging capabilities are disabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Functional Notes
The event history provides useful information regarding the status of the system and individual port states. Use the event history as a troubleshooting tool when identifying system issues. The following is a sample event history log. #show event-history Using 526 bytes 2002.07.12 15:34:01 T1.t1 1/1 Yellow 2002.07.12 15:34:01 INTERFACE_STATUS.t1 1/1 changed state to down. 2002.07.12 15:34:02 T1.t1 1/1 No Alarms 2002.07.12 15:34:02 INTERFACE_STATUS.t1 1/1 changed state to up. 2002.07.12 15:34:03 INTERFACE_STATUS.eth 0/1 changed state to up. 2002.07.12 15:34:10 OPERATING_SYSTEM Warm Start 2002.07.12 15:34:12 PPP.NEGOTIATION LCP up 2002.07.12 15:34:12 PPP.NEGOTIATION IPCP up

Usage Examples
The following example enables the AOS event logging feature: (config)#event-history on

61200500L1-35E

Copyright 2005 ADTRAN

240

Command Reference Guide

Global Configuration Mode Command Set

event-history priority [error | fatal | info | notice | warning]

Use the event-history priority command to set the threshold for events stored in the event history. All events with the specified priority or higher will be kept for viewing in the local event log. The event log may be displayed using the show event-history command. Use the no form of this command to keep specified priorities from being logged. Syntax Description
Sets the minimum priority threshold for logging messages to the event history. The following priorities are available (ranking from lowest to highest): error Logs events with error and fatal priorities. fatal info notice warning Logs only events with a fatal priority. Logs all events. Logs events with notice, warning, error, and fatal priorities. Logs events with warning, error, and fatal priorities.

Default Values
By default, no event messages are logged to the event history.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Functional Notes
The event history provides useful information regarding the status of the system and individual port states. Use the event history as a troubleshooting tool when identifying system issues. The following is a sample event history log. Router#show event-history Using 526 bytes 2002.07.12 15:34:01 T1.t1 1/1 Yellow 2002.07.12 15:34:01 INTERFACE_STATUS.t1 1/1 changed state to down. 2002.07.12 15:34:02 T1.t1 1/1 No Alarms 2002.07.12 15:34:02 INTERFACE_STATUS.t1 1/1 changed state to up. 2002.07.12 15:34:03 INTERFACE_STATUS.eth 0/1 changed state to up. 2002.07.12 15:34:10 OPERATING_SYSTEM Warm Start 2002.07.12 15:34:12 PPP.NEGOTIATION LCP up 2002.07.12 15:34:12 PPP.NEGOTIATION IPCP up

61200500L1-35E

Copyright 2005 ADTRAN

241

Command Reference Guide

Command History
Release 8.1 Command was introduced.

Functional Notes
All devices communicating using GARP in the network need to have the same values for these timers. Changing these values is not recommended.

Usage Examples
The following example specifies the time (in milliseconds) between GARP application leave all messages: (config)#garp timer leaveall 20000

61200500L1-35E

Copyright 2005 ADTRAN

245

Command Reference Guide

Global Configuration Mode Command Set

gvrp
Use the gvrp command to enable or disable GVRP on the switch globally. Syntax Description
No subcommands.

Default Values
By default, GVRP is disabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 8.1 Command was introduced.

Functional Notes
Disabling GVRP globally will disable GVRP on all interfaces.

Usage Examples
The following example enables GVRP on the switch globally: (config)#gvrp

61200500L1-35E

Copyright 2005 ADTRAN

246

Command Reference Guide <icmp-code>

Global Configuration Mode Command Set

Optional. Filters ICMP packets that are filtered using the ICMP message type (using the <icmp-type> keyword) may also be filtered using the ICMP message code (valid range: 0 to 255). An <icmp-type> must be specified when entering an <icmp-code>.

<icmp-message>

Optional. Filters packets using ICMP descriptive message rather than the corresponding type and code associations.

Default Values
By default, all AOS security features are disabled and there are no configured access lists.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Global Configuration Mode Command Set

ip access-list standard <listname> [permit | deny] <ip address>

Use the ip access-list standard command to create an empty access list and enter the standard access-list. Use the no form of this command to delete an access list and all the entries contained in it. The following lists the complete syntax for the ip access-list standard commands:
ip access-list standard <listname> [permit | deny] any [permit | deny] host <ip address> [permit | deny] <ip address> <wildcard>

Syntax Description
<listname> Identifies the configured access list using an alphanumeric descriptor. All access list descriptors are case-sensitive. Permits or denies entry to the routing system for specified packets. Specifies the source IP address used for packet matching. IP addresses can be expressed in one of three ways: 1. Using the keyword any to match any IP address. For example, entering deny any will effectively shut down the interface that uses the access list because all traffic will match the any keyword. 2. Using the host <A.B.C.D> to specify a single host address. For example, entering permit host 196.173.22.253 will allow all traffic from the host with an IP address of 196.173.22.253. 3. Using the <A.B.C.D> <wildcard> format to match all IP addresses in a range. Wildcard masks work in reverse logic from subnet mask. Specifying a one in the wildcard mask equates to a dont care. For example, entering permit 192.168.0.0 0.0.0.255 will permit all traffic from the 192.168.0.0/24 network.

[permit | deny] <ip address>

Default Values
By default, all AOS security features are disabled and there are no configured access lists.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 9000 Series units.

Command History
Release 2.1 Command was introduced.

61200500L1-35E

Copyright 2005 ADTRAN

256

Command Reference Guide

Global Configuration Mode Command Set

Functional Notes
Access control lists are used as packet selectors by access policies (ACPs); by themselves they do nothing. ACLs are composed of an ordered list of entries with an implicit deny all at the end of each list. An ACL entry contains two parts: an action (permit or deny) and a packet pattern. A permit ACL is used to allow packets (meeting the specified pattern) to enter the router system. A deny ACL advances the AOS to the next access policy entry. The AOS provides two types of ACLs: standard and extended. Standard ACLs allow source IP address packet patterns only. Extended ACLs may specify patterns using most fields in the IP header and the TCP or UDP header. ACLs are performed in order from the top of the list down. Generally the most specific entries should be at the top and the most general at the bottom. The following commands are contained in the access-list standard: remark Associates a descriptive tag (up to 80 alphanumeric characters enclosed in quotation marks) to the access list. Enter a functional description for the list such as This list blocks all outbound web traffic. log Logs a message (if debug access-list is enabled for this access list) when the access list finds a packet match. permit or deny any Uses the any keyword to match any IP address received by the access list. For example, the following allows all packets through the configured access list: (config)#ip access-list standard MatchAll (config-std-nacl)#permit any permit or deny host <ip address> Uses the host <A.B.C.D> keyword to specify a single host address. For example, the following allows all traffic from the host with an IP address of 196.173.22.253. (config)#ip access-list standard MatchHost (config-std-nacl)#permit host 196.173.22.253 permit or deny <ip address> <wildcard> Uses the <A.B.C.D> <wildcard> format to match all IP addresses in a range. Wildcard masks work in reverse logic from subnet mask. Specifying a one in the wildcard mask equates to a dont care. For example, the following denies all traffic from the 192.168.0.0/24 network: (config)#ip access-list standard MatchNetwork (config-std-nacl)#deny 192.168.0.0 0.0.0.255

61200500L1-35E

Copyright 2005 ADTRAN

257

Command Reference Guide

Global Configuration Mode Command Set

Usage Examples
The following example creates an access list UnTrusted to deny all packets from the 190.72.22.248/30 network: (config)#ip access-list standard UnTrusted (config-std-nacl)#deny 190.72.22.248 0.0.0.3 For more details, refer to the ADTRAN OS System Documentation CD or the ADTRAN website (www.adtran.com) for technical support notes regarding access list configuration.

Technology Review
Creating access policies and lists to regulate traffic through the routed network is a four-step process: Step 1: Enable the security features of the AOS using the ip firewall command. Step 2: Create an access list to permit or deny specified traffic. Standard access lists provide pattern matching for source IP addresses only. (Use extended access lists for more flexible pattern matching.) IP addresses can be expressed in one of three ways: 1. Using the keyword any to match any IP address. For example, entering deny any will effectively shut down the interface that uses the access list because all traffic will match the any keyword. 2. Using the host <A.B.C.D> to specify a single host address. For example, entering permit host 196.173.22.253 will allow all traffic from the host with an IP address of 196.173.22.253. 3. Using the <A.B.C.D> <wildcard> format to match all IP addresses in a range. Wildcard masks work in reverse logic from subnet mask. Specifying a one in the wildcard mask equates to a dont care. For example, entering permit 192.168.0.0 0.0.0.255 will permit all traffic from the 192.168.0.0/24 network. Step 3: Create an access policy that uses a configured access list. AOS access policies are used to allow, discard, or manipulate (using NAT) data for each physical interface. Each ACP consists of a selector (access list) and an action (allow, discard, NAT). When packets are received on an interface, the configured ACPs are applied to determine whether the data will be processed or discarded. Possible actions performed by the access policy are as follows: allow list <access list names> All packets passed by the access list(s) entered will be allowed to enter the router system. discard list <access list names> All packets passed by the access list(s) entered will be dropped from the router system. allow list <access list names> policy <access policy name> All packets passed by the access list(s) entered and destined for the interface using the access policy listed will be permitted to enter the router system. This allows for configurations to permit packets to a single interface and not the entire system.

61200500L1-35E

Copyright 2005 ADTRAN

258

Command Reference Guide

Global Configuration Mode Command Set

Before applying an access control policy to an interface, verify your Telnet connection will not be affected by the policy. If a policy is applied to the interface you are connecting through and it does not allow Telnet traffic, your connection will be lost.
Step 4: Apply the created access policy to an interface. To assign an access policy to an interface, enter the interface configuration mode for the desired interface and enter access policy <policy name>. The following example assigns access policy MatchAll to the Ethernet 0/1 interface: (config)#interface ethernet 0/1 (config-eth 0/1)#access-policy MatchAll

61200500L1-35E

Copyright 2005 ADTRAN

259

Command Reference Guide

Global Configuration Mode Command Set

ip default-gateway <ip address>

Use the ip default-gateway command to specify a default gateway if (and only if) IP routing is NOT enabled on the unit. Use the ip route command to add a default route to the route table when using IP routing functionality. Syntax Description
<ip address> Specifies the default gateway IP address in the form of dotted decimal notation (example: 192.22.71.50).

Default Values
By default, there is no configured default-gateway.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Functional Notes
Only use the ip default-gateway when IP routing is disabled on the router. For all other cases, use the ip route 0.0.0.0 0.0.0.0 <ip address> command.

Usage Examples
The following example disables IP routing and configures a default gateway for 192.22.71.50: (config)#no ip routing (config)#ip default-gateway 192.22.71.50

61200500L1-35E

Copyright 2005 ADTRAN

260

Global Configuration Mode Command Set

ip dhcp-server ping timeout <milliseconds>

Use the ip dhcp-server ping timeout command to specify the interval (in milliseconds) the DHCP server will wait for a response to a transmitted DHCP ping packet. The DHCP server transmits ping packets before assigning an IP address to a requesting DHCP client. Transmitting ping packets verifies that no other hosts on the network are currently configured with the specified IP address. Use the no form of this command to return to the default timeout interval. Syntax Description
<milliseconds> Specifies the number of milliseconds (valid range: 1 to 1000) the DHCP server will wait for a response to a transmitted DHCP ping packet.

Default Values
By default, the ip dhcp-server ping timeout is set to 500 milliseconds.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 2.1 Command was introduced.

Usage Examples
The following example configures the DHCP server to wait 900 milliseconds for a response to a transmitted DHCP ping packet before considering the ping a failure: (config)#ip dhcp-server ping timeout 900

61200500L1-35E

Copyright 2005 ADTRAN

264

268

Command Reference Guide

Global Configuration Mode Command Set

ip ftp access-class <policyname> in

Use the ip ftp access-class in command to assign an access policy to all self-bound File Transfer Protocol (FTP) sessions. Syntax Description
<policyname> Specifies the configured access policy (ACP) to apply to inbound FTP traffic.

Default Values
By default, all FTP access is allowed.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 2.1 Command was introduced.

Usage Examples
The following example applies the configured ACP (labeled Inbound_FTP) to inbound FTP traffic: (config)#ip ftp access-class Inbound_FTP in

61200500L1-35E

Copyright 2005 ADTRAN

269

Command Reference Guide

Global Configuration Mode Command Set

ip ftp agent
Use the ip ftp agent command to enable the file transfer protocol (FTP) agent. Syntax Description
No subcommands.

Default Values
By default, the FTP agent is enabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 4.1 Command was introduced.

Usage Examples
The following example enables the IP FTP agent: (config)#ip ftp agent

61200500L1-35E

Copyright 2005 ADTRAN

270

Command Reference Guide

Global Configuration Mode Command Set

ip ftp source-interface <interface>

Use the ip ftp source-interface command to use the specified interfaces IP address as the source IP address for FTP traffic transmitted by the unit. Use the no form of this command if you do not wish to override the normal source IP address. Syntax Description
<interface> Specifies the interface to be used as the source IP address for FTP traffic. Type ip ftp source-interface? for a complete list of valid interfaces.

Default Values
No default value is necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 6.1 Release 9.1 Command was introduced. Command expanded to include HDLC interface.

Functional Notes
This command allows you to override the sender field in the IP packet. If you have multiple interfaces in your unit, changing the sender tells the receiver where to send replies. This functionality can also be used to allow packets to get through firewalls that would normally block the flow.

Usage Examples
The following example configures the unit to use the loopback 1 interface as the source IP for FTP traffic: (config)#ip ftp source-interface loopback 1

61200500L1-35E

Copyright 2005 ADTRAN

271

Command Reference Guide

Global Configuration Mode Command Set

Command Reference Guide

Global Configuration Mode Command Set

ip radius source-interface <interface>

Use the ip radius source-interface command to specify the network-attached storage (NAS) IP address attribute passed with the RADIUS authentication request packet. Syntax Description
<interface> Specifies the source interface (in the format type slot/port). Type ip radius source-interface ? for a complete list of interfaces.

Default Values
By default, no source interface is defined.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
If this value is not defined, the address of the source network interface is used.

Usage Examples
The following example configures the Ethernet 0/1 port to be the source interface: (config)#ip radius source-interface ethernet 0/1 Release 11.1 Demand added as a supported interface.

61200500L1-35E

Copyright 2005 ADTRAN

275

Command Reference Guide

Global Configuration Mode Command Set

Command History
Release 1.1 Release 11.1 Command was introduced. Command was expanded to include SSH.

Usage Examples
The following example begins the configuration for the CONSOLE port located on the rear of the unit: (config)#line console 0 (config-con0)# The following example begins the configuration for all available Telnet sessions: (config)#line telnet 0 4 (config-telnet0-4)# The following example begins the configuration for all available SSH sessions: (config)#line ssh 0 4 (config-ssh0-4)#

61200500L1-35E

Copyright 2005 ADTRAN

282

Command Reference Guide

Global Configuration Mode Command Set

lldp [minimum-transmit-interval l reinitialization-delay l transmit-interval l ttl-multiplier] <numeric value>

Use the lldp command to configure global settings that control the way LLDP functions. Syntax Description
minimum-transmit-interval reinitialization-delay Defines the minimum amount of time between transmission of LLDP frames (in seconds). Defines the minimum amount of time to delay after LLDP is disabled on a port before allowing transmission of additional LLDP frames on that port (in seconds). Defines the delay between LLDP frame transmission attempts during normal operation (in seconds). Defines the multiplier to be applied to the transmit interval to compute the time-to-live for data sent in an LLDP frame. Specifies the interval, delay, or multiplier.

transmit-interval ttl-multiplier <numeric value>

Default Values
By default, minimum-transmit-interval = 2 seconds (valid range: 1 through 8192); reinitialization-delay = 2 seconds (valid range 1 through 10); transmit-interval = 30 seconds (valid range 5 through 32,768); and ttl-multiplier = 4 (valid range 2 through 10).

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 8.1 Command was introduced.

Functional Notes
Once a device receives data from a neighboring device in an LLDP frame, it will retain that data for a limited amount of time. This amount of time is called time-to-live, and it is part of the data in the LLDP frame. The time-to-live transmitted in the LLDP frame is equal to the transmit interval multiplied by the TTL multiplier.

61200500L1-35E

Copyright 2005 ADTRAN

283

Command Reference Guide

Global Configuration Mode Command Set

Usage Examples
The following example sets the LLDP minimum transmit interval to 10 seconds: (config)#lldp minimum-transmit-interval 10 The following example sets the LLDP reinitialization delay to 5 seconds: (config)#lldp reinitialization-delay 5 The following example sets the LLDP transmit interval to 15 seconds: (config)#lldp transmit-interval 15 The following example sets the LLDP TTL multiplier to 2 and the time-to-live for all LLDP frames transmitted from this unit to 30 seconds; (config)#lldp transmit-interval 15 (config)#lldp ttl-multiplier 2

61200500L1-35E

Copyright 2005 ADTRAN

284

293

Command Reference Guide

Global Configuration Mode Command Set

Usage Examples
The following example configures the syslog facility to the cron facility type: (config)#logging facility cron

61200500L1-35E

Copyright 2005 ADTRAN

302

Command Reference Guide

Global Configuration Mode Command Set

port-auth max-req <number>

Use the port-auth max-req command to specify the maximum number of identity requests the authenticator will transmit before restarting the authentication process. Syntax Description
<number> Specifies the maximum number of authentication requests.

Default Values
By default, the maximum number of authentication requests is set at 2.

Applicable Platforms
This command applies to the NetVanta 1000 and 1000R Series units.

Command History
Release 10.1 Command was introduced.

Usage Examples
The following example sets the maximum number of authentication requests at 4: (config)#port-auth max-req 4

61200500L1-35E

Copyright 2005 ADTRAN

303

Command Reference Guide

Global Configuration Mode Command Set

port-auth re-authentication
Use the port-auth re-authentication command to enable re-authentication. Syntax Description
No subcommands necessary.

Default Values
By default, re-authentication is disabled.

Applicable Platforms
This command applies to the NetVanta 1000 and 1000R Series units.

Command History
Release 10.1 Command was introduced.

Usage Examples
The following example enables re-authentication: (config)#port-auth reauthentication

61200500L1-35E

Copyright 2005 ADTRAN

304

Command Reference Guide

Global Configuration Mode Command Set

port-auth timeout [quiet-period <seconds> | re-authperiod <seconds> | tx-period <seconds>]

Use the port-auth timeout command to configure various port authentication timers. Syntax Description
quiet-period <seconds> re-authperiod <seconds> tx-period <seconds> Specifies the amount of time the system will wait before attempting another authentication once a failure has occurred. Range is 1 to 65,535. Specifies the amount of time between scheduled re-authentication attempts. Range is 1 to 4,294,967,295. Specifies the amount of time the authenticator will wait between identity requests. Range is 1 to 65,535.

Default Values
By default, quiet-period is set to 60 seconds, re-authperiod is set to 3600 seconds (1 hour), and tx-period is set to 30 seconds.

Applicable Platforms
This command applies to the NetVanta 1000 and 1000R Series units.

Command History
Release 10.1 Command was introduced.

Usage Examples
The following example sets the quiet-period to 10 seconds: (config)#port-auth timeout quiet-period 10

61200500L1-35E

Copyright 2005 ADTRAN

305

Command Reference Guide

Global Configuration Mode Command Set

port-channel load-balance [dst-mac | src-mac]

Use the port-channel load-balance command to configure port aggregation load distribution. Use the no form of this command to reset distribution to its default. Syntax Description
dst-mac src-mac Specifies the destination MAC address. Specifies the source MAC address.

Default Values
By default, load balance is set to src-mac.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
During port aggregation, the port channel interface must determine on which physical port to transmit packets. With the source-address configuration, the source MAC address of the received packets is used to determine this allocation. Packets coming from a specific host always use the same physical port. Likewise, when the destination address configuration is used, packets are forwarded based on the MAC address of the destination. Packets destined for a specific host always use the same physical port.

Usage Examples
The following example sets the load distribution to use the destination MAC address: (config)# port-channel load-balance dst-mac

61200500L1-35E

Copyright 2005 ADTRAN

306

Command Reference Guide

Global Configuration Mode Command Set

qos cos-map <cos queue id> <cos value 0> <cos value 1>...<cos val 7>
Use the qos cos-map command to associate cost of service (CoS) values with each queue. Syntax Description
<cos queue id> <cos val 0> <cos val 1-7> Specifies the queue number to which you are assigning CoS value(s). Associates listed CoS values with a particular priority queue. Optional. Associates up to eight CoS values with the queue.

Default Values
By default, CoS 0 and 1 are mapped to queue 1; CoS 2 and 3 are mapped to queue 2; CoS 4 and 5 are mapped to queue 3; CoS 6 and 7 are mapped to queue 4.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following example maps CoS values 4 and 5 to queue 1: (config)#qos cos-map 1 4 50

61200500L1-35E

Copyright 2005 ADTRAN

307

Command Reference Guide

Global Configuration Mode Command Set

qos dscp-cos [<dscp-list> to <cos-priority-list> | default]

Use the qos dscp-cos command to set the Differentiated Services Codepoint (DSCP) to Class of Service (CoS) map and enable the mapping process. Use the no form of this command to disable mapping. Syntax Description
<dscp-list> <cos-priority-list> default Specifies DSCP values (separating multiple values with a space). Specifies CoS values (separating multiple values with a space). Sets the map to the following default values: DSCP CoS | 0 | 16 | 24 | 32 | 40 | 48 | 56 | 1 | 2 | 3 | 4 | 5 | 6 | 7

Default Values
By default, this command is disabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 7.1 Command was introduced.

Functional Notes
When one of the specified DSCP values is detected in an incoming packet, the CoS priority is altered based on the corresponding map value. By configuring the list, the mapping functionality is enabled.

Usage Examples
The following example enables the mapping of DSCP values 24 and 48 to CoS values 1 and 2: (config)#qos dscp-cos 24 48 to 1 2 The following example disables DSCP-to-CoS mapping: (config)#no qos dscp-cos

61200500L1-35E

Copyright 2005 ADTRAN

308

Command Reference Guide

Global Configuration Mode Command Set

qos queue-type strict-priority

Use the qos queue-type strict-priority command to enable queuing based strictly on the priority of each queue. Syntax Description
No subcommands.

Default Values
By default, the queue type is weighted round robin (WRR).

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following example enables strict-priority queuing: (config)#qos queue-type strict-priority

61200500L1-35E

Copyright 2005 ADTRAN

309

Command Reference Guide

Global Configuration Mode Command Set

qos queue-type wrr <weight1> <weight2> <weight3> [ <weight4> | expedite]

Use the qos queue-type wrr command to set weights for up to four queues. Use the no form of this command to set all queues to be weighted round robin (WRR). Syntax Description
<weight1-4> Sets the weight of each queue (up to four). All queue weights must be greater than zero except for the weight for the last queue (queue 4). The range for queues 1 to 3 is 1 to 255. The range for queue 4 is 0 to 255. The queue 4 entry can be replaced by the expedite command. If set to expedite, then it becomes a high-priority queue. All outbound traffic is transmitted on an expedite queue prior to any other traffic in other queues.

expedite

Default Values
By default, all four weights are set to 25.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
The actual weight is a calculated value based on the sum of all entered weights. It is the ratio of the individual weight over the sum of all weights. For example: If the user enters 10, 20, 30, and 40 as the weight values, the first queue will have a ratio of 1/10. This is derived from the formula 10/(10+20+30+40). Therefore, this queue will transmit 1 packet out of every 10 opportunities.

Usage Examples
The following example configures weights for all four queues: (config)#qos queue-type wrr 10 20 30 40

61200500L1-35E

Copyright 2005 ADTRAN

310

Command Reference Guide

Global Configuration Mode Command Set

radius-server
Use the radius-server command to configure several global RADIUS parameters. Most of these global defaults can be overridden on a per-server basis. Variations of this command include the following:
radius-server challenge-noecho radius-server deadtime <minutes> radius-server enable-username <name> radius-server key <key> radius-server retry <attempts> radius-server timeout <seconds>

Syntax Description
challenge-noecho Turns off echoing of user challenge-entry. When echo is turned on, users see the text of the challenge as they type responses. Enabling this option hides the text as it is being entered. Specifies how long a RADIUS server is considered dead once a timeout occurs. The server will not be tried again until after the deadtime expires. Specifies a username to be used for enable authentication. Specifies the shared key to use with a RADIUS server. Specifies how many attempts to make on a RADIUS server before marking it dead. Specifies how long to wait for a RADIUS server to respond to a request.

deadtime <minutes> enable-username <name> key <key> retry <attempts> timeout <seconds>

Default Values
challenge-noecho deadtime key retry timeout enable-username By default, echo is turned on. 1 minute No default 3 attempts 5 seconds $enab15$

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

61200500L1-35E

Copyright 2005 ADTRAN

311

Command Reference Guide

Global Configuration Mode Command Set

Command History
Release 5.1 Release 7.1 Command was introduced. Added enable-username selection.

Functional Notes
RADIUS servers (as defined with the radius-server command) may have many optional parameters. However, they are uniquely identified by their addresses and ports. Port values default to 1812 and 1813 for authorization and accounting, respectively. If a server is added to a named group but is not defined by a radius-server command, the server is simply ignored when accessed. Empty server lists are not allowed. When the last server is removed from a list, the list is automatically deleted.

Usage Examples
The following example shows a typical configuration of these parameters: (config)#radius-server challenge-noecho (config)#radius-server deadtime 10 (config)#radius-server timeout 2 (config)#radius-server retry 4 (config)#radius-server key my secret key

61200500L1-35E

Copyright 2005 ADTRAN

312

Command Reference Guide

Global Configuration Mode Command Set

radius-server host
Use the radius-server host to specify the parameters for a remote RADIUS server. At a minimum, the address (IP or DNS name) of the server must be given. The other parameters are also allowed and (if not specified) will take default values or fall back on the global RADIUS servers default settings. Syntax Description
acct-port <port#> auth-port <port#> retry <attempts> timeout <seconds> key <key> Sends accounting requests to this remote port. Sends authentication requests to this remote port. Retries server after timeout this number of times (uses RADIUS global setting if not given). Waits for a response this number of seconds (uses RADIUS global setting if not given). Defines the shared key with the RADIUS server (uses RADIUS global setting if not given). Note that the key must appear last on the input line since it reads the rest of the line beyond the key keyword. Defines an encrypted shared key with the RADIUS server (uses RADIUS global setting if not given). Note that the key must appear last on the input line since it reads the rest of the line beyond the key keyword.

key encrypted <key>

Default Values
By default, acct-port is set to 1813 and auth-port is set to 1812.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Release 11.1 Command was introduced. Command was expanded to include the key encrypted command.

Usage Examples
The following example shows a typical configuration of these parameters: (config)#radius-server host 1.2.3.4 (config)#radius-server host 3.3.1.2 acct-port 1646 key my key

61200500L1-35E

Copyright 2005 ADTRAN

313

Command Reference Guide

Global Configuration Mode Command Set

service password-encryption
Use the service password-encryption command to turn on global password protection. Use the no form of this command to return to default settings. If you need to go back to a previous revision of the code (e.g., AOS Revision 10), this command must be disabled first. Once the service is disabled, all necessary passwords must be re-entered so that they are in the clear text form. If this is not done properly, you will not be able to log back in to the unit after you revert to a previous revision that does not support password encryption. Syntax Description
No subcommands.

Default Values
By default, global password protection is disabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 11.1 Command was introduced.

Functional Notes
When enabled, all currently configured passwords are encrypted. Also, any new passwords are encrypted after they are entered. Password encryption is applied to all passwords, including passwords for username, enable, Telnet/console, PPP, BGP, and authentication keys. When passwords are encrypted, unauthorized persons cannot view them in configuration files since the encrypted form of the password is displayed in the running-config. While this provides some level of security, the encryption method used with password encryption is not a strong form of encryption so you should take additional network security measures.

You cannot recover a lost encrypted password. You must erase the startup-config and set a new password.

Usage Examples
The following example enables password encryption for all passwords on the unit: (config)#service password-encryption

61200500L1-35E

Copyright 2005 ADTRAN

314

Command Reference Guide

Global Configuration Mode Command Set

snmp-server chassis-id <id string>

Use the snmp-server chassis-id command to specify an identifier for the Simple Network Management Protocol (SNMP) server. Use the no form of this command to return to the default value. Syntax Description
<id string> Identifies the product using an alphanumeric string (up to 32 characters in length).

Default Values
By default, the snmp-server chassis-id is set to Chassis ID.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example configures a chassis ID of A432692: (config)#snmp-server chassis-id A432692

61200500L1-35E

Copyright 2005 ADTRAN

315

Command Reference Guide

Command Reference Guide

Global Configuration Mode Command Set

snmp-server enable traps <trap type> [snmp]

Use the snmp-server enable traps command to enable all Simple Network Management Protocol (SNMP) traps available on your system or specified using the <trap type> option. Use multiple snmp-server enable traps to enable multiple trap types. Use the no form of this command to disable traps (or the specified traps). Syntax Description
<trap type> Specifies the type of notification trap to enable. Leaving this option blank enables ALL system traps. Optional. Enables a subset of traps specified in RFC1157. The following traps are supported: coldStart warmStart linkUp linkDown authenticationFailure

snmp

Default Values
By default, there are no enabled traps.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example enables the SNMP traps: (config)#snmp-server enable traps snmp

61200500L1-35E

Copyright 2005 ADTRAN

319

Command Reference Guide

Global Configuration Mode Command Set

snmp-server host <address> traps <community> <trap type> [snmp]

Use the snmp-server host traps command to specify traps sent to an identified host. Use multiple snmp-server host traps commands to specify all desired hosts. Use the no form of this command to return to the default value. Syntax Description
<address> <community> <trap type> snmp Specifies the IP address of the SNMP host that receives the traps. Specifies the community string (used as a password) for authorized agents to obtain access to SNMP information. Specifies the type of notification trap to enable. Leaving this option blank enables ALL system traps. Optional. Enables a subset of traps specified in RFC1157. The following traps are supported: coldStart warmStart linkUp linkDown authenticationFailure

Default Values
By default, there are no hosts or traps enabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example sends all SNMP traps to the host at address 190.3.44.69 and community string My Community: (config)#snmp-server host 190.3.44.69 traps My Community snmp

61200500L1-35E

Copyright 2005 ADTRAN

Command Reference Guide

Command Reference Guide

Global Configuration Mode Command Set

spanning-tree edgeport bpdufilter default

Use the spanning-tree edgeport bpdufilter default command to enable the BPDU filter on all ports by default. Use the no form of this command to disable the setting. Syntax Description
No subcommands.

Default Values
Disabled by default.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
The BPDU filter blocks any BPDUs from being transmitted and received on an interface. This can be overridden on an individual port.

Usage Examples
The following example enables the bpdufilter on all ports by default: (config)#spanning-tree edgeport bpdufilter default To disable the BPDU filter on a specific interface, issue the appropriate commands for the given interface using the following commands as an example: (config)#interface ethernet 0/1 (config-eth 0/1)#spanning-tree bpdufilter disable

61200500L1-35E

Copyright 2005 ADTRAN

330

Command Reference Guide

Command Reference Guide

Global Configuration Mode Command Set

This example adds the switch with the CPU MAC address 00:A0:C8:00:8C:20 to the stack; also assigns the number 2 as the new stack member's unit ID. (config)#stack member 00:A0:C8:00:8C:20 2 This example specifies that this unit is in the stack using VLAN 2000 as its management VLAN; also specifies that this unit is in stack member mode (not a stack-master). (config)#stack vlan 2000

61200500L1-35E

Copyright 2005 ADTRAN

340

Command Reference Guide

Global Configuration Mode Command Set

tacacs-server
Use the tacacs-server command to customize setting for communication with TACACS servers. Use the no form of this command to return to default settings. Variations of this command include the following: tacacs-server host <hostname or IP address> tacacs-server host <hostname or IP address> key <key> tacacs-server host <hostname or IP address> port <TCP port> tacacs-server host <hostname or IP address> timeout <seconds> tacacs-server key <key> tacacs-server packet maxsize <maximum packet size> tacacs-server timeout <seconds> Syntax Description<
Specifies the IP host by name or IP address. Sets an encryption string to be used for encrypting and decrypting the traffic between the Network Access Server (NAS) and the TACACS+ daemon. Setting a key for a particular server (using the tacacs-server host <name/IP> key <key> command) supersedes keys set globally using the tacacs-server key <key> command. port <tcp port> Specifies the TCP port number to be used when connecting to the TACACS+ daemon. timeout <seconds> Specifies a timeout limit (in seconds) that the unit will wait for a response from the daemon before declaring an error. Range is 1 to 1000 seconds. Setting a timeout for a particular server (using the tacacs-server host <name/IP> timeout <seconds> command) supersedes time limits set globally using the tacacs-server timeout <seconds> command. packet maxsize <size> Specifies a maximum packet size for this server. Range is 10,240 to 65,535. host <name/IP> key <key>

Default Values
By default, the key is set to key and the default TCP port number is 49.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 11.1 Command was introduced.

Usage Examples
The following example sets a timeout limit of 60 seconds for the specified server: (config)#tacacs-server host 10.5.6.7 timeout 60

61200500L1-35E

Copyright 2005 ADTRAN

341

Command Reference Guide

Global Configuration Mode Command Set

username <username> password <password>

Use this command to configure the username and password to use for all protocols requiring a username-based authentication system including FTP server authentication, line (login local-user list), and HTTP access. Syntax Description
<username> <password> Specifies a username using an alphanumerical string up to 30 characters in length (the username is case-sensitive). Specifies a password using an alphanumerical string up to 30 characters in length (the password is case-sensitive).

Default Values
By default, there is no established username and password.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Functional Notes
All users defined using the username/password command are valid for access to the unit using the login local-userlist command.

Usage Examples
The following example creates a username of ADTRAN with password ADTRAN: (config)#username ADTRAN password ADTRAN

61200500L1-35E

Copyright 2005 ADTRAN

342

Command Reference Guide

Global Configuration Mode Command Set

vlan <vlan id>

Use the vlan command to enter the VLAN configuration mode. Refer to the section for more information. Syntax Description
<vlan id> Specifies a valid VLAN ID (1 to 4094).

Default Values
No defaults necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following example enters the VLAN configuration mode for VLAN 1: (config)#vlan 1 (config-vlan 1)#

61200500L1-35E

Copyright 2005 ADTRAN

343

Command Reference Guide

Line (Console) Interface Config Command Set

LINE (CONSOLE) INTERFACE CONFIG COMMAND SET

61200500L1-35E

Copyright 2005 ADTRAN

347

350

Command Reference Guide

Line (Console) Interface Config Command Set

login authentication <aaa login list>

Use the login authentication command to specify the named AAA login list to use for authenticating users connecting on this line. Syntax Description
<aaa login list> Specifies the AAA login list to use for authentication.

Default Values
The default value is the default AAA list.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
If the AAA subsystem is activated but no login authentication list is given, the default list is used. If the default list is used but the default list is not configured, the behavior for consoles is to be granted access. This prevents a lockout configuration.

Usage Examples
The following example specifies that myList will be used for authenticating users connecting on this line: (config)#line console 0 (config-con 0)#login authentication myList

61200500L1-35E

Copyright 2005 ADTRAN

351

Command Reference Guide

Line (Console) Interface Config Command Set

login local-userlist
Use the login local-userlist command to enable security login for the terminal session requiring the usernames and passwords configured using the username/password Global Configuration command. Use the no form of this command to disable the login local-userlist feature. All user properties assigned using the username/password command are valid when using the login local-userlist command.

Syntax Description
No subcommands.

Default Values
By default, there is no login password set for access to the unit.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example displays creating a local userlist and enabling the security login feature on the CONSOLE port: (config)#username my_user password my_password (config)#line console 0 (config-con 0)#login local-userlist When connecting to the unit, the following prompts are displayed: User Access Login Username: ADTRAN Password: Router#

61200500L1-35E

Copyright 2005 ADTRAN

352

Command Reference Guide

Line (Console) Interface Config Command Set

parity [even | mark | none | odd | space]

Use the parity command to specify the type of parity used as error correction. This value must match the configuration of your VT100 terminal or terminal emulator software. Use the no form of this command to return to the default value. Syntax Description
even mark none odd space Sets the parity bit to 0 if the number of 1 bits in the data sequence is odd, or set to 1 if the number of 1 bits is even. Always sets the parity bit to 1. No parity bit used. Sets the parity bit to 1 if the number of 1 bits in the data sequence is even, or set to 1 if the number is odd. Always sets the parity bit to 0.

Default Values
By default, the parity option is set to none.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Functional Notes
Parity is the process used to detect whether characters have been altered during the data transmission process. Parity bits are appended to data frames to ensure that parity (whether it be odd or even) is maintained.

Usage Examples
The following example specifies mark parity for the console terminal session: (config)#line console 0 (config-con 0)#parity mark

61200500L1-35E

Copyright 2005 ADTRAN

353

356

Command Reference Guide

Line (SSH) Interface Config Command Set

LINE (SSH) INTERFACE CONFIG COMMAND SET

To activate the Line Secure Shell (SSH) Interface Configuration mode, enter the line ssh command specifying a SSH session(s) at the Global Configuration mode prompt. For example:
>enable #configure terminal (config)#line ssh 0 4 (config-ssh0-4)#

You can select a single line by entering the line ssh command followed by the line number (0-4). For example:
>enable #configure terminal (config)#line ssh 2 (config-ssh2)#

The following commands are common to multiple command sets and are covered in a centralized section of this guide. For more information, refer to the sections listed below: do on page 30 end on page 31 exit on page 32 shutdown on page 33 All other commands for this command set are described in this section in alphabetical order. access-class <listname> in on page 358 accounting commands [<level> l <name> l default] on page 359 authorization commands [<level> l <name> l default] on page 360 line-timeout <minutes> on page 361 login on page 362 login authentication <aaa login list> on page 363 login local-userlist on page 364

61200500L1-35E

Copyright 2005 ADTRAN

357

Command Reference Guide

Line (SSH) Interface Config Command Set

access-class <listname> in
Use the access-class in command to restrict Secure Shell (SSH) access using a configured access list. Received packets passed by the access list will be allowed. Use the access list configuration to deny hosts or entire networks or to permit specified IP addresses. See ip access-list standard <listname> [permit | deny] <ip address> on page 256 and ip access-list extended <listname> on page 250 for more information about configuring access lists. Syntax Description
<listname> Identifies the configured access list using an alphanumeric descriptor (all access list descriptors are case-sensitive).

Line (Telnet) Interface Config Command Set

LINE (TELNET) INTERFACE CONFIG COMMAND SET

To activate the Line (Telnet) Interface Configuration mode, enter the line telnet command specifying a Telnet session(s) at the Global Configuration mode prompt. For example:
>enable #configure terminal (config)#line telnet 0 4 (config-telnet0-4)#

You can select a single line by entering the line telnet command followed by the line number (0-4). For example:
>enable #configure terminal (config)#line telnet 2 (config-telnet2)#

61200500L1-35E

365

Command Reference Guide

Line (Telnet) Interface Config Command Set

access-class <listname> in
Use the access-class in command to restrict Telnet access using a configured access list. Received packets passed by the access list will be allowed. Use the access list configuration to deny hosts or entire networks or to permit specified IP addresses. See ip access-list standard <listname> [permit | deny] <ip address> on page 256 and ip access-list extended <listname> on page 250 for more information about configuring access lists. Syntax Description
<listname> Identifies the configured access list using an alphanumeric descriptor (all access list descriptors are case-sensitive).

Default Values
By default, there are no configured access lists associated with Telnet sessions.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Functional Notes
When using the access-class in command to associate an access list with a Telnet session, remember to duplicate the access-class in command for all configured Telnet sessions 0 through 4. Telnet access to the unit using a particular Telnet session is not possible. Users will be assigned the first available Telnet session.

Usage Examples
The following example associates the access list Trusted (to allow Telnet sessions from the 192.22.56.0/24 network) with all Telnet sessions (0 through 4): Create the access list: (config)#ip access-list standard Trusted (config)#permit 192.22.56.0 0.0.0.255 Enter the line (telnet): (config)#line telnet 0 4 Associate the access list with the Telnet session: (config-telnet0-4)#access-class Trusted in

61200500L1-35E

366

Command Reference Guide

Line (Telnet) Interface Config Command Set

accounting commands [<level> l <name> l default]

Default Values
The default for this command is off.

Ethernet Interface Configuration Command Set

ETHERNET INTERFACE CONFIGURATION COMMAND SET

There are four types of Ethernet interfaces associated with the AOS: Basic Ethernet interfaces (e.g., eth 0/1) Gigabit Ethernet interfaces (e.g., giga-eth 0/3) Ethernet sub-interfaces associated with a VLAN (e.g., eth 0/1.1) Ethernet interface range (e.g., eth 0/1, 0/8)

To activate the basic Ethernet Interface Configuration mode, enter the interface ethernet command at the Global Configuration mode prompt. For example:
>enable #configure terminal (config)#interface ethernet 0/1 (config-eth 0/1)#

To activate the Gigabit Ethernet Interface Configuration mode, enter the interface gigabit-ethernet command at the Global Configuration mode prompt. For example:
>enable #configure terminal (config)#interface gigabit-ethernet 0/3 (config-giga-eth 0/3)#

To activate the Ethernet Sub-Interface Configuration mode, enter the interface ethernet command at the Global Configuration mode prompt. For example:
>enable #configure terminal (config)#interface ethernet 0/1.1 (config-eth 0/1.1)#

arp arpa
Use the arp arpa command to enable address resolution protocol (ARP) on the Ethernet interface. Syntax Description
arpa Sets standard address resolution protocol for this interface.

Default Values
The default for this command is arpa.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 3.1 Release 5.1 Command was introduced. Command was expanded to include Ethernet sub-interfaces and Gigabit Ethernet interfaces.

Usage Examples
The following example enables standard ARP for the Ethernet interface: (config)#interface eth 0/1 (config-eth 0/1)#arp arpa

61200500L1-35E

377

Command Reference Guide

Ethernet Interface Configuration Command Set

channel-group <group#> mode on

Use the channel-group mode on command to add the interface to a channel-group. To remove an interface from a channel-group, use the no version of this command. Syntax Description
<group#> mode on Specifies the channel-group number (1 to 6). Statically adds the interface to a channel group.

Default Values
By default, the interface is not part of a channel group.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
There can be up to six channel groups with 2-8 interfaces per group. Dynamic protocols are not yet supported (only static). A physical interface can be a member of only one channel group.

Usage Examples
The following example adds the Ethernet 0/1 interface to channel group 1: (config)#interface eth 0/1 (config-eth 0/1)#channel-group 1 mode on (config-eth 0/1)#

61200500L1-35E

378

Command Reference Guide

Ethernet Interface Configuration Command Set

dynamic-dns [dyndns | dyndns-custom | dyndns-static] <hostname> <username> <password>

Use the dynamic-dns command to configure Dynamic DNS service provided by Dynamic Network Services, Inc. (www.dyndns.org). Syntax Description
Refer to Functional Notes below for argument descriptions.

Default Values
No default is necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 8.1 Command was introduced.

Functional Notes
dyndns - The Dynamic DNSSM service allows you to alias a dynamic IP address to a static hostname in various domains. This allows your unit to be more easily accessed from various locations on the Internet. This service is provided for up to five hostnames. dyndns-custom - DynDNS.org's Custom DNSSM service provides a full DNS solution, giving you complete control over an entire domain name. A web-based interface provides two levels of control over your domain, catering to average or advanced users. Five globally redundant DNS servers ensure that your domain will always resolve. A choice of two interfaces is available. The basic interface is designed for most users. It comes preconfigured for the most common configuration and allows for easy creation of most common record types. The advanced interface is designed for system administrators with a solid DNS background, and provides layout and functionality similar to a BIND zone file allowing for the creation of nearly any record type. Custom DNSSM can be used with both static and dynamic IPs and has the same automatic update capability through Custom DNS-aware clients as Dynamic DNS. dyndns-static - The Static DNS service is similar to Dynamic DNS service in that it allows a hostname such as yourname.dyndns.org to point to your IP address. Unlike a Dynamic DNS host, a Static DNS host does not expire after 35 days without updates, but updates take longer to propagate though the DNS system. This service is provided for up to five hostnames.

61200500L1-35E

379

Command Reference Guide

Ethernet Interface Configuration Command Set

If your IP address does not change often or at all but you still want an easy name to remember it by (without having to purchase your own domain name), Static DNS service is ideal for you. If you would like to use your own domain name (such as yourname.com), you need Custom DNS service which also provides full dynamic and static IP address support. Usage Examples The following example sets the dynamic-dns to dyndns-custom with hostname host, username user, and password pass: (config)#interface eth 0/1 (config-eth 0/1)#dynamic-dns dyndns-custom host user pass

61200500L1-35E

380

Command Reference Guide

Ethernet Interface Configuration Command Set

full-duplex
Use the full-duplex command to configure the Ethernet interface for full-duplex operation. This allows the interface to send and receive simultaneously. Use the no form of this command to return to the default half-duplex operation. Syntax Description
No subcommands.

Default Values
By default, all Ethernet interfaces are configured for half-duplex operation.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Functional Notes
Full-duplex Ethernet is a variety of Ethernet technology currently being standardized by the IEEE. Because there is no official standard, vendors are free to implement their independent versions of full-duplex operation. Therefore, it is not safe to assume that one vendors equipment will work with another. Devices at each end of a full-duplex link have the ability to send and receive data simultaneously over the link. Theoretically, this simultaneous action can provide twice the bandwidth of normal (half-duplex) Ethernet. To deploy full-duplex Ethernet, each end of the link must only connect to a single device (a workstation or a switched hub port). With only two devices on a full-duplex link, there is no need to use the medium access control mechanism (to share the signal channel with multiple stations) and listen for other transmissions or collisions before sending data.

If the speed is manually set to 10 or 100, the duplex must be manually configured as full-duplex or half-duplex. Refer to speed [10 | 100 | auto | nonegotiate] on page 401 for more information.

The 10BaseT, 100BaseTX, and 100BaseFX signalling systems support full-duplex operation (because they have transmit and receive signal paths that can be simultaneously active).

61200500L1-35E

381

Command Reference Guide

Ethernet Interface Configuration Command Set

61200500L1-35E

385

Command Reference Guide

Ethernet Interface Configuration Command Set

Usage Examples
The following example configures Ethernet interface 0/1 to transmit LLDP packets containing all enabled information types: (config)#interface eth 0/1 (config-eth 0/1)#lldp send The following example configures Ethernet interface 0/1 to transmit and receive LLDP packets containing all information types: (config)#interface eth 0/1 (config-eth 0/1)#lldp send-and-receive

61200500L1-35E

386

Command Reference Guide

Ethernet Interface Configuration Command Set

port-auth auth-mode [mac-based | port-based]

Use the port-auth auth-mode command to configure the authentication mode. Use the no form of this command to return to the default settings. Syntax Description
mac-based port-based Specifies a MAC-based authentication mode. Each host must authenticate separately. Specifies a port-based authentication mode. Only a single host can participate in the authentication process.

Ethernet Interface Configuration Command Set

spanning-tree bpdufilter [enable | disable]

Use the spanning-tree bpdufilter command to enable or disable the BPDU filter on a specific interface. This setting overrides the related Global setting (refer to spanning-tree edgeport bpdufilter default on page 330). Use the no version of the command to return to the default setting. Syntax Description
enable disable Enables BPDU filter for this interface. Disables BPDU filter for this interface.

spanning-tree link-type [auto | point-to-point | shared]

Use the spanning-tree link-type command to configure the spanning tree protocol link type for each interface. Use the no version of the command to return to the default setting. Syntax Description
auto point-to-point shared Determines link type by the ports duplex settings. Manually sets link type to point-to-point, regardless of duplex settings. Manually sets link type to shared, regardless of duplex settings.

Default Values
By default, the interface is set to auto.

speed [10 | 100 | auto | nonegotiate]

Use the speed command to configure the speed of an Ethernet interface. Use the no form of this command to return to the default value. Syntax Description
10 100 auto nonegotiate Specifies 10 Mbps Ethernet. Specifies 100 Mbps Ethernet. Automatically detects 10 or 100 Mbps Ethernet and negotiates the duplex setting. Disables auto negotiation and forces the speed to 1 Gbps. This only applies to Gigabit Ethernet interfaces.

If the speed is manually set to 10 or 100, the duplex must be manually configured as full-duplex or half-duplex.

Default Values
By default, speed is set to auto.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 1.1 Command was introduced.

Usage Examples
The following example configures the Ethernet port for 100 Mb operation: (config)#interface ethernet 0/1 (config-eth 0/1)#speed 100

61200500L1-35E

401

Command Reference Guide

Ethernet Interface Configuration Command Set

storm-control [broadcast level | multicast level | unicast level] <rising level> <falling level>]
Use the storm-control command to configure limits on the rates of broadcast, multicast, and unicast traffic on a port. To disable storm-control, use the no version of this command. Syntax Description
broadcast level multicast level unicast level <rising level> <falling level> Sets levels for broadcast traffic. Sets levels for multicast traffic. Sets levels for unicast traffic. Specifies a rising level which determines the percentage of total bandwidth the port accepts before it begins blocking packets. Range: 0 to 100 percent. Optional. Specifies a falling level which determines when the storm is considered over, causing the AOS to no longer block packets. This level must be less than the rising level. Range: 0 to 100 percent.

Default Values
By default, storm-control is disabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
This setting configures the rising and falling suppression values. When the selected rising level (which is a percentage of total bandwidth) is reached, the port begins blocking packets of the specified type (i.e., broadcast, multicast, or unicast). The AOS uses the rising level as its falling level if no falling level is specified.

61200500L1-35E

402

Command Reference Guide

Ethernet Interface Configuration Command Set

Usage Examples
The following example sets the rising suppression level to 85 percent for multicast packets: (config)#interface eth 0/1 (config-eth 0/1)#storm-control multicast level 85 The following example sets the rising suppression level to 80 percent for broadcast packets, with a falling level of 50 percent: (config)#interface eth 0/1 (config-eth 0/1)#storm-control broadcast level 80 50

61200500L1-35E

403

Command Reference Guide

Ethernet Interface Configuration Command Set

storm-control action [shutdown]

Use the storm-control action command to select the action taken when a storm occurs. To disable the option, use the no version of this command. Syntax Description
shutdown Shuts down the interface during a storm.

switchport mode [access | stack | trunk]

Use the switchport mode command to configure the VLAN membership mode. To reset membership mode to the default value, use the no version of this command. The stack selection does not apply to the NetVanta 300 Series units. Syntax Description
access stack trunk Sets port to be a single (non-trunked) port that transmits and receives no tagged packets. Sets the port to allow it to communicate with a switch stack. Sets port to transmit and receive packets on all VLANs included within its VLAN allowed list.

Command Reference Guide

Ethernet Interface Configuration Command Set

switchport port-security maximum <max value>

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 8.1 Command was introduced.

Functional Notes
This command has no effect on VLAN membership configuration unless GVRP is enabled on the interface.

61200500L1-35E

416

Command Reference Guide

Ethernet Interface Configuration Command Set

Usage Examples
The following example changes the configured list of fixed VLANs by adding VLAN 50 to the list. (config-eth 0/20)#switchport trunk fixed vlan add 1-15,25-30,40 (config-eth 0/20)#switchport trunk fixed vlan add 50 The following example changes the configured list of fixed VLANs by removing VLANs 10-100 from the list: (config-eth 0/20)#switchport trunk fixed vlan remove 10-100 The following example changes the configured list of fixed VLANs to include only VLANs 1 to 1000: (config-eth 0/20)#switchport trunk fixed vlan 1-1000 The following example changes the configured list of fixed VLANs to include no VLANs (except those VLANs that are native): (config-eth 0/20)#switchport trunk fixed vlan none

61200500L1-35E

417

Command Reference Guide

Ethernet Interface Configuration Command Set

switchport trunk native vlan <vlan id>

Use the switchport trunk native vlan command to set the VLAN native to the interface when the interface is in trunking mode. To return to defaults, use the no version of this command. Syntax Description
<vlan id> Specifies a valid VLAN interface ID (1 to 4094).

Default Values
By default, this is set to VLAN 1.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
Configure which VLAN the interface uses as its native VLAN during trunking. Packets from this VLAN leaving the interface will not be tagged with the VLAN number. Any untagged packets received by the interface are considered a part of the native VLAN ID.

Usage Examples
The following example sets the native VLAN on Ethernet interface 0/1 to VLAN 2: (config)#interface eth 0/1 (config-eth 0/1)#switchport trunk native vlan 2

61200500L1-35E

418

Command Reference Guide

Loopback Interface Configuration Command Set

LOOPBACK INTERFACE CONFIGURATION COMMAND SET

Command Reference Guide

Loopback Interface Configuration Command Set

ip access-group <listname> [in | out]

Use the ip access-group command to create an access list to be used for packets transmitted on or received from the specified interface. Use the no form of this command to disable this type of control. Syntax Description
<listname> in out Specifies IP access list name. Enables access control on packets received on the specified interface. Enables access control on packets transmitted on the specified interface.

Usage Examples
The following example forwards all DNS broadcast traffic to the DNS server with IP address 192.33.5.99: (config)#ip forward-protocol udp domain (config)#interface loopback 1 (config-loop 1)#ip helper-address 192.33.5.99

61200500L1-35E

426

Command Reference Guide

Loopback Interface Configuration Command Set

ip route-cache
Use the ip route-cache command to enable fast-cache switching on the interface. Use the no form of this command to disable fast-cache switching and return to process switching mode. Using Network Address Translation (NAT) or the AOS firewall capabilities on an interface requires process switching mode (using the no ip route-cache command).

Syntax Description
No subcommands.

Default Values
By default, fast-cache switching is enabled on all Ethernet and virtual Frame Relay sub-interfaces. IP route-cache is enabled for all virtual PPP interfaces.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 2.1 Command was introduced.

Functional Notes
Fast switching allows an IP interface to provide optimum performance when processing IP traffic.

Usage Examples
The following example enables fast switching on the loopback interface: (config)#interface loopback 1 (config-loop 1)#ip route-cache

61200500L1-35E

427

Command Reference Guide

Loopback Interface Configuration Command Set

ip unnumbered <interface>
Use the ip unnumbered command to use the IP address assigned to the specified interface for all IP processing on the active interface. Use the no form of this command to remove the unnumbered configuration. Syntax Description
<interface> Specifies the interface in the format type slot/port (e.g., ppp 1) that contains the IP address to be used as the source address for all packets transmitted on this interface. Enter ip unnumbered ? for a complete list of valid interfaces.

snmp trap link-status

Use the snmp trap link-status command to control the Simple Network Management Protocol (SNMP) variable ifLinkUpDownTrapEnable (RFC2863) to enable (or disable) the interface to send SNMP traps when there is an interface status change. Use the no form of this command to disable this trap. Syntax Description
No subcommands.

Default Values
By default, the ifLinkUpDownTrapEnable OID is enabled for all interfaces except virtual Frame Relay interfaces.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Functional Notes
The snmp trap link-status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID (OID number 1.3.6.1.2.1.31.1.1.1.14.0).

Usage Examples
The following example disables the link-status trap on the loopback interface: (config)#interface loopback 1 (config-loop 1)#no snmp trap link-status

61200500L1-35E

431

Command Reference Guide

Port Channel Interface Config Command Set

PORT CHANNEL INTERFACE CONFIG COMMAND SET

Command History
Release 9.1 Command was introduced.

61200500L1-35E

435

Command Reference Guide

Port Channel Interface Config Command Set

Functional Notes
The snmp trap link-status command is used to control the RFC2863 ifLinkUpDownTrapEnable OID (OID number 1.3.6.1.2.1.31.1.1.1.14.0).

Usage Examples
The following example disables the link-status trap on the port channel interface: (config)#interface port-channel 1 (config-p-chan 1)#no snmp trap link-status

61200500L1-35E

439

Command Reference Guide

Port Channel Interface Config Command Set

spanning-tree bpdufilter [enable | disable]

Use the spanning-tree bpdufilter command to enable or disable the BPDU filter on a specific interface. This setting overrides the related global setting (refer to spanning-tree edgeport default on page 332). Use the no version of the command to return to the default setting. Syntax Description
enable disable Enables BPDU filter for this interface. Disables BPDU filter for this interface.

Default Values
By default, this setting is disabled.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Functional Notes
The bpdufilter blocks any BPDUs from being transmitted and received on an interface.

Usage Examples
The following example enables the BPDU filter on the port channel interface: (config)#interface port-channel 3 (config-p-chan 3)#spanning-tree bpdufilter enable The BPDU filter can be disabled on port channel 3 by issuing the following commands: (config)#interface port-channel 3 (config-p-chan 3)#spanning-tree bpdufilter disable

61200500L1-35E

440

Command Reference Guide

61200500L1-35E

447

Command Reference Guide

61200500L1-35E

453

Command Reference Guide

Port Channel Interface Config Command Set

Usage Examples
The following example changes the configured list of fixed VLANs by adding VLAN 50 to the list: (config-p-chan 1)#switchport trunk fixed vlan add 1-15,25-30,40 (config-p-chan 1)# (config-p-chan 1)#switchport trunk fixed vlan add 50 (config-p-chan 1)#

61200500L1-35E

454

Command Reference Guide

Port Channel Interface Config Command Set

switchport trunk native vlan <vlan id>

Default Values
By default, this is set to VLAN 1.

Applicable Platforms
This command applies to the NetVanta 300, 1000, and 1000R Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following example sets the native VLAN on port channel 1 to VLAN 2: (config)#interface port-channel 1 (config-p-chan 1)#switchport trunk native vlan 2

61200500L1-35E

455

Command Reference Guide

VLAN Configuration Command Set

VLAN CONFIGURATION COMMAND SET

61200500L1-35E

467

Command Reference Guide

VLAN Database Configuration Command Set

vlan <vlan id> state [active | suspend]

Use the vlan state command to change the state of the VLAN. Use the no form of this command to return to the default setting. Syntax Description
<vlan id> active suspend Specifies a valid VLAN interface ID (1 to 4094). Changes the VLAN state to active. Changes the VLAN state to suspended.

Default Values
The default setting is active (once the VLAN has been created).

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following example sets the VLAN state to suspended: (config)#vlan database (vlan)#vlan 2 state suspend

61200500L1-35E

468

Command Reference Guide

VLAN Interface Config Command Set

VLAN INTERFACE CONFIG COMMAND SET

To activate the VLAN Interface Configuration mode, enter the interface vlan command at the Global Configuration mode prompt. For example:
>enable #configure terminal (config)#interface vlan 1 #

61200500L1-35E

469

Command Reference Guide

VLAN Interface Config Command Set

arp arpa
Use the arp arpa command to enable address resolution protocol (ARP) on the VLAN interface. Syntax Description
arpa Sets the standard address resolution protocol for this interface.

Default Values
The default for this command is arpa.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

Command History
Release 5.1 Release 6.1 Command was introduced. Command was extended to include NetVanta 2000 Series units.

Usage Examples
The following example enables standard ARP for the VLAN interface: (config)#interface vlan 1 (config-interface-vlan 1)#arp arpa

61200500L1-35E

470

Command Reference Guide

VLAN Interface Config Command Set

ip address <address> <mask> secondary

Use the ip address command to define an IP address on the specified interface. Use the no form of this command to remove a configured IP address. Syntax Description
<address> <mask> secondary Defines the IP address for the interface in dotted decimal notation (for example: 192.22.73.101). Specifies the subnet mask that corresponds to the listed IP address. Optional. Configures a secondary IP address for the specified interface.

Default Values
By default, there are no assigned IP addresses.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following example configures an IP address of 192.22.72.101/30: (config)#interface vlan 1 (config-interface-vlan 1)#ip address 192.22.72.101 255.255.255.252

61200500L1-35E

471

Command Reference Guide

VLAN Interface Config Command Set

ip address dhcp
Use the ip address dhcp command to use Dynamic Host Configuration Protocol (DHCP) to obtain an address on the interface. Use the no form of this command to remove a configured IP address (using DHCP) and disable DHCP operation on the interface.
ip address dhcp [client-id [<interface> | <identifier>] hostname <string>]

Syntax Description
client-id <interface> Optional. Specifies the client identifier used when obtaining an IP address from a DHCP server. Specifying an interface defines the client identifier as the hexadecimal MAC address of the specified interface (including a hexadecimal number added to the front of the MAC address to identify the media type). For example, specifying the client-id ethernet 0/1 (where the Ethernet interface has a MAC address of d217.0491.1150) defines the client identifier as 01:d2:17:04:91:11:50 (where 01 defines the media type as Ethernet). Refer to hardware-address <hardware-address> <type> on page 488 for a detailed listing of media types. <identifier> Specifies a custom client-identifier using a text string (that is converted to a hexadecimal equivalent) or 7 to 28 hexadecimal numbers (with colon delimiters). For example, a custom client identifier of 0f:ff:ff:ff:ff:51:04:99:a1 may be entered using the <identifier> option. hostname <string> no-default-route no-domain-name no-nameservers Optional. Specifies a text string (to override the global router name) to use as the name in the DHCP option 12 field. String (enclosed in quotation marks) of up to 35 characters to use as the name of the host for DHCP operation. Keyword used to specify that the AOS not install the default-route obtained via DHCP. Keyword used to specify that the AOS not install the domain-name obtained via DHCP. Keyword used to specify that the AOS not install the DNS servers obtained via DHCP.

Default Values
client-id Optional. By default, the client identifier is populated using the following formula: TYPE: INTERFACE SPECIFIC INFO : MAC ADDRESS Where TYPE specifies the media type in the form of one hexadecimal byte (refer to hardware-address <hardware-address> <type> on page 488 for a detailed listing of media types), and the MAC ADDRESS is the Media Access Control (MAC) address assigned to the first Ethernet interface in the unit in the form of six hexadecimal bytes. (For units with a single Ethernet interface, the MAC ADDRESS assigned to Ethernet 0/1 is used in this field).

61200500L1-35E

472

Command Reference Guide

VLAN Interface Config Command Set

INTERFACE SPECIFIC INFO is only used for Frame Relay interfaces and can be determined using the following: FR_PORT# : Q.922 ADDRESS Where the FR_PORT# specifies the label assigned to the virtual Frame Relay interface using four hexadecimal bytes. For example, a virtual Frame Relay interface labeled 1 would have a FR_PORT# of 00:00:00:01. The Q.922 ADDRESS field is populated using the following:

2 C/R

1 EA EA

DLCI (high order) DLCI (lower) FECN BECN

Where the FECN, BECN, C/R, DE, and high order EA bits are assumed to be 0 and the lower order extended address (EA) bit is set to 1. The following list provides a few example DLCIs and associated Q.922 address: DLCI (decimal) / Q.922 address (hex) 16 / 0x0401 50 / 0x0C21 60 / 0x0CC1 70 / 0x1061 80 / 0x1401 hostname <string> Optional. Specifies a text string (to override the global router name) to use as the name in the DHCP option 12 field. By default, the hostname is the name configured using the Global Configuration hostname command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

61200500L1-35E

473

Command Reference Guide

VLAN Interface Config Command Set

Functional Notes
DHCP allows interfaces to acquire a dynamically assigned IP address from a configured DHCP server on the network. Many Internet Service Providers (ISPs) require the use of DHCP when connecting to their services. Using DHCP reduces the number of dedicated IP addresses the ISP must obtain. Consult your ISP to determine the proper values for the client-id and hostname fields.

Usage Examples
The following example enables DHCP operation on the VLAN interface (labeled 1): (config)#interface vlan 1 (config-interface-vlan 1)#ip address dhcp

61200500L1-35E

474

Command Reference Guide

snmp trap link-status

Use the snmp trap link-status command to control the Simple Network Management Protocol (SNMP) variable ifLinkUpDownTrapEnable (RFC 2863) to enable (or disable) the interface to send SNMP traps when there is an interface status change. Use the no form of this command to disable this trap. Syntax Description
No subcommands.

Default Values
By default, the ifLinkUpDownTrapEnable OID is set to enabled for all interfaces except virtual Frame Relay interfaces.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, and 2000 Series units.

Functional Notes
The snmp trap link-status command is used to control the RFC 2863 ifLinkUpDownTrapEnable OID (OID number 1.3.6.1.2.1.31.1.1.1.14.0).

The Q.922 ADDRESS field is populated using the following:

2 C/R

1 EA EA

DHCP Pool Command Set

host <address> [<subnet mask> or <prefix length>]

Use the host command to specify the IP address and subnet mask for a manual binding to a Dynamic Host Configuration Protocol (DHCP) client. Use the no form of this command to remove the configured client address. Syntax Description
<address> <subnet mask> Specifies the IP address (in dotted decimal notation) for a manual binding to a DHCP client. Optional. Specifies the network mask (subnet) for a manual binding to a DHCP client. If the subnet mask is left unspecified, the DHCP server examines its address pools to obtain an appropriate mask. If no valid mask is found in the address pools, the DHCP server uses the Class A, B, or C natural mask. <prefix length> Optional. Alternately, the prefix length may be used to specify the number of bits that comprise the network address. The prefix length must be preceded by a forward slash ( / ). For example, to specify an IP address with a subnet mask of 255.255.0.0, enter /16 after the address.

Default Values
By default, there are no specified host addresses.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 2.1 Command was introduced.

Usage Examples
The following examples show two different ways to specify a client with IP address 12.200.5.99 and a 21-bit subnet mask: (config)#ip dhcp-server pool MyPool (config-dhcp)#host 12.200.5.99 255.255.248.0 or (config)#ip dhcp-server pool MyPool (config-dhcp)#host 12.200.5.99/21

61200500L1-35E

490

Command Reference Guide

DHCP Pool Command Set

lease <days> <hours> <minutes>

Use the lease command to specify the duration of the lease for an IP address assigned to a Dynamic Host Configuration Protocol (DHCP) client. Use the no form of this command to return to the default lease value. Syntax Description
<days> <hours> <minutes> Specifies the duration of the IP address lease in days. Optional. Specifies the number of hours in a lease. You may only enter a value in the hours field if the days field is specified. Optional. Specifies the number of minutes in a lease. You may only enter a value in the minutes field if the days and hours fields are specified.

network <address> [<subnet mask> or <prefix length>]

Use the network command to specify the subnet number and mask for an AOS Dynamic Host Configuration Protocol (DHCP) server address pool. Use the no form of this command to remove a configured subnet. Syntax Description
<ip address> <subnet mask> <prefix length> Specifies the IP address (in dotted decimal notation) of the DHCP address pool. Optional. Specifies the network mask (subnet) for the address pool. If the subnet mask is left unspecified, the DHCP server uses the Class A, B, or C natural mask. Optional. Alternately, the prefix length may be used to specify the number of bits that comprise the network address. The prefix length must be preceded by a forward slash ( / ). For example, to specify an IP address with a subnet mask of 255.255.0.0, enter /16 after the address.

Default Values
By default, there are no configured DHCP address pools.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 2.1 Command was introduced.

Usage Examples
The following examples show two different ways to configure an address pool subnet of 192.34.0.0 with a 16-bit subnet mask: (config)#ip dhcp-server pool MyPool (config-dhcp)#network 192.34.0.0 255.255.0.0 or (config)#ip dhcp-server pool MyPool (config-dhcp)#network 192.34.0.0 /16

61200500L1-35E

494

Command Reference Guide

DHCP Pool Command Set

ntp-server <ip address>

Use the ntp-server command to specify the name of the Network Time Protocol (NTP) server published to the client. Syntax Description
<ip address> Specifies the IP address of the NTP server.

RADIUS GROUP COMMAND SET

To activate the Radius Group mode, enter the aaa group server command at the Global Configuration mode prompt. For example:
>enable #configure terminal (config)#aaa group server radius myServer (config-sg-radius)#

61200500L1-35E

499

Command Reference Guide

Radius Group Command Set

server [acct-port <port number>| auth-port <port number>]

Use the server command to add a predefined RADIUS server to the current named list of servers. See radius-server on page 311 for more information. Syntax Description
acct-port <port number> auth-port <port number> Defines the accounting port value. Defines the authorization port value.

Default Values
No defaults necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 5.1 Command was introduced.

Usage Examples
The following example adds a server to the myServers list: (config)#aaa group server radius myServers (config-sg-radius)#server 1.2.3.4 acct-port 786 auth-port 1812 (config-sg-radius)#server 4.3.2.1 (config-sg-radius)#exit (config)# or (config)#aaa group server radius myServers (config-sg-radius)#server 4.3.2.1 (config-sg-radius)#exit (config)#

61200500L1-35E

500

Command Reference Guide

TACACS+ Group Configuration Command Set

TACACS+ GROUP CONFIGURATION COMMAND SET

To activate the Terminal Access Controller Access Control System Plus (TACACS+) Group Configuration mode, enter the aaa group server tacacs+ command at the Global Configuration mode prompt. For example:
>enable #configure terminal (config)#aaa group server tacacs+ TEST GROUP (config-sg-tacacs+)#

61200500L1-35E

501

Command Reference Guide

TACACS+ Group Configuration Command Set

server <host>
Use the server command to specify a particular TACACS+ servers IP address or host name. Syntax Description
<host> Specifies a TACACS+ server IP address.

Default Values
No default is necessary for this command.

Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900 Series units.

Command History
Release 11.1 Command was introduced.

Usage Examples
The following example specifies the IP address of the TACACS+ server: (config)#aaa group server tacacs+ TEST_GROUP (config-sg-tacacs+)#server 192.168.1.1 (config-sg-tacacs+)#

61200500L1-35E

502

Command Reference Guide

Index

aaa processes 223 abort 461 access-class in 358, 366 accounting commands 345, 359, 367 alias 25 apply 462 arp arpa 224, 377, 433, 470 authorization commands 346, 360, 368

Command Line Interface

accessing with PC 7 error messages 12 shortcuts 9

command security levels

basic 8 enable 8

B
bandwidth 420 banner 227 basic 8 Basic Mode command set 14 boot system flash 228 bridge protocol 229

common CLI functions 11 common commands 24 configuration 205 configuration modes

global 8 interface 8 line 8 router 8 configure 63

C
channel-group mode on 378 clear arp-cache 36 clear arp-entry 37 clear buffers max-used 38 clear counters 39 clear counters port-channel 40 clear counters vlan 41 clear dump-core 42 clear event-history 43 clear gvrp statistics 44 clear ip dhcp-server binding 45 clear lldp counters 46 clear lldp counters interface 47 clear lldp neighbors 48 clear mac address-table dynamic 49 clear port-security 50 clear port-security violation-count 51 clear processes cpu max 52 clear spanning-tree counters 53 clear spanning-tree detected-protocols 54 clear tacacs+ statistics 55 clear user 56 CLI
accessing with PC 7 error messages 12 introduction 7 shortcuts 9 client-identifier 482 client-name 484 clock auto-correct-dst 57, 230 clock no-auto-correct-dst 58 clock set 59, 231 clock timezone 60, 232 command descriptions 13 command level path 9

console port
configuring 7 receiving files 68 copy 64 copy console 65 copy flash 66 copy tftp 67 copy xmodem 68 cross-connect 26, 235 customer service 3

D
databits 347 debug 11 debug aaa 69 debug auto-config 70 debug data-call 71 debug dynamic-dns 72 debug gvrp bpdus 73 debug gvrp interface 74 debug gvrp vlans 75 debug interface 76 debug ip dhcp-client 77 debug ip dhcp-server 78 debug ip dns-client 79 debug ip dns-proxy 80 debug ip http 81 debug ip icmp 82 debug ip mrouting 83 debug ip tcp events 84 debug ip udp 86 debug lldp 88 debug port security 90 debug port-auth 89 debug radius 91 debug sntp 92 debug spanning-tree 94

61200500L1-35E

503

Command Reference Guide

Index

debug spanning-tree bpdu 93 debug stack 95 debug system 96 default-router 485 description 29 DHCP Pool command set 481 dir 97, 98 disable, basic mode 15 disable, enable mode 99 dns-server 486 do 30 domain-name 487 dynamic-dns 379, 421

E
enable 15, 100 Enable Mode command set 34 enable password 238 enable, basic mode 15, 100 enable, enable mode 34 enable, understanding 8 end 31 erase 101 Ethernet Interface Configuration command set 374 Ethernet Sub-Interface Configuration command set 374 event-history on 240 event-history priority 240, 241 events 102 exception report 243 exception report generate 103 exit 32

F
flowcontrol 348 ftp authentication 244 full-duplex 381

G
garp timer 245 Gigabit-Ethernet Interface Configuration command set
374

interface port-channel 432 interface range 249, 374 interface vlan 469 ip access-group 423 ip access-list extended 250 ip access-list standard 256 ip address 424, 471 ip address dhcp 472 ip address secondary 424 ip default-gateway 260 ip dhcp 475 ip dhcp-server database local 261 ip dhcp-server excluded-address 262 ip dhcp-server ping packets 263 ip dhcp-server ping timeout 264 ip dhcp-server pool 265, 481 ip domain-lookup 266 ip domain-name 267 ip domain-proxy 268 ip ftp access-class 269 ip ftp agent 270 ip ftp source-interface 271 ip helper-address 425 ip host 272 ip http 273 ip mtu 476 ip name-server 274 ip radius source-interface 275 ip route-cache 427 ip scp server 276 ip snmp agent 277 ip sntp source-interface 278 ip ssh-server 279 ip telnet-server 279 ip tftp source-interface 280 ip unnumbered 428, 477

L
lease 491 Line (Console) Interface Configuration command set 344 Line (Ssh) Interface Configuration command set 357 Line (Telnet) Interface Configuration command set 365 line console 281, 344 line ssh 281, 357 line telnet 281, 365 line-timeout 349, 361, 369 lldp 283 lldp receive 384, 434 lldp send 385, 435 logging console 285 logging email address list 286 logging email address-list 288

Global Configuration Mode command set 205 gvrp 246

H
half-duplex 383 hardware-address 488 host 490 hostname 247

I
interface 248 interface ethernet 374 interface ethernet sub 374 interface gigabit-ethernet 374 interface loopback 419

61200500L1-35E

504

Command Reference Guide

Index

logging email exception-report address list 287 logging email on 288 logging email priority-level 289 logging email receiver-ip 290 logging email source-interface 292 logging facility 293 logging forwarding on 295 logging forwarding priority-level 295, 296 logging forwarding receiver-ip 297 logging forwarding source-interface 298 login 350, 362, 370 login authentication 351, 363, 371 login local-userlist 352, 364, 372 logout 16, 104 Loopback Interface Configuration command set 419

qos cos-map 307 qos dscp-cos 308 qos queue-type strict-priority 309 qos queue-type wrr 310

R
Radius Group command set 499 radius-server 311 radius-server host 313 reload 108 reset 463

S
server 500, 502 service password-encryption 314 shortcuts 9 show 464 show arp 109 show auto-config 110 show buffers 111 show buffers users 112 show channel-group 114 show clock 19, 115 show configuration 116 show debugging 118 show dynamic-dns 119 show event-history 120, 240 show flash 121 show garp timer 122 show gvrp configuration 123 show gvrp statistics interface 124 show hosts 125 show interfaces 126 show interfaces switchport 130 show ip arp 131 show ip dhcp-client lease 132 show ip dhcp-server binding 133 show ip interfaces 134 show ip traffic 135 show lldp 136 show lldp device 137 show lldp interface 138 show lldp neighbors interface 139 show lldp neighbors statistics 141 show mac address-table 142 show mac address-table address 144 show mac address-table aging-time 146 show mac address-table count 147 show mac address-table dynamic 148 show mac address-table interface 150 show mac address-table static 151 show memory 153 show monitor session 155

M
mac address-table aging-time 299 mac address-table static 300 mac-address 478 media 457 monitor session 301 mtu 429

N
name 458 netbios-name-server 492 netbios-node-type 493 network 494 no enable password 238 ntp-server 495

O
option 496

P
parity 353 password 354, 373 ping 17, 105 ping stack-member 107 port-auth auth-mode 387 port-auth control-direction 388 port-auth default 302 port-auth max-req 303 port-auth multiple-hosts 389 port-auth port-control 390 port-auth re-authentication 304 port-auth timeout 305 Port-Channel Interface Configuration command set 432 port-channel load-balance 306 power inline 391 preventing unauthorized users 8 product support 3

Q
qos 392, 437

61200500L1-35E

505

Command Reference Guide

Index

show output-startup 156 show port-auth 157 show port-security 159 show power inline 160 show processes 162 show qos 164 show radius statistics 166 show running-config 167 show snmp 20, 169 show sntp 170 show spanning-tree active 172 show spanning-tree blockedports 173 show spanning-tree interface ethernet 175 show spanning-tree interface gigabit-ethernet 176 show spanning-tree interface port-channel 177 show spanning-tree pathcost method 178 show spanning-tree realtime 179 show spanning-tree root 181 show spanning-tree summary 182 show spanning-tree, status 171 show stack 183 show startup-config 186 show startup-config checksum 188 show tacacs+ statistics 189 show tcp info 190 show users 192 show version 21, 194 show vlan 195 shutdown 33 snmp trap 393, 430, 438, 479 snmp trap link-status 394, 431, 439, 480 snmp-server chassis-id 315 snmp-server community 316 snmp-server contact 317, 318 snmp-server enable traps 319 snmp-server host traps 320 snmp-server host traps version 321 snmp-server location 322 snmp-server management-url 323 snmp-server management-url-label 324 snmp-server source-interface 325 snmp-server view 326 sntp retry-timeout 327 sntp server 328 sntp wait-time 329 spanning-tree bpdufilter 395, 440 spanning-tree bpduguard 396, 441 spanning-tree bpduguard default 331 spanning-tree cost 442 spanning-tree edgeport 397, 443 spanning-tree edgeport bpdufilter default 330

spanning-tree edgeport default 332 spanning-tree forward-time 333 spanning-tree hello-time 334 spanning-tree link-type 398, 444 spanning-tree max-age 335 spanning-tree mode 336 spanning-tree pathcost 337 spanning-tree pathcost method 399 spanning-tree port-priority 400, 445 spanning-tree priority 338 speed 355, 401 stack 339 state 459 stopbits 356 storm-control 402, 446 storm-control action 404, 448 switchport access vlan 405 switchport gvrp 406, 450 switchport mode 407 switchport port-security 409 switchport port-security aging 410 switchport port-security expire 411 switchport port-security mac-address 412 switchport port-security maximum 413 switchport port-security violation 414 switchport protected 408 switchport trunk allowed vlan 415 switchport trunk fixed vlan 416, 453 switchport trunk native vlan 418

T
TACACS Plus Group Configuration command set 501 tacacs-server 341 telnet 22, 197 telnet stack-member 198 terminal length 199 tftp-server 497 timezone-offset 498 traceroute 23, 200 training 5

U
unauthorized users 8 undebug all 201 username password 342

V
vlan 343
command set 456 media 466 name 467 state 468 vlan id 465

VLAN Configuration command set 456

61200500L1-35E

506

Command Reference Guide

Index

vlan database 202 VLAN Database Configuration command set 460 VLAN Interface Configuration command set 469 VT100 configuration 7

W
warranty 3 write 204

61200500L1-35E

507

Dial Plan and Call Routing Demystified On Cisco Collaboration Technologies: Cisco Unified Communication Manager
From Everand
Dial Plan and Call Routing Demystified On Cisco Collaboration Technologies: Cisco Unified Communication Manager
Redouane MEDDANE
No ratings yet
Total Access 5000 - 5006 Upgrade MOP - System Release 6.0.2
No ratings yet
Total Access 5000 - 5006 Upgrade MOP - System Release 6.0.2
100 pages
User Guide Manual PDF
100% (1)
User Guide Manual PDF
166 pages
AOE Services Management System Release AOE20.02 Release Notes
No ratings yet
AOE Services Management System Release AOE20.02 Release Notes
64 pages
830-01929-08 ZMS OSS Guide
No ratings yet
830-01929-08 ZMS OSS Guide
262 pages
Sip Trunk Service Configuration Guide For Intelepeer: Nda-31687 Issue 2.0
No ratings yet
Sip Trunk Service Configuration Guide For Intelepeer: Nda-31687 Issue 2.0
36 pages
Building Telephony Systems with OpenSER
From Everand
Building Telephony Systems with OpenSER
Goncalves Flavio E.
No ratings yet
WAN TECHNOLOGY FRAME-RELAY: An Expert's Handbook of Navigating Frame Relay Networks
From Everand
WAN TECHNOLOGY FRAME-RELAY: An Expert's Handbook of Navigating Frame Relay Networks
Mamta Devi
No ratings yet
DGS 1200 Series Manual
No ratings yet
DGS 1200 Series Manual
52 pages
DPtech FW1000 Series Application Firewall User Manual v5.0
No ratings yet
DPtech FW1000 Series Application Firewall User Manual v5.0
415 pages
Huawei 227463419 RRU Cascading and RRU Interconnection
No ratings yet
Huawei 227463419 RRU Cascading and RRU Interconnection
4 pages
QoS Hierarchical Queueing Framework Configuration Guide, CiscoIOS Release 15M&T
No ratings yet
QoS Hierarchical Queueing Framework Configuration Guide, CiscoIOS Release 15M&T
32 pages
Cisco 903 Series
No ratings yet
Cisco 903 Series
266 pages
Tellabs 8620 Access Switch Reference Manual FP 2.7
No ratings yet
Tellabs 8620 Access Switch Reference Manual FP 2.7
90 pages
DCM General Healcheck
No ratings yet
DCM General Healcheck
13 pages
alcatel Lucent Configuring Packet Ip Filters
No ratings yet
alcatel Lucent Configuring Packet Ip Filters
5 pages
A901E Lab Guide
No ratings yet
A901E Lab Guide
70 pages
Zhone Dslam
No ratings yet
Zhone Dslam
410 pages
Cisco ME 3400 Series Ethernet Access Switches
No ratings yet
Cisco ME 3400 Series Ethernet Access Switches
19 pages
MD110 Tech Guide Help
100% (1)
MD110 Tech Guide Help
335 pages
Vuc SMB CP Cme
100% (1)
Vuc SMB CP Cme
221 pages
ZXR10 M6000 (V2.00.20) Carrier-Class Router Configuration Guide (IPv4 BRAS)
No ratings yet
ZXR10 M6000 (V2.00.20) Carrier-Class Router Configuration Guide (IPv4 BRAS)
362 pages
PCE385
No ratings yet
PCE385
100 pages
Plar Config
No ratings yet
Plar Config
7 pages
Alcatel Network Using Alcatel Products
100% (1)
Alcatel Network Using Alcatel Products
1 page
VSR, TiMOS) First Boot Provisioning - Networking in A Service Provider Way
No ratings yet
VSR, TiMOS) First Boot Provisioning - Networking in A Service Provider Way
6 pages
SN 20200218 02 D9902 SSD ELT Problem
No ratings yet
SN 20200218 02 D9902 SSD ELT Problem
22 pages
Cisco ASA Syslogs Messages
100% (1)
Cisco ASA Syslogs Messages
730 pages
Adtran - Packet Optical 2.0 - Supporting Video and Gigabit Services
No ratings yet
Adtran - Packet Optical 2.0 - Supporting Video and Gigabit Services
36 pages
Motorola Configuration Guide
100% (1)
Motorola Configuration Guide
17 pages
Guide For Rommon Recovery, IOS UP-gradation & Download File From Flash of Router & Switch (Cisco & Huawei)
No ratings yet
Guide For Rommon Recovery, IOS UP-gradation & Download File From Flash of Router & Switch (Cisco & Huawei)
16 pages
NRSII_Lab_Workshop_A_OSPF
No ratings yet
NRSII_Lab_Workshop_A_OSPF
92 pages
Metro Ethernet Services Overview2
No ratings yet
Metro Ethernet Services Overview2
28 pages
Comparison of Cisco, Huawei and Juniper Command Line
No ratings yet
Comparison of Cisco, Huawei and Juniper Command Line
6 pages
Zhone Product Guide
100% (1)
Zhone Product Guide
12 pages
BCNP Nutshell
No ratings yet
BCNP Nutshell
56 pages
OLT1404A/OLT1408A: 1U Pizza Box 4/8-Port GPON OLT
No ratings yet
OLT1404A/OLT1408A: 1U Pizza Box 4/8-Port GPON OLT
4 pages
sjzl20061885-ZXR10 1800&2800&3800 Router User's Manual (Volume II) - 110862 PDF
No ratings yet
sjzl20061885-ZXR10 1800&2800&3800 Router User's Manual (Volume II) - 110862 PDF
321 pages
1655amu E&o 5.0
No ratings yet
1655amu E&o 5.0
19 pages
Ceragon - Ip20
No ratings yet
Ceragon - Ip20
84 pages
E-Series Introdution To Juniper Network Routers
No ratings yet
E-Series Introdution To Juniper Network Routers
158 pages
Config CISCO ASA5505 PDF
No ratings yet
Config CISCO ASA5505 PDF
1,638 pages
DA3400 3600A Guide
No ratings yet
DA3400 3600A Guide
84 pages
Routing JNASC Juniper - Curso
No ratings yet
Routing JNASC Juniper - Curso
160 pages
L2 VPN Architectures
No ratings yet
L2 VPN Architectures
643 pages
T-Marc 3208SH User Guide Ver 3.5.R1
100% (1)
T-Marc 3208SH User Guide Ver 3.5.R1
982 pages
15360719-Collect CUCM Logs From CLI of The Server During HIGH CPU For Cisco TAC
100% (1)
15360719-Collect CUCM Logs From CLI of The Server During HIGH CPU For Cisco TAC
28 pages
26-CCNP-Route BGP Case Study
No ratings yet
26-CCNP-Route BGP Case Study
4 pages
ZXR10 5900E Configuration Guide (Basic Configuration)
No ratings yet
ZXR10 5900E Configuration Guide (Basic Configuration)
174 pages
Debug Commands Cube
No ratings yet
Debug Commands Cube
1 page
Ruckus Design Best Practices v2
No ratings yet
Ruckus Design Best Practices v2
19 pages
DCC Solutions For SONET/SDH Systems: October 2003
No ratings yet
DCC Solutions For SONET/SDH Systems: October 2003
21 pages
REP Carrier-Ethernet-resiliency Phuong v2
No ratings yet
REP Carrier-Ethernet-resiliency Phuong v2
20 pages
ISAM R2.2 CLI Command Guide
100% (4)
ISAM R2.2 CLI Command Guide
923 pages
Cacti 0.8 Beginner's Guide
From Everand
Cacti 0.8 Beginner's Guide
Thomas Urban
No ratings yet
Voice over LTE Standard Requirements
From Everand
Voice over LTE Standard Requirements
Gerardus Blokdyk
3/5 (1)
Cisco Unified Communications Manager 8: Expert Administration Cookbook
From Everand
Cisco Unified Communications Manager 8: Expert Administration Cookbook
Ezell
No ratings yet
Windows Server 2008 For Dummies
From Everand
Windows Server 2008 For Dummies
Ed Tittel
No ratings yet
Drive testing The Ultimate Step-By-Step Guide
From Everand
Drive testing The Ultimate Step-By-Step Guide
Gerardus Blokdyk
No ratings yet
Border Gateway Protocol Second Edition
From Everand
Border Gateway Protocol Second Edition
Gerardus Blokdyk
No ratings yet
SD-WAN A Complete Guide
From Everand
SD-WAN A Complete Guide
Gerardus Blokdyk
No ratings yet
Marual Mercury Panes
No ratings yet
Marual Mercury Panes
28 pages
Performance Assessment of Reactive Routing Protocols in Mobile Ad-Hoc Networks Under CBR Traffic Using Ns2
No ratings yet
Performance Assessment of Reactive Routing Protocols in Mobile Ad-Hoc Networks Under CBR Traffic Using Ns2
4 pages
CCNA Project
No ratings yet
CCNA Project
8 pages
VAPT
No ratings yet
VAPT
119 pages
Instant Access to Silence on the Wire A Field Guide to Passive Reconnaissance and Indirect Attacks 1st Edition Michal Zalewski ebook Full Chapters
100% (6)
Instant Access to Silence on the Wire A Field Guide to Passive Reconnaissance and Indirect Attacks 1st Edition Michal Zalewski ebook Full Chapters
67 pages
Micom Px4X: Dual Redundant Ethernet Board (Upgrade)
No ratings yet
Micom Px4X: Dual Redundant Ethernet Board (Upgrade)
44 pages
IUB Measurements Per NodeB
No ratings yet
IUB Measurements Per NodeB
13 pages
Modbus Protocol Stack Cheatsheet
No ratings yet
Modbus Protocol Stack Cheatsheet
5 pages
Spanning-Tree Direct Vs Indirect Link Failures - Imp - CCIE Blog - IPexpert
No ratings yet
Spanning-Tree Direct Vs Indirect Link Failures - Imp - CCIE Blog - IPexpert
12 pages
History of MPLS
No ratings yet
History of MPLS
2 pages
Iconos Redes..
No ratings yet
Iconos Redes..
2 pages
Wireshark EXAMPLE
No ratings yet
Wireshark EXAMPLE
69 pages
GPRS Tutorial
No ratings yet
GPRS Tutorial
25 pages
RC Ds Iscom Ht803g-Ua (Rel 01)
No ratings yet
RC Ds Iscom Ht803g-Ua (Rel 01)
5 pages
Cisco Validated Design: Deploying IWAN Performance Routing
No ratings yet
Cisco Validated Design: Deploying IWAN Performance Routing
20 pages
Industrial Communication: Chapter 4: Ethernet Modbus TCP/IP
75% (4)
Industrial Communication: Chapter 4: Ethernet Modbus TCP/IP
66 pages
Troubleshooting Cisco Ip Phone Registration Problems With Cisco Callmanager 3.X and 4.X
No ratings yet
Troubleshooting Cisco Ip Phone Registration Problems With Cisco Callmanager 3.X and 4.X
23 pages
Working With Node Red (LAB-V)
No ratings yet
Working With Node Red (LAB-V)
80 pages
CCNA Implementing and Administering Cisco Solutions 200-301
No ratings yet
CCNA Implementing and Administering Cisco Solutions 200-301
4 pages
KNX-INTEGRATION InstallationGuide
No ratings yet
KNX-INTEGRATION InstallationGuide
11 pages
Module 4 Networking
0% (1)
Module 4 Networking
18 pages
FortiGate Interfaces
No ratings yet
FortiGate Interfaces
6 pages
Supernetting and CIDR
No ratings yet
Supernetting and CIDR
20 pages
GPON Xpert Product Description
No ratings yet
GPON Xpert Product Description
37 pages
3com Switch 8800 Family Installation Guide
No ratings yet
3com Switch 8800 Family Installation Guide
104 pages
DES 1228 - Datasheet - EN - DE
No ratings yet
DES 1228 - Datasheet - EN - DE
3 pages
CCIE Collaboration Home Lab Topology and Base Configurations PDF
No ratings yet
CCIE Collaboration Home Lab Topology and Base Configurations PDF
26 pages
CCNA IP Addressing VLSM Cheat Sheet
100% (1)
CCNA IP Addressing VLSM Cheat Sheet
4 pages
Attachment 1
No ratings yet
Attachment 1
2 pages